2019-12-04 11:50:46 +07:00
### API Usage
2021-12-03 14:12:11 +00:00
#### Getting started with docker
2019-12-04 11:50:46 +07:00
1. Run docker image docker-compose up, go to UI http://localhost:9191, at http://localhost:9191/swagger is swagger API specification
2. Click to register user, type e.g. user: admin and password: admin
3. Login to UI in settings enable allow domain creation for users, now you can create and manage domains with admin account and also ordinary users
2021-12-03 14:12:11 +00:00
4. Click on the API Keys menu then click on teh "Add Key" button to add a new Administrator Key
5. Keep the base64 encoded apikey somewhere safe as it won't be available in clear anymore
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
#### Accessing the API
The PDA API consists of two distinct parts:
- The /powerdnsadmin endpoints manages PDA content (accounts, users, apikeys) and also allow domain creation/deletion
- The /server endpoints are proxying queries to the backend PowerDNS instance's API. PDA acts as a proxy managing several API Keys and permissions to the PowerDNS content.
The requests to the API needs two headers:
- The classic 'Content-Type: application/json' is required to all POST and PUT requests, though it's armless to use it on each call
- The authentication header to provide either the login:password basic authentication or the Api Key authentication.
When you access the `/powerdnsadmin` endpoint, you must use the Basic Auth:
```bash
# Encode your user and password to base64
2019-12-04 11:50:46 +07:00
$ echo -n 'admin:admin'|base64
YWRtaW46YWRtaW4=
2021-12-03 14:12:11 +00:00
# Use the ouput as your basic auth header
curl -H 'Authorization: Basic YWRtaW46YWRtaW4=' -X < method > < url >
2019-12-04 11:50:46 +07:00
```
2021-12-03 14:12:11 +00:00
When you access the `/server` endpoint, you must use the ApiKey
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
# Use the already base64 encoded key in your header
curl -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' -X < method > < url >
2019-12-04 11:50:46 +07:00
```
2021-12-03 14:12:11 +00:00
Finally, the `/sync_domains` endpoint accepts both basic and apikey authentication
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
#### Examples
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
Creating domain via `/powerdnsadmin` :
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
curl -L -vvv -H 'Content-Type: application/json' -H 'Authorization: Basic YWRtaW46YWRtaW4=' -X POST http://localhost:9191/api/v1/pdnsadmin/zones --data '{"name": "yourdomain.com.", "kind": "NATIVE", "nameservers": ["ns1.mydomain.com."]}'
2019-12-04 11:50:46 +07:00
```
2021-12-03 14:12:11 +00:00
Creating an apikey which has the Administrator role:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
# Create the key
curl -L -vvv -H 'Content-Type: application/json' -H 'Authorization: Basic YWRtaW46YWRtaW4=' -X POST http://localhost:9191/api/v1/pdnsadmin/apikeys --data '{"description": "masterkey","domains":[], "role": "Administrator"}'
2019-12-04 11:50:46 +07:00
```
2021-12-03 14:12:11 +00:00
Example response (don't forget to save the plain key from the output)
```json
[
{
"accounts": [],
"description": "masterkey",
"domains": [],
"role": {
"name": "Administrator",
"id": 1
},
"id": 2,
"plain_key": "aGCthP3KLAeyjZI"
}
]
2019-12-04 11:50:46 +07:00
```
2021-12-03 14:12:11 +00:00
We can use the apikey for all calls to PowerDNS (don't forget to specify Content-Type):
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
Getting powerdns configuration (Administrator Key is needed):
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -L -vvv -H 'Content-Type: application/json' -H 'X-API-KEY: YUdDdGhQM0tMQWV5alpJ' -X GET http://localhost:9191/api/v1/servers/localhost/config
```
2021-12-03 14:12:11 +00:00
Creating and updating records:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -X PATCH -H 'Content-Type: application/json' --data '{"rrsets": [{"name": "test1.yourdomain.com.","type": "A","ttl": 86400,"changetype": "REPLACE","records": [ {"content": "192.0.2.5", "disabled": false} ]},{"name": "test2.yourdomain.com.","type": "AAAA","ttl": 86400,"changetype": "REPLACE","records": [ {"content": "2001:db8::6", "disabled": false} ]}]}' -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' http://127.0.0.1:9191/api/v1/servers/localhost/zones/yourdomain.com.
```
2021-12-03 14:12:11 +00:00
Getting a domain:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -L -vvv -H 'Content-Type: application/json' -H 'X-API-KEY: YUdDdGhQM0tMQWV5alpJ' -X GET http://localhost:9191/api/v1/servers/localhost/zones/yourdomain.com
```
2021-12-03 14:12:11 +00:00
List a zone's records:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -H 'Content-Type: application/json' -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' http://localhost:9191/api/v1/servers/localhost/zones/yourdomain.com
```
2021-12-03 14:12:11 +00:00
Add a new record:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -H 'Content-Type: application/json' -X PATCH --data '{"rrsets": [ {"name": "test.yourdomain.com.", "type": "A", "ttl": 86400, "changetype": "REPLACE", "records": [ {"content": "192.0.5.4", "disabled": false } ] } ] }' -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' http://localhost:9191/api/v1/servers/localhost/zones/yourdomain.com | jq .
```
2021-12-03 14:12:11 +00:00
Update a record:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -H 'Content-Type: application/json' -X PATCH --data '{"rrsets": [ {"name": "test.yourdomain.com.", "type": "A", "ttl": 86400, "changetype": "REPLACE", "records": [ {"content": "192.0.2.5", "disabled": false, "name": "test.yourdomain.com.", "ttl": 86400, "type": "A"}]}]}' -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' http://localhost:9191/api/v1/servers/localhost/zones/yourdomain.com | jq .
```
2021-12-03 14:12:11 +00:00
Delete a record:
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
2019-12-04 11:50:46 +07:00
curl -H 'Content-Type: application/json' -X PATCH --data '{"rrsets": [ {"name": "test.yourdomain.com.", "type": "A", "ttl": 86400, "changetype": "DELETE"}]}' -H 'X-API-Key: YUdDdGhQM0tMQWV5alpJ' http://localhost:9191/api/v1/servers/localhost/zones/yourdomain.com | jq
```
### Generate ER diagram
2021-12-03 14:12:11 +00:00
With docker
2019-12-04 11:50:46 +07:00
2021-12-03 14:12:11 +00:00
```bash
# Install build packages
apt-get install python-dev graphviz libgraphviz-dev pkg-config
# Get the required python libraries
2019-12-04 11:50:46 +07:00
pip install graphviz mysqlclient ERAlchemy
2021-12-03 14:12:11 +00:00
# Start the docker container
2019-12-04 11:50:46 +07:00
docker-compose up -d
2021-12-03 14:12:11 +00:00
# Set environment variables
2019-12-04 11:50:46 +07:00
source .env
2021-12-03 14:12:11 +00:00
# Generate the diagrams
2019-12-04 11:50:46 +07:00
eralchemy -i 'mysql://${PDA_DB_USER}:${PDA_DB_PASSWORD}@'$(docker inspect powerdns-admin-mysql|jq -jr '.[0].NetworkSettings.Networks.powerdnsadmin_default.IPAddress')':3306/powerdns_admin' -o /tmp/output.pdf
```