StackExchange/dnscontrol
1
1
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2025-12-09 13:46:07 +08:00
Code Issues Projects Releases Packages Wiki Activity
dnscontrol/documentation/provider/index.md
Jakob Ackermann 1e67585e8f
HETZNER_V2: Add provider for Hetzner DNS API (#3837) 
Closes https://github.com/StackExchange/dnscontrol/issues/3787

This PR is adding a `HETZNER_V2` provider for the "new" Hetzner DNS API.

Testing:
- The integration tests are passing.
- Manual testing:
  - `preview` (see diff for existing zone)
- `preview --populate-on-preview` (see full diff for newly created zone)
  - `push` (see full diff; no diff after push)
- `push` (see full diff; no diff after push to newly created zone --
i.e. single pass and done)

```js
var REG_NONE = NewRegistrar('none')
var DSP = NewDnsProvider('HETZNER_V2')

D('testing-2025-11-14-7.dev', REG_NONE, DnsProvider(DSP),
    A('@', '127.0.0.1')
)
```

<details>

```
# push for newly created zone
CONCURRENTLY checking for 1 zone(s)
SERIALLY checking for 0 zone(s)
Waiting for concurrent checking(s) to complete...DONE
******************** Domain: testing-2025-11-14-7.dev
1 correction (HETZNER_V2)
#1: Ensuring zone "testing-2025-11-14-7.dev" exists in "HETZNER_V2"
SUCCESS!
CONCURRENTLY gathering records of 1 zone(s)
SERIALLY gathering records of 0 zone(s)
Waiting for concurrent gathering(s) to complete...DONE
******************** Domain: testing-2025-11-14-7.dev
4 corrections (HETZNER_V2)
#1: ± MODIFY-TTL testing-2025-11-14-7.dev NS helium.ns.hetzner.de. ttl=(3600->300)
± MODIFY-TTL testing-2025-11-14-7.dev NS hydrogen.ns.hetzner.com. ttl=(3600->300)
± MODIFY-TTL testing-2025-11-14-7.dev NS oxygen.ns.hetzner.com. ttl=(3600->300)
SUCCESS!
#2: + CREATE testing-2025-11-14-7.dev A 127.0.0.1 ttl=300
SUCCESS!
Done. 5 corrections.
```
</details>

Feedback for @jooola and @LKaemmerling:
- The SDK was very useful in getting 80% there! Nice! 🎉 
- Footgun:
- The `result` values are not "up-to-date" after waiting for an
`Action`, e.g. `Zone.AuthoritativeNameservers.Assigned` is not set when
`Client.Zone.Create()` returns and the following "wait" will not update
it.
- Taking a step back here: Waiting for an `Action` with a separate SDK
call does not seem very natural to me. Does the SDK-user need to know
that you are processing operations asynchronous? (Which seems like an
implementation detail to me, something that the SDK could abstrct over.)
Can `Client.Zone.Create()` return the final `Zone` instead of the
intermediate result?
- Features missing compared to the DNS Console, in priority order:
- It is no longer possible to remove your provided name servers from the
root/apex. Use-case: dual-home/multi-home zone with fewer than three
servers from Hetzner. I'm operating one of these and cannot migrate over
until this is fixed.
- Performance regression due to lack of bulk create/modify. E.g. [one of
the test
suites](a71b89e5a2/integrationTest/integration_test.go (L619))
spends about 4.5 minutes on making creating 100 record-sets and then
another 4 minutes for deleting them in sequence again. With your async
API, these are `create 2*100 + delete 2*100 = 400` API calls.
Previously, these were `create 1 + delete 100 = 101` API calls. Are you
planning on adding batch processing again?
- Usability nits
- Compared to other record-set based APIs, upserts for record-sets are
missing. This applies to records of a record-set and the ttl of the
record-set (see separate SDK calls for the cases `diff2.CREATE` vs
`diff2.CHANGE` and two calls in `diff2.CHANGE` for updating the TTL vs
records).
- Some SDK methods return an `Action` (e.g. `Zone.ChangeRRSetTTL()`),
others wrap the `Action` in a struct (`Client.Zone.CreateRRSet()`) --
even when the struct has a single field (`ZoneRRSetDeleteResult`).

---------

Co-authored-by: "Jonas L." <jooola@users.noreply.github.com>
Co-authored-by: "Lukas Kämmerling" <LKaemmerling@users.noreply.github.com>
Co-authored-by: Tom Limoncelli <6293917+tlimoncelli@users.noreply.github.com>
2025-11-30 09:14:54 -05:00

25 KiB
Raw Blame History

Service Providers

Provider Features

The table below shows various features supported, or not supported by DNSControl providers. This table is automatically generated from metadata supplied by the provider when they register themselves inside dnscontrol.

An empty space may indicate the feature is not supported by a provider, or it may simply mean the feature has not been investigated and implemented yet. If a feature you need is missing from a provider that supports it, we'd love your contribution to ensure it works correctly and add it to this matrix.

If a feature is definitively not supported for whatever reason, we would also like a PR to clarify why it is not supported, and fill in this entire matrix.

Jump to a table:

Provider Type

Provider name Official Support DNS Provider Registrar
ADGUARDHOME
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
AZURE_DNS
AZURE_PRIVATE_DNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
CNR
CSCGLOBAL
DESEC
DIGITALOCEAN
DNSIMPLE
DNSMADEEASY
DNSOVERHTTPS
DOMAINNAMESHOP
DYNADOT
EASYNAME
EXOSCALE
FORTIGATE
GANDI_V5
GCLOUD
GCORE
HEDNS
HETZNER
HETZNER_V2
HEXONET
HOSTINGDE
HUAWEICLOUD
INTERNETBS
INWX
JOKER
LINODE
LOOPIA
LUADNS
MYTHICBEASTS
NAMECHEAP
NAMEDOTCOM
NETCUP
NETLIFY
NS1
OPENSRS
ORACLE
OVH
PACKETFRAME
PORKBUN
POWERDNS
REALTIMEREGISTER
ROUTE53
RWTH
SAKURACLOUD
SOFTLAYER
TRANSIP
VULTR

Provider API

Provider name Concurrency Verified dual host create-domains get-zones
ADGUARDHOME
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
AZURE_DNS
AZURE_PRIVATE_DNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
CNR
CSCGLOBAL
DESEC
DIGITALOCEAN
DNSIMPLE
DNSMADEEASY
DNSOVERHTTPS
DYNADOT
EASYNAME
EXOSCALE
FORTIGATE
GANDI_V5
GCLOUD
GCORE
HEDNS
HETZNER
HETZNER_V2
HEXONET
HOSTINGDE
HUAWEICLOUD
INTERNETBS
INWX
JOKER
LINODE
LOOPIA
LUADNS
MYTHICBEASTS
NAMECHEAP
NAMEDOTCOM
NETCUP
NETLIFY
NS1
OPENSRS
ORACLE
OVH
PACKETFRAME
PORKBUN
POWERDNS
REALTIMEREGISTER
ROUTE53
RWTH
SAKURACLOUD
SOFTLAYER
TRANSIP
VULTR

DNS extensions

Provider name ALIAS DNAME LOC PTR SOA
ADGUARDHOME
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
AZURE_DNS
AZURE_PRIVATE_DNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
CNR
DESEC
DIGITALOCEAN
DNSIMPLE
DNSMADEEASY
DOMAINNAMESHOP
EXOSCALE
FORTIGATE
GANDI_V5
GCLOUD
GCORE
HEDNS
HETZNER
HETZNER_V2
HEXONET
HOSTINGDE
HUAWEICLOUD
INWX
JOKER
LINODE
LOOPIA
LUADNS
MYTHICBEASTS
NAMECHEAP
NAMEDOTCOM
NETCUP
NETLIFY
NS1
ORACLE
OVH
PACKETFRAME
PORKBUN
POWERDNS
REALTIMEREGISTER
ROUTE53
RWTH
SAKURACLOUD
SOFTLAYER
TRANSIP
VULTR

Service discovery

Provider name DHCID NAPTR SRV SVCB
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
AZURE_DNS
AZURE_PRIVATE_DNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
CNR
CSCGLOBAL
DESEC
DIGITALOCEAN
DNSIMPLE
DNSMADEEASY
DOMAINNAMESHOP
EXOSCALE
GANDI_V5
GCLOUD
GCORE
HEDNS
HETZNER
HETZNER_V2
HEXONET
HOSTINGDE
HUAWEICLOUD
INWX
JOKER
LOOPIA
LUADNS
MYTHICBEASTS
NAMECHEAP
NAMEDOTCOM
NETCUP
NETLIFY
NS1
ORACLE
OVH
PACKETFRAME
PORKBUN
POWERDNS
REALTIMEREGISTER
ROUTE53
RWTH
SAKURACLOUD
SOFTLAYER
TRANSIP
VULTR

Security

Provider name CAA HTTPS SMIMEA SSHFP TLSA
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
AZURE_DNS
AZURE_PRIVATE_DNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
CNR
CSCGLOBAL
DESEC
DIGITALOCEAN
DNSIMPLE
DNSMADEEASY
DOMAINNAMESHOP
EXOSCALE
GANDI_V5
GCLOUD
GCORE
HEDNS
HETZNER
HETZNER_V2
HEXONET
HOSTINGDE
HUAWEICLOUD
INWX
JOKER
LINODE
LOOPIA
LUADNS
MYTHICBEASTS
NAMECHEAP
NETCUP
NETLIFY
NS1
ORACLE
OVH
PORKBUN
POWERDNS
REALTIMEREGISTER
ROUTE53
RWTH
SAKURACLOUD
TRANSIP
VULTR

DNSSEC

Provider name AUTODNSSEC DNSKEY DS
AKAMAIEDGEDNS
AUTODNS
AXFRDDNS
BIND
BUNNY_DNS
CLOUDFLAREAPI
CLOUDNS
DESEC
DNSIMPLE
DNSMADEEASY
DOMAINNAMESHOP
GANDI_V5
GCORE
HEDNS
HETZNER
HETZNER_V2
HOSTINGDE
HUAWEICLOUD
INWX
JOKER
LOOPIA
NETLIFY
NS1
ORACLE
PORKBUN
POWERDNS
REALTIMEREGISTER
SAKURACLOUD
TRANSIP

Providers with "official support"

Official support means:

  • New releases will block if any of these providers do not pass integration tests.
  • The DNSControl maintainers prioritize fixing bugs in these providers (though we gladly accept PRs).
  • New features will work on these providers (unless the provider does not support it).
  • StackOverflow maintains test accounts with those providers for running integration tests.

Providers in this category and their maintainers are:

Name Maintainer
AZURE_DNS @vatsalyagoel
BIND @tlimoncelli
CLOUDFLAREAPI @tresni
CSCGLOBAL @mikenz
GCLOUD @riyadhalnur
ROUTE53 @tresni

Providers with "contributor support"

The other providers are supported by community members, usually the original contributor.

Due to the large number of DNS providers in the world, the DNSControl team can not support and test all providers. Test frameworks are provided to help community members support their code independently.

Expectations of maintainers:

  • Maintainers are expected to support their provider and/or help find a new maintainer.
  • Maintainers should set up test accounts and periodically verify that all tests pass (pkg/js/parse_tests and integrationTest).
  • Contributors are encouraged to add new tests and refine old ones. (Test-driven development is encouraged.)
  • Bugs will be referred to the maintainer or their designate.
  • Maintainers must be responsible to bug reports and PRs. If a maintainer is unresponsive for more than 2 months, we will consider disabling the provider. First we will put out a call for new maintainer. If nobody volunteers, the provider may be disabled.
  • Tom needs to know your real email address. Please email tlimoncelli at stack over flow dot com so he has it.

Providers in this category and their maintainers are:

Name Maintainer
ADGUARDHOME @ishanjain28
AZURE_PRIVATE_DNS @matthewmgamble
AKAMAIEDGEDNS @edglynes
AXFRDDNS @hnrgrgr
BUNNY_DNS @ppmathis
CLOUDFLAREAPI @tresni
CLOUDNS @pragmaton
CNR @KaiSchwarz-cnic
CSCGLOBAL @Air-New-Zealand
DESEC @D3luxee
DIGITALOCEAN @Deraen
DNSIMPLE @onlyhavecans
DNSMADEEASY @vojtad
DNSOVERHTTPS @mikenz
DOMAINNAMESHOP @SimenBai
EASYNAME @tresni
EXOSCALE @pierre-emmanuelJ
GANDI_V5 @TomOnTime
GCORE @xddxdd
HEDNS @rblenkinsopp
HETZNER @das7pad
HEXONET @KaiSchwarz-cnic
HOSTINGDE @membero
HUAWEICLOUD @huihuimoe
INTERNETBS @pragmaton
INWX @patschi
LINODE @koesie10
LOOPIA @systemcrash
LUADNS @riku22
NAMECHEAP @willpower232
NETCUP @kordianbruck
NETLIFY @SphericalKat
NS1 @costasd
OPENSRS @philhug
ORACLE @kallsyms
OVH @masterzen
PACKETFRAME @hamptonmoore
POWERDNS @jpbede
REALTIMEREGISTER @PJEilers
ROUTE53 @tresni
RWTH @MisterErwin
SAKURACLOUD @ttkzw
SOFTLAYER @jamielennox
TRANSIP @blackshadev
VULTR @pgaskin

Requested providers

We have received requests for the following providers. If you would like to contribute code to support this provider, we'd be glad to help in any way.

(The list below is sorted alphabetically.)

Q: Why are the above GitHub issues marked "closed"?

A: Following provider requests, the request is closed once it is added to this list. If someone chooses to implement the provider, they re-open the issue.

Q: Would someone write a provider for me?

A: The maintainer of DNSControl does not write new providers. New providers are contributed by the community.

DNSControl tries to make writing a provider as easy as possible. DNSControl does most of the work for you, you only have to write code to authenticate, download DNS records, and perform create/modify/delete operations on those records. Please read the directions for Writing new DNS providers. The DNS maintainers will gladly coach you through the process.