Automate local DNS with Bind and Terraform
Рет қаралды 53,067
Күн бұрынDoing manual configuration is a thing of the past! With Terraform, I’m now managing all my local DNS entries fully automatically. In this KZbin video, I’m going to show you exactly how I’ve done that. If you’re new to this, I recommend checking out my other video first. All the commands and configs are available on GitHub.
Teleport-*: goteleport.com/thedigitallife
Related Videos/Links
- You want a real DNS Server at home? (bind9 + docker): • You want a real DNS Se...
- What is infrastructure as code? // Terraform Tutorial: • What is infrastructure...
- Proxmox virtual machine automation in Terraform: • Proxmox virtual machin...
- Crazy fast Kubernetes Automation with Terraform: • Crazy fast Kubernetes ...
________________
💜 Support me and become a Fan!
→ christianlempa.de/patreon
💬 Join our Community!
→ christianlempa.de/discord
________________
Read my Tech Documentation
christianlempa.de/docs
My Gear and Equipment-*
christianlempa.de/kit
________________
Timestamps:
00:00 - Introduction
01:23 - Advertisement-*
02:09 - Prepare the DNS Server
06:03 - Manage DNS Records with Terraform
09:49 - Add new DNS Records
15:41 - Apply changes to the static config
________________
All links with "*" are affiliate links.
#Homelab #DNS #Terraform
@no-ml6gz Жыл бұрын
This is really interesting! One thing I would like to see more of is that you do dual stack configuration. A lot of us use IPv6 to talk directly to our machines without the hastle of NAT!
@christianlempa Жыл бұрын
Thx :)
@borngeek666 11 ай бұрын
agreed, my ISP in Thailand is handing out prefix delegation, now, and I dont have to battle CGnat ip4 - which I currently use ARGO and WARP for... Although I have backup teleport with unifi UDM-PRO. Great video, Christian! I will apply to my bind9, now :)
@brianoconnell-df7kz Жыл бұрын
I'm loving your content! It's right on time for me as a rebuild my labs! I would love to see you cover Hashicorp Vault for keeping Terraform/Ansible secrets!
@olegfranko8675 Жыл бұрын
Nice approach to manage the dns records together with your IAC via Terraform. I'm currently using terraform to manage virtual machines and an Ansible role to install and configure bind and it's zone files. As long as my Ansible inventory hosts are maintained correctly, my dns records will be as well ;) Greetings from Germany btw.
@christianlempa Жыл бұрын
Cool! :) Grüße zurück :D
@vvagw5825 Жыл бұрын
I am happy to watch all your videos. And I'm learning. go go go!
@Low_Frequency_ Жыл бұрын
That's a really cool way of handling DNS records. I didn't know terraform could handle the bind config on its own. I use my OPNsense for DNS and create the records with a combination of terraform and ansible. I wrote a small playbook that creates an A record and several CNAME records which gets executed in my VM terraform module. That way I have the benefit of the lifecycle management from terraform plus the easy DNS setup without a dedicated VM for it. Combined with CI/CD it's just the perfect setup for a constantly changing homelab.
@justarandomguy1927 Жыл бұрын
Amazing video! Very nice content, well explained and very professional. Keep it up!
@christianlempa Жыл бұрын
Thank you so much :)
@cybr774 Жыл бұрын
Nice tutorial, I'll totally set this up once I have my homelab setup ready. Btw have you ever used terraform cloud? It's pretty good ngl, have you seen it's latest update that it gives you one free runner to use for on premises terraform applies through terraform cloud?
@wahabhabeeb8614 Жыл бұрын
Awesome! I am try that right away. Thanks for sharing
@christianlempa Жыл бұрын
Thx!
@zend112 11 ай бұрын
Awesome video, I have refactored my Terraform scripts to include now the DNS A records of my hosts in my homelab. One question though: how do you generate the records for PTR records?
@Nosiu Жыл бұрын
If you're big on Terraform, I think that's a great solution. I opted for Technitium DNS and wrote a small Docker app for updating through the built-in API.
@christianlempa Жыл бұрын
Nice!
@francescolaporta9704 9 ай бұрын
Great video, interesting! Is there a web interface to insert new records into zones that interfaces with terraform+bind?
@dnldnl4880 8 ай бұрын
Excellent video
@HackerConsole 8 ай бұрын
Hello, how do you solve the problem of creating the journal?
@Enrii90 7 ай бұрын
Christian!! you didn't tell us how you solved it... :(
@jorgemrsantos 4 ай бұрын
Yeah, still waiting for that second, where you explain how to solve the permissions issue. Great video! Thank you so much for this amazing content
@DavidEsotica Жыл бұрын
Seriously Christan? I was looking up this topic and you posted this 3 hours ago!
@christianlempa Жыл бұрын
Perfect timing 😂✌️
@ahmadmiqdaadabdulaziz6163 9 ай бұрын
Is there any GUI for bind9 ? something like GoDaddy DNS manager / cpanel DNS manager ? If you plan to start that project, I would love to see it
@michaelventarola7100 5 ай бұрын
I am able to add A records, but these records are not updated in my zone files. They are in a zone file with a jnl extention. How do I get thezone fles updated?
@AndrewMay-GG 6 ай бұрын
I'm having a problem with "apparmor", when making the modification with terraform, bind returns an error when creating the file, I verified that the ubuntu image does not allow the application to write to this directory.
@youtubegarbage4u 8 ай бұрын
where is video for using letsencrypt for the apps running on the internal networks?
@Vera150607 Жыл бұрын
Adguard Home DNS + Nginx PM with a DNS forward entry from your DNS to Nginx PM containing your reverse host and bingo, all your web app with public valid ssl certificates.
@hansaya Жыл бұрын
What I have done is use pfsense to automate DNS. I even got k3s to automatically update my dns entries
@christianlempa Жыл бұрын
Wow that is cool!
@monsterhuntfreak2011 5 ай бұрын
I just use FreeIPA for DNS Management. Once I add the server/ client to the Domain it automatically gets added as a DNS Entry
@Michaeeeel Жыл бұрын
Whats the point of trading one file system to another? i would have seen the utility in creating this dns records in some UI, otherwise it seems like I have to learn one more thing to configure 😅
@christianlempa Жыл бұрын
You need to rewatch the video, I'm explaining it somewhere in the middle ;)
@EricOnYouTube 3 ай бұрын
Do you use terraform and Raspberry Pi? How?
@Dwykid1 Жыл бұрын
I LITERALLY was doing this last night and ended up on a cludgy wildcard solution. Lets see if this works better!
@christianlempa Жыл бұрын
Oh nice! Tell me how it works for you ;)
@Dwykid1 Жыл бұрын
@@christianlempa I'll try it during my next scheduled maintenance window for my homelab (weekends) Yes I know I just said I messed with production on a monday night, don't pay attention to that.
@bolto90 11 ай бұрын
how did you solve the jnl file creation
@ruansteyn27 11 ай бұрын
I am also now trying to figure that part out :-)
@rolfamfelt9946 Жыл бұрын
Don’t you have pi-hole ? And can it be updated in the same way?
@ilovestitch Жыл бұрын
May be running a pfsense DNS resolver or something more advanced, pi-hole is tonka trucks compared to some of the big rigs out there
@christianlempa Жыл бұрын
No, to both :D But you can still use bind9 together with pihole, just do a DNS forwarding :)
@henderstech Жыл бұрын
Would this be better than pihole dns?
@christianlempa Жыл бұрын
Depends... bind9 is just a DNS Server, PiHole also does Ad blocking.
@mastergamer4335 8 ай бұрын
16:38 yes it's pronounced like daymon.
@MrGarfield 10 ай бұрын
No i would not use terraform. Just open the Zonefile, with a watch daemon CTRL+S is reload the config 🙂
@MestreDentistaGUC Жыл бұрын
Are you no longer on Odysee?!?! 😥
@christianlempa Жыл бұрын
No, it's just a terrible platform
@tdx110 6 ай бұрын
You forgot to add that you need to change one DNS in the router to our DNS address! That's not how it works!
@s.i.m.c.a Жыл бұрын
so - instead of having a one huge file to upkeep, you would need to upkeep a huge amount of terraform scripts, what a smart move
@june012006 10 ай бұрын
You add the dns resource to the script that builds the actual VM. If you are just updating dns records then yes, this is ridiculous, however, if you are using terraform to build and update your infrastructure, you're already maintaining these same scripts.
@nixxblikka Жыл бұрын
Erster 😀
@christianlempa Жыл бұрын
Zweiter :D
@HypnosisDr Жыл бұрын
@@christianlempa Dann bin ich wohl der dritte 🤣
@pprocacci 10 ай бұрын
Whether you're doing it in terraform or you editing bind records by hand, you're still doing it manually somewhere. You've solved absolutely nothing and added another layer on top of simply editing bind configuration files.
@june012006 10 ай бұрын
Yes, but when you decom your vm that you built with terraform, you can delete the dns entry at the same time.
@tcasex 9 ай бұрын
I think you're missing the point...this is mostly for devops, devsecops, etc. I think it's a bit ridiculous to use terraform in a home lab...but to learn the technology you need to practice it doing ridiculous things instead of fucking up a production environment. For instance - say you need a repeatable process of standing up infra and then destroying it when done 4 times a year. Instead of doing this manually and trying to remember what to do every quarter, you just use terraform to automate it with a known "good" config. Update the config as needed.... There is a reason it's a "Infrastructure as Code" tool. I hope I added some clarity...and thanks for sharing the video.
@LariviereChris 10 ай бұрын
Really awesome stuff. What plug-in are you using for terraform autocomplete. I always have to go back to the documentation 🥲🤪
Bungee Jumping Park
Рет қаралды 28 МЛН
Techno Tim
Рет қаралды 43 М.
Craft Computing
Рет қаралды 1,2 МЛН