Automate local DNS with Bind and Terraform

Подписаться 203 тыс.

Просмотров 54 тыс.

50% 1

Doing manual configuration is a thing of the past! With Terraform, I’m now managing all my local DNS entries fully automatically. In this RU-vid video, I’m going to show you exactly how I’ve done that. If you’re new to this, I recommend checking out my other video first. All the commands and configs are available on GitHub.
Teleport-*: goteleport.com/thedigitallife
Related Videos/Links
- You want a real DNS Server at home? (bind9 + docker): • You want a real DNS Se...
- What is infrastructure as code? // Terraform Tutorial: • What is infrastructure...
- Proxmox virtual machine automation in Terraform: • Proxmox virtual machin...
- Crazy fast Kubernetes Automation with Terraform: • Crazy fast Kubernetes ...
________________
💜 Support me and become a Fan!
→ christianlempa.de/patreon
💬 Join our Community!
→ christianlempa.de/discord
________________
Read my Tech Documentation
christianlempa.de/docs
My Gear and Equipment-*
christianlempa.de/kit
________________
Timestamps:
00:00 - Introduction
01:23 - Advertisement-*
02:09 - Prepare the DNS Server
06:03 - Manage DNS Records with Terraform
09:49 - Add new DNS Records
15:41 - Apply changes to the static config
________________
All links with "*" are affiliate links.
#Homelab #DNS #Terraform

Опубликовано:

16 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 60

@brianoconnell-df7kz Год назад

I'm loving your content! It's right on time for me as a rebuild my labs! I would love to see you cover Hashicorp Vault for keeping Terraform/Ansible secrets!

@vvagw5825 Год назад

I am happy to watch all your videos. And I'm learning. go go go!

@Low_Frequency_ Год назад

That's a really cool way of handling DNS records. I didn't know terraform could handle the bind config on its own. I use my OPNsense for DNS and create the records with a combination of terraform and ansible. I wrote a small playbook that creates an A record and several CNAME records which gets executed in my VM terraform module. That way I have the benefit of the lifecycle management from terraform plus the easy DNS setup without a dedicated VM for it. Combined with CI/CD it's just the perfect setup for a constantly changing homelab.

@no-ml6gz Год назад

This is really interesting! One thing I would like to see more of is that you do dual stack configuration. A lot of us use IPv6 to talk directly to our machines without the hastle of NAT!

@christianlempa Год назад

Thx :)

@borngeek666 11 месяцев назад

agreed, my ISP in Thailand is handing out prefix delegation, now, and I dont have to battle CGnat ip4 - which I currently use ARGO and WARP for... Although I have backup teleport with unifi UDM-PRO. Great video, Christian! I will apply to my bind9, now :)

@olegfranko8675 Год назад

Nice approach to manage the dns records together with your IAC via Terraform. I'm currently using terraform to manage virtual machines and an Ansible role to install and configure bind and it's zone files. As long as my Ansible inventory hosts are maintained correctly, my dns records will be as well ;) Greetings from Germany btw.

@christianlempa Год назад

Cool! :) Grüße zurück :D

@justarandomguy1927 Год назад

Amazing video! Very nice content, well explained and very professional. Keep it up!

@christianlempa Год назад

Thank you so much :)

@cybr774 Год назад

Nice tutorial, I'll totally set this up once I have my homelab setup ready. Btw have you ever used terraform cloud? It's pretty good ngl, have you seen it's latest update that it gives you one free runner to use for on premises terraform applies through terraform cloud?

@wahabhabeeb8614 Год назад

Awesome! I am try that right away. Thanks for sharing

@christianlempa Год назад

Thx!

@Nosiu Год назад

If you're big on Terraform, I think that's a great solution. I opted for Technitium DNS and wrote a small Docker app for updating through the built-in API.

@christianlempa Год назад

Nice!

@zend112 11 месяцев назад

Awesome video, I have refactored my Terraform scripts to include now the DNS A records of my hosts in my homelab. One question though: how do you generate the records for PTR records?

@francescolaporta9704 9 месяцев назад

Great video, interesting! Is there a web interface to insert new records into zones that interfaces with terraform+bind?

@dnldnl4880 8 месяцев назад

Excellent video

@DavidEsotica Год назад

Seriously Christan? I was looking up this topic and you posted this 3 hours ago!

@christianlempa Год назад

Perfect timing 😂✌️

@ahmadmiqdaadabdulaziz6163 9 месяцев назад

Is there any GUI for bind9 ? something like GoDaddy DNS manager / cpanel DNS manager ? If you plan to start that project, I would love to see it

@Vera150607 Год назад

Adguard Home DNS + Nginx PM with a DNS forward entry from your DNS to Nginx PM containing your reverse host and bingo, all your web app with public valid ssl certificates.

@hansaya Год назад

What I have done is use pfsense to automate DNS. I even got k3s to automatically update my dns entries

@christianlempa Год назад

Wow that is cool!

@youtubegarbage4u 9 месяцев назад

where is video for using letsencrypt for the apps running on the internal networks?

@user-pn2xt3jw1i 13 дней назад

"What I really hate in the IT is manual configuration. So I took all the records from a huge Bind config file and put them all to another even bigger Terraform config file. And I made a video about it."

@HackerConsole 8 месяцев назад

Hello, how do you solve the problem of creating the journal?

@Enrii90 8 месяцев назад

Christian!! you didn't tell us how you solved it... :(

@jorgemrsantos 4 месяца назад

Yeah, still waiting for that second, where you explain how to solve the permissions issue. Great video! Thank you so much for this amazing content

@michaelventarola7100 5 месяцев назад

I am able to add A records, but these records are not updated in my zone files. They are in a zone file with a jnl extention. How do I get thezone fles updated?

@AndrewMay-GG 6 месяцев назад

I'm having a problem with "apparmor", when making the modification with terraform, bind returns an error when creating the file, I verified that the ubuntu image does not allow the application to write to this directory.

@monsterhuntfreak2011 5 месяцев назад

I just use FreeIPA for DNS Management. Once I add the server/ client to the Domain it automatically gets added as a DNS Entry

@Dwykid1 Год назад

I LITERALLY was doing this last night and ended up on a cludgy wildcard solution. Lets see if this works better!

@christianlempa Год назад

Oh nice! Tell me how it works for you ;)

@Dwykid1 Год назад

@@christianlempa I'll try it during my next scheduled maintenance window for my homelab (weekends) Yes I know I just said I messed with production on a monday night, don't pay attention to that.

@EricOnYouTube 4 месяца назад

Do you use terraform and Raspberry Pi? How?

@Michaeeeel Год назад

Whats the point of trading one file system to another? i would have seen the utility in creating this dns records in some UI, otherwise it seems like I have to learn one more thing to configure 😅

@christianlempa Год назад

You need to rewatch the video, I'm explaining it somewhere in the middle ;)

@bolto90 11 месяцев назад

how did you solve the jnl file creation

@ruansteyn27 11 месяцев назад

I am also now trying to figure that part out :-)

@mastergamer4335 9 месяцев назад

16:38 yes it's pronounced like daymon.

@rolfamfelt9946 Год назад

Don’t you have pi-hole ? And can it be updated in the same way?

@ilovestitch Год назад

May be running a pfsense DNS resolver or something more advanced, pi-hole is tonka trucks compared to some of the big rigs out there

@christianlempa Год назад

No, to both :D But you can still use bind9 together with pihole, just do a DNS forwarding :)

@henderstech Год назад

Would this be better than pihole dns?

@christianlempa Год назад

Depends... bind9 is just a DNS Server, PiHole also does Ad blocking.

@MrGarfield 11 месяцев назад

No i would not use terraform. Just open the Zonefile, with a watch daemon CTRL+S is reload the config 🙂

@s.i.m.c.a Год назад

so - instead of having a one huge file to upkeep, you would need to upkeep a huge amount of terraform scripts, what a smart move

@june012006 10 месяцев назад

You add the dns resource to the script that builds the actual VM. If you are just updating dns records then yes, this is ridiculous, however, if you are using terraform to build and update your infrastructure, you're already maintaining these same scripts.

@MestreDentistaGUC Год назад

Are you no longer on Odysee?!?! 😥

@christianlempa Год назад

No, it's just a terrible platform

@tdx110 7 месяцев назад

You forgot to add that you need to change one DNS in the router to our DNS address! That's not how it works!

@nixxblikka Год назад

Erster 😀

@christianlempa Год назад

Zweiter :D

@HypnosisDr Год назад

@@christianlempa Dann bin ich wohl der dritte 🤣

@pprocacci 11 месяцев назад

Whether you're doing it in terraform or you editing bind records by hand, you're still doing it manually somewhere. You've solved absolutely nothing and added another layer on top of simply editing bind configuration files.

@june012006 10 месяцев назад

Yes, but when you decom your vm that you built with terraform, you can delete the dns entry at the same time.

@tcasex 9 месяцев назад

I think you're missing the point...this is mostly for devops, devsecops, etc. I think it's a bit ridiculous to use terraform in a home lab...but to learn the technology you need to practice it doing ridiculous things instead of fucking up a production environment. For instance - say you need a repeatable process of standing up infra and then destroying it when done 4 times a year. Instead of doing this manually and trying to remember what to do every quarter, you just use terraform to automate it with a known "good" config. Update the config as needed.... There is a reason it's a "Infrastructure as Code" tool. I hope I added some clarity...and thanks for sharing the video.