{"id":16643680,"url":"https://github.com/xtonousou/dienes","last_synced_at":"2025-10-04T21:28:01.860Z","repository":{"id":42367363,"uuid":"479455372","full_name":"xtonousou/dienes","owner":"xtonousou","description":"MSAD-DNS async API middleware","archived":false,"fork":false,"pushed_at":"2022-04-10T12:18:46.000Z","size":82,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-02-02T08:31:46.838Z","etag":null,"topics":["automation","celery","dns","dns-api","fastapi","jinja","microsoft-dns","powershell","python","redis","restful-api"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xtonousou.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-04-08T16:03:58.000Z","updated_at":"2024-06-15T15:33:04.000Z","dependencies_parsed_at":"2022-09-02T21:22:12.362Z","dependency_job_id":null,"html_url":"https://github.com/xtonousou/dienes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtonousou%2Fdienes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtonousou%2Fdienes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtonousou%2Fdienes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtonousou%2Fdienes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xtonousou","download_url":"https://codeload.github.com/xtonousou/dienes/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238961243,"owners_count":19559448,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","celery","dns","dns-api","fastapi","jinja","microsoft-dns","powershell","python","redis","restful-api"],"created_at":"2024-10-12T08:09:17.158Z","updated_at":"2025-10-04T21:27:56.811Z","avatar_url":"https://github.com/xtonousou.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dienes\n\n\u003cp align=\"center\"\u003e\u003cimg width=50% src=\"media/logo.png\"\u003e\u003c/img\u003e\u003c/p\u003e\u003c/br\u003e\n\u003cp align=\"center\"\u003eSimple \u0026 Async API to add, update and remove DNS records to/from MS Windows DNS Server\u003c/p\u003e\n\n---\n\n## Installation\n\n\u003e Currently tested on Rocky Linux 8.5\n\n### System Prerequisites\n\nRun all the below commands as **root** user\n\n```bash\ndnf module install -y python39\ndnf module reset -y redis\ndnf module install -y redis:6\ndnf module reset -y nginx\ndnf module install -y nginx:1.20\ndnf install -y gcc krb5-devel gssntlmssp python39-devel\n```\n\nClone the repo from main branch\n```bash\ngit clone --depth 1 https://github.com/xtonousou/dienes.git /opt/dienes\n```\n\nCreate service account\n```bash\nuseradd --system --no-create-home --comment \"Dienes Service Account\" dienes\n```\n\nCreate celery directories and apply permissions\n```bash\nmkdir -vp /var/log/dienes /var/run/dienes\nchown -R dienes:nginx /opt/dienes\nchown -R dienes:dienes /var/log/dienes /var/run/dienes\n```\n\n### Python Prerequisites\n\n```bash\npython3 -m pip install -r requirements.txt\n```\n\n## Configuration\n\n### Redis\n\nRedis have to run locally alongside with `dienes` server\n\n```bash\nyes | cp -v etc/redis/redis.conf /etc/redis.conf\nsystemctl enable --now redis\n```\n\n### Hashicorp Vault\n\nIf there is no Hashicorp Vault available, read the documentation [here](https://www.vaultproject.io/docs/install) to install it.\n\nEnable a kv2 engine with name `secret` and create the required secrets defined in the schema `etc/hashicorp_vault/vault_schema`.\nThen, create the proper ACL named `dienes_ro` which is defined in `etc/hashicorp_vault/vault.hcl`.\n\nFinally, create the token that will be used by `dienes`\n\n```bash\nvault login  # login with your root token\nvault token create -type=service -renewable=true -orphan=true -display-name=\"Dienes API Server\" -policy=dienes_ro -ttl=87600h\n```\n\n### Dienes\n\nCopy the `conf.sample.yml` to `conf.yml` and edit accordingly.\nThe required changes are:\n\n```yaml\nvault:\n  token: TOKEN_HERE\n  host: https://vault.domain.tld:8200\n\napi:\n  cors:\n    origins:\n      - \"http://localhost\"\n      - \"https://localhost\"\n      - \"http://localhost:8000\"\n      - \"https://localhost:8000\"\n  allowed_hosts:\n    - localhost\n    - dienes.domain.tld\n```\n\n### Nginx\n\nGenerate SSL certificates for nginx\n```bash\nmkdir -pv /etc/nginx/ssl/certs /etc/nginx/ssl/keys\nopenssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/keys/nginx-selfsigned.key -out /etc/nginx/ssl/certs/nginx-selfsigned.crt\nopenssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096\n```\n\nRun the following command to disable the default site that comes with the nginx package\n```bash\nsed -i 's@ default_server@@' /etc/nginx/nginx.conf\n```\n\nCopy the preconfigured nginx vhost `dienes.conf`\n```bash\nyes | cp -v etc/nginx/dienes.conf /etc/nginx/conf.d/dienes.conf\n```\n\nConfigure the vhost accordingly `/etc/nginx/conf.d/dienes.conf`\n```conf\nserver_name dienes.domain.tld;  # change the server name\n```\n\n### Systemd\n\nCopy the Systemd service files from `etc/systemd/` to `/etc/systemd/system/`\n```bash\nyes | cp -v etc/systemd/* /etc/systemd/system/\n```\n\nCopy the env files from `etc/default/` to `/etc/default/`\n```bash\nyes | cp -v etc/default/* /etc/default/\n```\n\nFinally, enable and run the services\n```bash\nsystemctl daemon-reload\nsystemctl enable dienes.socket dienes dienes-worker dienes-beat nginx\nsystemctl restart dienes.socket dienes dienes-worker dienes-beat nginx\n```\n\n## Troubleshooting\n\nLogs are located at `/var/log/dienes` and at `/var/log/nginx` and at system's journal.\n\n```bash\njournalctl -f -u dienes\njournalctl -f -u dienes-beat\njournalctl -f -u dienes-worker\n```\n\n## Testing\n\nTo run development servers, run the below commands on two different shells\n\n\u003e API server\n\n```bash\nuvicorn api:dienes --host 0.0.0.0 --port 10051\n```\n\n\u003e Worker\n\n```bash\ncelery -A worker worker -l info -B\n```\n\n\u003e Python client (for benchmark)\n\nCopy the client `client.sample.py` to `client.py` first and then edit the credentials inside the file.\n\n```bash\npython3 client.py\n```\n\nOptionally, the library `faker` can be used to test sample records\n\n```python\nfrom faker import Faker\n\nfaker = Faker()\n\ndienes_url = 'http://localhost:8000/dns/record/ipv6/add'\nfor i in range(256):\n    data = {\n        'fqdn': '{name}.green.local'.format(name=get_random_string(8)),\n        'ip': faker.ipv6(),\n    }\n    r = requests.post(dienes_url, auth=(dienes_username, dienes_password, ), json=data)\n    print(r.json())\n```\n\n\u003e Removing DNS server records with PowerShell\n\n```powershell\n$Zones = Get-DnsServerZone | Where-Object ZoneName -Like \"*.local\"\nforeach ($Zone in $Zones) {\n\t$Records = Get-DnsServerResourceRecord -ZoneName $Zone.ZoneName\n\tforeach ($Record in $Records) {\n\t\tRemove-DnsServerResourceRecord -ZoneName $Zone.ZoneName -Type 1 -Name $Record.HostName\n\t}\n}\n```\n\n\u003e Removing DNS server zones with PowerShell\n\n```powershell\n$Zones = Get-DnsServerZone | Where-Object ZoneName -Like \"*.ip6.arpa\"\nforeach ($Zone in $Zones) {\n    Remove-DnsServerZone -Name $Zone.ZoneName -Force\n}\n\n$Zones = Get-DnsServerZone | Where-Object ZoneName -Like \"*.in-addr.arpa\"\nforeach ($Zone in $Zones) {\n    Remove-DnsServerZone -Name $Zone.ZoneName -Force\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxtonousou%2Fdienes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxtonousou%2Fdienes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxtonousou%2Fdienes/lists"}