Step 0. Store your DNS configuration in Git. If you aren’t using some sort of version control system for your zone files and other BIND configuration, you ought to be. May I recommend Git? Put your entire configuration directory in there, but do read the “Downsides” section below for some important security considerations.
Step 1. Create a bare Git repository on your DNS server. Using Fabric, you’d do it something like this:
def config_git(): # Create bare git repo for direct DNS data pushes: sudo('/bin/mkdir /srv/bind.git') sudo('/bin/chown ubuntu:ubuntu /srv/bind.git') with cd('/srv/bind.git'): run('/usr/bin/git init --bare .') git_post_receive()
(The above assumes an Ubuntu system, where the “ubuntu” user has sudo privileges, such as on EC2; adjust to your environment as needed.)
Read the rest of this entry »