Do You Back Up Your DNS Records?

At the time of writing, Zerigo DNS is being hit by a DDOS attack (reference starting here on Twitter).

I was able to migrate our company’s services – SocialGrapes and SocialGrapesLAB – to DNSimple pretty quickly, mainly because I remembered most of our DNS settings. But still, I had no idea about some of the finer details, like mail server settings, and didn’t immediately remember to put back the records for our CDN.

So in the process of fixing all of this, I decided to add two simple tasks to my rake backup task. They may be useful to you too:

Requirements:

  • the Nokogiri Ruby gem
  • the dnsimple-ruby Ruby gem
  • curl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
namespace :backup do
  # ...

  namespace :dns do
    task :zerigo do
      require 'nokogiri'
      dir   = File.join( ENV['DNS_BACKUP_DIR'] || '.', 'zerigo' )
      user  = ENV['ZERIGO_USER']
      key   = ENV['ZERIGO_KEY']

      `mkdir -p #{dir}`

      list = `curl --user #{user}:#{key} http://ns.zerigo.com/api/1.1/zones.xml`
      File.open( File.join(dir, '_list.xml'), 'w') {|f| f.write list}

      Nokogiri::XML(list).css('zones zone').each do |node|
        id      = node.css('id').text
        domain  = node.css('domain').text
        output  = File.join(dir, "#{domain}.xml")
        puts "#{domain} (#{id}) => #{output}"

        `curl --user #{user}:#{key} -o "#{output}" http://ns.zerigo.com/api/1.1/zones/#{id}/hosts.xml`
      end
    end

    task :dnsimple do
      dir   = File.join( ENV['DNS_BACKUP_DIR'] || '.', 'dnsimple' )
      user  = ENV['DNSIMPLE_USER']
      key   = ENV['DNSIMPLE_KEY']

      `mkdir -p #{dir}`

      list = `dnsimple -u #{user} -p #{key} list`
      File.open( File.join(dir, '_list.txt'), 'w') {|f| f.write list}

      list.lines.map(&:strip).each do |domain|
        next if domain =~ /Found .* domain/

        output = File.join(dir, "#{domain}.txt")
        puts "#{domain} => #{output}"

        `dnsimple -u #{user} -p #{key} record:list #{domain} > "#{output}"`
      end
    end
  end


  desc "backup dns records from all services"
  task :dns => ['dns:zerigo', 'dns:dnsimple']
end

desc "Run all backup tasks FROM=env (default production)"
task :backup => ['backup:dns', 'backup:database', 'backup:images']

To reuse this, you should install all dependencies, then set up the following environment variables:

  • DNSIMPLE_USER (your account’s email)
  • DNSIMPLE_KEY (not the API key, but the password, unfortunately)
  • ZERIGO_USER (your account’s email)
  • ZERIGO_KEY (your account’s api key. Turn on api access in Manage account / DNS / preferences)
  • optionally, DNS_BACKUP_DIR

Obviously all of this is an almost trivial backup that will only help you restore things manually when things go bad. You may want to replicate any new record to a secondary service, but I chose not to. I’m comfortable with this situation, since rating wines you love or dislike is not considered critical ;-)

So, do you back up your DNS records?

Comments