Bug#740916: ITP: dms -- DNS Management System
Hi Ondřej! Uploaded package to debian as 'dms', as there is a lot of embedded strings in it that would require a massive amount of work and testing to change. On Fri, 2014-03-07 at 10:34 +0100, Ondřej Surý wrote: > On Fri, Mar 7, 2014, at 9:21, Matt Grant wrote: > > I am afraid the string 'dms' is very deeply buried through out all the > > code > > > > Quite happy to describe it as the "bind9 DNS Management System" though. > > Thank you very much. I would be even happier if the upstream lost the > tight coupling to bind, but that's in my daydreaming box :). Done that in the package summary lines. Very interested in expanding it to support Knot DNS and NSD3. The OO code structure would allow that to be done in the next major iteration, which would support Bind 10 (which has an embedded Python 3.x interpreter!) Please get back to me about this, as I am quite keen to commit to the project. Best Regards, Matt Grant -- Matt Grant, Debian and Linux Systems Administration and Consulting Mobile: 021 0267 0578 Email: m...@mattgrant.net.nz -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1395031452.29144.17.ca...@moriah.internal.anathoth.net
Bug#740916: ITP: dms -- DNS Management System
On Fri, Mar 7, 2014, at 9:21, Matt Grant wrote: > I am afraid the string 'dms' is very deeply buried through out all the > code > > Quite happy to describe it as the "bind9 DNS Management System" though. Thank you very much. I would be even happier if the upstream lost the tight coupling to bind, but that's in my daydreaming box :). > Have to be careful to as 'BIND' may be a trademark of DNSco and the > ISC... DNSco is just a organization for support contracts. I am not aware that ISC holds the trademark over BIND name nor enforce it. I am looking at several ISC people right at this moment :)), so I can ask them quickly when dnsop WG is over. O. > On Fri, 2014-03-07 at 08:01 +, Ondřej Surý wrote: > > The "DNS = Bind" mindset makes me really sad. There is a couple of > > excellent authoritative standard-adhering modern DNS servers (Knot > > DNS, NSD, PowerDNS) out there that beat the hell out of Bind in one > > way or another and still when you say DNS people will just say Bind. > > (Well same for the tasksel job...) > > > > I know that I am biased being upstream for Knot DNS and maintainer for > > NSD even longer, but could we call this a Bind9 Management System in > > Debian? Since this is what it really is. > > > > O. > > -- > > Ondřej Surý > > Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server > > > > On 6. 3. 2014, at 7:55, Matthew Grant wrote: > > > > > > > Package: wnpp > > > Severity: wishlist > > > Owner: Matthew Grant > > > > > > * Package name: dms > > > Version : 1.0 > > > Upstream Author : Matthew Grant > > > * URL : http://mattgrant.net.nz/software/dms > > > * License : GPL3 > > > Programming Lang: Python > > > Description : DNS Management System > > > > > > DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic > > > Updates to update and manage the Zones in Bind9. Has a daemon which > > > uses a State Machine for publishing zones from the DB. There is a > > > command line/shell program zone_tool for operation on the Zones, > > > including running an editor, and a JSON RPC over http interface via > > > Apache and mod_wsgi. > > > > > > oMaster can have DR Failover > > > > > > oIPv6 fully supported in back end and front end > > > > > > oIPv6 DNS RRs () > > > > > > oDynamic DNS configuration of Master server reduces need for > > > reconfig and reload operations. > > > > > > oDNS RRs supported include SOA NS A MX PTR TXT SPF RP SSHFP > > > SRV > > > NSAP NAPTR LOC KX IPSECKEY HINFO CERT DS. DNSSEC handled by > > > bind9 master > > > > > > oAuto DNSSEC via Bind9 dynamic DNS. Bind9 master server auto > > > maintains zone DNSSEC operations records and signing. NSEC3 and > > > NSEC > > > supported. DNSSEC key management on Master server file system > > > pending > > > write of key management module. Key material directory is > > > replicated via > > > DR protocol (rsync) though. DMS is fully enabled to use DNSSEC > > > for > > > securing our core domains. > > > > > > o Apex resource record (SOA and NS) management across all zones - > > > can > > >be turned off per zone. > > > > > > o Auto reverse PTR generation > > > > > > o Customer control of their own automated reverse DNS. Individual > > > PTR > > >records, and complete reverse zones. Useful for business IPv6 and > > > IPv4 > > >blocks. Enables on site use of IP PABX, intranet and email for > > > SMBs on > > >XDSL/Fibre. > > > > > > o zone_tool command line administrative tool on master servers > > > > > > o IPSEC secured communications between each of DR master replicas > > > and slaves > > > > > > o Modular design. For example, Racoon IPSEC can be replaced if > > > needed. > > > > > > o Multiple Slave DNS server software implementations. NL Netlabs > > > nsd3 > > >can be used as a slave server once backend code is completed, and > > > a > > >simple configuration monitoring/HUP daemon implemented to run on > > > each > > >slave. > > > > > > o slave server/Server Groups (SG) support. Live migration of > > > zones. > > > > > > o Private SGs for internal zones. > > > > > > o Retention of deleted zones in database for aged auto-deletion > > > later. > > > > > > o Multiple Zone Instances per Zone. Roll forward and roll back > > >changes. Again old ZIs aged for auto deletion above a threshold > > > number. > > > > > > o Templates used for generating name server configuration includes > > > - > > >master, replicas and slaves. > > > > > > o Rsync to distribute name server configuration to servers. > > > > > > o Central distribution of name server configuration segments. > > > > > > o Hot standby master replica for DR purposes with manually > > > controlled > > >fail over. Includes automatic replica/slave server > > > reconfiguration. > > > > > > o WSGI JSON RPC over HTTPS API for mulitple front ends > > > >
Bug#740916: ITP: dms -- DNS Management System
I am afraid the string 'dms' is very deeply buried through out all the code Quite happy to describe it as the "bind9 DNS Management System" though. Have to be careful to as 'BIND' may be a trademark of DNSco and the ISC... Cheers, Matt On Fri, 2014-03-07 at 08:01 +, Ondřej Surý wrote: > The "DNS = Bind" mindset makes me really sad. There is a couple of > excellent authoritative standard-adhering modern DNS servers (Knot > DNS, NSD, PowerDNS) out there that beat the hell out of Bind in one > way or another and still when you say DNS people will just say Bind. > (Well same for the tasksel job...) > > I know that I am biased being upstream for Knot DNS and maintainer for > NSD even longer, but could we call this a Bind9 Management System in > Debian? Since this is what it really is. > > O. > -- > Ondřej Surý > Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server > > On 6. 3. 2014, at 7:55, Matthew Grant wrote: > > > > Package: wnpp > > Severity: wishlist > > Owner: Matthew Grant > > > > * Package name: dms > > Version : 1.0 > > Upstream Author : Matthew Grant > > * URL : http://mattgrant.net.nz/software/dms > > * License : GPL3 > > Programming Lang: Python > > Description : DNS Management System > > > > DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic > > Updates to update and manage the Zones in Bind9. Has a daemon which > > uses a State Machine for publishing zones from the DB. There is a > > command line/shell program zone_tool for operation on the Zones, > > including running an editor, and a JSON RPC over http interface via > > Apache and mod_wsgi. > > > > oMaster can have DR Failover > > > > oIPv6 fully supported in back end and front end > > > > oIPv6 DNS RRs () > > > > oDynamic DNS configuration of Master server reduces need for > > reconfig and reload operations. > > > > oDNS RRs supported include SOA NS A MX PTR TXT SPF RP SSHFP > > SRV > > NSAP NAPTR LOC KX IPSECKEY HINFO CERT DS. DNSSEC handled by > > bind9 master > > > > oAuto DNSSEC via Bind9 dynamic DNS. Bind9 master server auto > > maintains zone DNSSEC operations records and signing. NSEC3 and > > NSEC > > supported. DNSSEC key management on Master server file system > > pending > > write of key management module. Key material directory is > > replicated via > > DR protocol (rsync) though. DMS is fully enabled to use DNSSEC > > for > > securing our core domains. > > > > o Apex resource record (SOA and NS) management across all zones - > > can > >be turned off per zone. > > > > o Auto reverse PTR generation > > > > o Customer control of their own automated reverse DNS. Individual > > PTR > >records, and complete reverse zones. Useful for business IPv6 and > > IPv4 > >blocks. Enables on site use of IP PABX, intranet and email for > > SMBs on > >XDSL/Fibre. > > > > o zone_tool command line administrative tool on master servers > > > > o IPSEC secured communications between each of DR master replicas > > and slaves > > > > o Modular design. For example, Racoon IPSEC can be replaced if > > needed. > > > > o Multiple Slave DNS server software implementations. NL Netlabs > > nsd3 > >can be used as a slave server once backend code is completed, and > > a > >simple configuration monitoring/HUP daemon implemented to run on > > each > >slave. > > > > o slave server/Server Groups (SG) support. Live migration of > > zones. > > > > o Private SGs for internal zones. > > > > o Retention of deleted zones in database for aged auto-deletion > > later. > > > > o Multiple Zone Instances per Zone. Roll forward and roll back > >changes. Again old ZIs aged for auto deletion above a threshold > > number. > > > > o Templates used for generating name server configuration includes > > - > >master, replicas and slaves. > > > > o Rsync to distribute name server configuration to servers. > > > > o Central distribution of name server configuration segments. > > > > o Hot standby master replica for DR purposes with manually > > controlled > >fail over. Includes automatic replica/slave server > > reconfiguration. > > > > o WSGI JSON RPC over HTTPS API for mulitple front ends > > > > o Security tags to control what front ends can see > > > > o Zone reference metadata to tag the zone with the owner/customer > >entity ID. Set by DMI when a zone is created. Tag out of table in > > DB via > >foreign key for easy reference renaming. > > > > o zone_tool has built in pager support and editor support via > > standard > >shell environment variables. > > > > o zone_tool has a configurable restricted shell mode for Help Desk > > use > > > > o RR Groups and RR comments supported in DB for use in text editor > > and > >in Web Admin DMI (DNS Management Interface) > > > > o zone_tool has colourised diff suppor
Bug#740916: ITP: dms -- DNS Management System
The "DNS = Bind" mindset makes me really sad. There is a couple of excellent authoritative standard-adhering modern DNS servers (Knot DNS, NSD, PowerDNS) out there that beat the hell out of Bind in one way or another and still when you say DNS people will just say Bind. (Well same for the tasksel job...) I know that I am biased being upstream for Knot DNS and maintainer for NSD even longer, but could we call this a Bind9 Management System in Debian? Since this is what it really is. O. -- Ondřej Surý Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server > On 6. 3. 2014, at 7:55, Matthew Grant wrote: > > Package: wnpp > Severity: wishlist > Owner: Matthew Grant > > * Package name: dms > Version : 1.0 > Upstream Author : Matthew Grant > * URL : http://mattgrant.net.nz/software/dms > * License : GPL3 > Programming Lang: Python > Description : DNS Management System > > DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic > Updates to update and manage the Zones in Bind9. Has a daemon which > uses a State Machine for publishing zones from the DB. There is a > command line/shell program zone_tool for operation on the Zones, > including running an editor, and a JSON RPC over http interface via > Apache and mod_wsgi. > > oMaster can have DR Failover > > oIPv6 fully supported in back end and front end > > oIPv6 DNS RRs () > > oDynamic DNS configuration of Master server reduces need for > reconfig and reload operations. > > oDNS RRs supported include SOA NS A MX PTR TXT SPF RP SSHFP SRV > NSAP NAPTR LOC KX IPSECKEY HINFO CERT DS. DNSSEC handled by bind9 master > > oAuto DNSSEC via Bind9 dynamic DNS. Bind9 master server auto > maintains zone DNSSEC operations records and signing. NSEC3 and NSEC > supported. DNSSEC key management on Master server file system pending > write of key management module. Key material directory is replicated via > DR protocol (rsync) though. DMS is fully enabled to use DNSSEC for > securing our core domains. > > o Apex resource record (SOA and NS) management across all zones - can >be turned off per zone. > > o Auto reverse PTR generation > > o Customer control of their own automated reverse DNS. Individual PTR >records, and complete reverse zones. Useful for business IPv6 and IPv4 >blocks. Enables on site use of IP PABX, intranet and email for SMBs on >XDSL/Fibre. > > o zone_tool command line administrative tool on master servers > > o IPSEC secured communications between each of DR master replicas and slaves > > o Modular design. For example, Racoon IPSEC can be replaced if needed. > > o Multiple Slave DNS server software implementations. NL Netlabs nsd3 >can be used as a slave server once backend code is completed, and a >simple configuration monitoring/HUP daemon implemented to run on each >slave. > > o slave server/Server Groups (SG) support. Live migration of zones. > > o Private SGs for internal zones. > > o Retention of deleted zones in database for aged auto-deletion later. > > o Multiple Zone Instances per Zone. Roll forward and roll back >changes. Again old ZIs aged for auto deletion above a threshold number. > > o Templates used for generating name server configuration includes - >master, replicas and slaves. > > o Rsync to distribute name server configuration to servers. > > o Central distribution of name server configuration segments. > > o Hot standby master replica for DR purposes with manually controlled >fail over. Includes automatic replica/slave server reconfiguration. > > o WSGI JSON RPC over HTTPS API for mulitple front ends > > o Security tags to control what front ends can see > > o Zone reference metadata to tag the zone with the owner/customer >entity ID. Set by DMI when a zone is created. Tag out of table in DB via >foreign key for easy reference renaming. > > o zone_tool has built in pager support and editor support via standard >shell environment variables. > > o zone_tool has a configurable restricted shell mode for Help Desk use > > o RR Groups and RR comments supported in DB for use in text editor and >in Web Admin DMI (DNS Management Interface) > > o zone_tool has colourised diff support to display changes between >different ZIs for a zone > > o Vim can be used as zone tool editor, giving DNS colourised Zone file >syntax high lighting. > > > -- > To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: > https://lists.debian.org/20140306075515.5154.49732.report...@sid-dev.internal.anathoth.net >
Bug#740916: ITP: dms -- DNS Management System
* Matthew Grant: " Bug#740916: ITP: dms -- DNS Management System" (Thu, 06 Mar 2014 20:55:15 +1300): > Package: wnpp > Severity: wishlist > Owner: Matthew Grant > > * Package name: dms This package name seems to generic for me, I personally would have expected something like 'Document Management System', but there are far more meanings [1]. [1] http://en.wikipedia.org/wiki/DMS Cheers, Mathias -- Mathias Behrle PGP/GnuPG key availabable from any keyserver, ID: 0x8405BBF6 signature.asc Description: PGP signature
Bug#740916: ITP: dms -- DNS Management System
Matthew Grant writes: > Package: wnpp > Severity: wishlist > Owner: Matthew Grant > > * Package name: dms > Version : 1.0 > Upstream Author : Matthew Grant > * URL : http://mattgrant.net.nz/software/dms > * License : GPL3 > Programming Lang: Python > Description : DNS Management System > > DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic > Updates to update and manage the Zones in Bind9. OK. > Has a daemon which uses a State Machine for publishing zones from the > DB. I personally think this sentence should be eliminated from the package description altogether. Lots of software has state machines built in, thats nothing really interesting. -- CYa, ⡍⠁⠗⠊⠕ | Debian Developer http://debian.org/> .''`. | Get my public key via finger mlang/k...@db.debian.org : :' : | 1024D/7FC1A0854909BCCDBE6C102DDFFC022A6B113E44 `. `' `- http://delysid.org/> http://www.staff.tugraz.at/mlang/> -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87ha7bhdso@fx.delysid.org
Bug#740916: ITP: dms -- DNS Management System
Package: wnpp Severity: wishlist Owner: Matthew Grant * Package name: dms Version : 1.0 Upstream Author : Matthew Grant * URL : http://mattgrant.net.nz/software/dms * License : GPL3 Programming Lang: Python Description : DNS Management System DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic Updates to update and manage the Zones in Bind9. Has a daemon which uses a State Machine for publishing zones from the DB. There is a command line/shell program zone_tool for operation on the Zones, including running an editor, and a JSON RPC over http interface via Apache and mod_wsgi. oMaster can have DR Failover oIPv6 fully supported in back end and front end oIPv6 DNS RRs () oDynamic DNS configuration of Master server reduces need for reconfig and reload operations. oDNS RRs supported include SOA NS A MX PTR TXT SPF RP SSHFP SRV NSAP NAPTR LOC KX IPSECKEY HINFO CERT DS. DNSSEC handled by bind9 master oAuto DNSSEC via Bind9 dynamic DNS. Bind9 master server auto maintains zone DNSSEC operations records and signing. NSEC3 and NSEC supported. DNSSEC key management on Master server file system pending write of key management module. Key material directory is replicated via DR protocol (rsync) though. DMS is fully enabled to use DNSSEC for securing our core domains. o Apex resource record (SOA and NS) management across all zones - can be turned off per zone. o Auto reverse PTR generation o Customer control of their own automated reverse DNS. Individual PTR records, and complete reverse zones. Useful for business IPv6 and IPv4 blocks. Enables on site use of IP PABX, intranet and email for SMBs on XDSL/Fibre. o zone_tool command line administrative tool on master servers o IPSEC secured communications between each of DR master replicas and slaves o Modular design. For example, Racoon IPSEC can be replaced if needed. o Multiple Slave DNS server software implementations. NL Netlabs nsd3 can be used as a slave server once backend code is completed, and a simple configuration monitoring/HUP daemon implemented to run on each slave. o slave server/Server Groups (SG) support. Live migration of zones. o Private SGs for internal zones. o Retention of deleted zones in database for aged auto-deletion later. o Multiple Zone Instances per Zone. Roll forward and roll back changes. Again old ZIs aged for auto deletion above a threshold number. o Templates used for generating name server configuration includes - master, replicas and slaves. o Rsync to distribute name server configuration to servers. o Central distribution of name server configuration segments. o Hot standby master replica for DR purposes with manually controlled fail over. Includes automatic replica/slave server reconfiguration. o WSGI JSON RPC over HTTPS API for mulitple front ends o Security tags to control what front ends can see o Zone reference metadata to tag the zone with the owner/customer entity ID. Set by DMI when a zone is created. Tag out of table in DB via foreign key for easy reference renaming. o zone_tool has built in pager support and editor support via standard shell environment variables. o zone_tool has a configurable restricted shell mode for Help Desk use o RR Groups and RR comments supported in DB for use in text editor and in Web Admin DMI (DNS Management Interface) o zone_tool has colourised diff support to display changes between different ZIs for a zone o Vim can be used as zone tool editor, giving DNS colourised Zone file syntax high lighting. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140306075515.5154.49732.report...@sid-dev.internal.anathoth.net
