Get your ISC BIND export script here

[technicidat]

Hi All,


I have searched high and low and it seems that Nictool is the best open source DNS management tool I could find after some years of looking (there are some horrors out there).

The one thing I think it could certainly benefit from is a function to export the data to ISC BIND. Some people are stuck using it (or maybe even like it :-)

Anyway, I convinced the company I work for to pay someone to write a PHP script that will export the data from Nictool's database into BIND zone files, with no modification to Nictool itself. We are going to replace our old in-house custom system with Nictool and some anycast BIND instances.

I want to make this script freely available as I believe many other people will find it useful (judging by the number of forum posts and also my own dissapointment when installing) Also in the hope that it may be improved upon over time by people more intelligent than I and any bugs will be discovered and fixed.


Here is how it works:

- The script connects to the MySQL database where Nictool stores all of its zone data.
- The script then loops through all the domains marked as "not deleted" and extracts the zone data for that domain.
- The zone data is then compiled into the correct BIND zone file format and written into this file (just a text file), one file per domain.
- The script cycles through and writes out the files to a specified directory of your choice.
- The script also creates an include file which you instruct BIND to use in named.conf
- This include file contains an entry for each zone and tells BIND where to find the zone file and some other options.
- You would then copy these zone files and the include file to you name servers and perform a reload to get BIND to read the zone files.
- If a domain is deleted in Nictool or a record is changed, the next time the script is run, the change should be reflected in the zone files, either the file is removed and corresponding entry removed from the include file or the zone file is overwritten with the changed data.


How to install and configure:
=============================

1. Download the PHP script from: http://www.nexus6.co.za/download/nt_export_script.txt
(forum uploads appear to be broken so I'm hosting this file for now)


2. Rename the file to .php and place where you want it on your file system.


3. Edit the variables to reflect your own setup:

$db_name="your_mysql_database_name";
$db_user="your_mysql_username";
$db_pass="your_mysql_password";
$db_host="database_ip_or_hostname"; (e.g dba01.domain.tld or localhost, etc)

4. Create a subfolder in the directory that your script is located in called "data"


5. Create a script to run the export, copy and reload jobs:

e.g:

#######

#!/bin/bash

cd /opt/scripts/nictool
/usr/bin/php nt_export_bind.php

scp -i named.key data/* named@ns0.domain.tld:/var/named/chroot/etc/data
scp -i named.key data/* named@ns1.domain.tld:/var/named/chroot/etc/data

ssh -i named.key named@ns0.domain.tld killall -HUP named
ssh -i named.key named@ns0.domain.tld killall -HUP named

sleep 5

#######

(you could get creative and use rsync over ssh with a delete option to remove inactive zones, etc)


8. Edit your named.conf file to add the include:

e.g. add a line like this:

include "/etc/data/zones.conf";


9. Create some ssh keys to allow passwordless logins for the scp process to your name servers.
There are plenty of how-to docs on the net so I wont explain this.


10. Create a cron job to run the script at your specified interval

e.g: (to run it every 20 minutes)

*/20    *       *       *       *       /bin/sh /opt/scripts/nictool/zone_copy.sh >/dev/null 1>/dev/null


11. If all went well, your export script should be running and you can now use Nictool to manage your ISC BIND name servers..


=====================

Please Note:

I cant provide support for this, of course there may be some problems with the script and I cant be responsible for any messups, etc
So basically use at your own risk.

=====================


Regards,
Andy.

[matt]

uploads fixed. Script uploaded.

[technicidat]

Hi,

***Please NOTE***

Since posting this, I have had a few major bugs fixed, please UPDATE your existing script NOW!!

Download at: http://www.nexus6.co.za/download/nt_export_script.txt


Version 1.3

BUGS FIXED:
1. SOA records were inverted
2. in-addr.arpa zones were not being generated correctly
3. Fixed a major bug where an empty zones.conf file was generated if the export script was unable to connect to MySQL (very bad as it means no zone data loaded or served!!)


Thanks.

Regards,
Andy