Add support for NetBox DNS Plugin

README.md

@@ -1,7 +1,13 @@
 # coredns-netbox-plugin
 
-This plugin gets an A record from NetBox[1]. It uses the REST API of netbox
-to ask for a an IP address of a hostname:
+This plugin gets records from NetBox[1] either native or netbox-plugin-dns[2].
+
+Supported records with legacy API are: A, AAAA, PTR
+
+Supported records with [Netbox DNS Plugin](https://github.com/peteeckel/netbox-plugin-dns)
+currently are: A, AAAA, PTR, NS, SOA, MX, TXT, CNAME
+
+It uses the REST API of netbox to ask for a an IP address of a hostname:
 
 ```
 curl https://netbox.example.org/api/ipam/ip-addresses/?dns_name=example-vm-host
@@ -29,9 +35,100 @@ curl https://netbox.example.org/api/ipam/ip-addresses/?dns_name=example-vm-host
 }
 ```
 
+```
+curl https://netbox.example.org/api/plugins/netbox-dns/records/?zone=example.org&qfdn=netbox.example.org&active=true
+
+{
+    "count": 1,
+    "next": null,
+    "previous": null,
+    "results": [
+        {
+            "id": 1,
+            "url": "https://netbox.example.org/api/plugins/netbox-dns/records/1/",
+            "zone": {
+                "id": 1,
+                "url": "https://netbox.example.org/api/plugins/netbox-dns/zones/1/",
+                "display": "decp.nepgroup.io",
+                "name": "decp.nepgroup.io",
+                "view": {
+                    "id": 1,
+                    "url": "https://netbox.example.org/api/plugins/netbox-dns/views/1/",
+                    "display": "_default_",
+                    "name": "_default_",
+                    "default_view": true,
+                    "description": "Default View"
+                },
+                "status": "active",
+                "active": true,
+                "rfc2317_prefix": null
+            },
+            "display": "netbox.example.org [A]",
+            "type": "A",
+            "name": "netbox",
+            "fqdn": "netbox.example.org.",
+            "value": "192.168.0.1",
+            "status": "active",
+            "ttl": null,
+            "description": "",
+            "tags": [],
+            "created": "2025-03-21T08:55:12.590626Z",
+            "last_updated": "2025-03-21T08:55:12.590629Z",
+            "managed": true,
+            "disable_ptr": false,
+            "ptr_record": {
+                "id": 41,
+                "url": "https://netbox.example.org/api/plugins/netbox-dns/records/2/",
+                "display": "1.0.168.192.in-addr.arpa [PTR]",
+                "type": "PTR",
+                "name": "1",
+                "value": "netbox.example.org.",
+                "status": "active",
+                "ttl": null,
+                "zone": {
+                    "id": 3,
+                    "url": "https://netbox.example.org/api/plugins/netbox-dns/zones/2/",
+                    "display": "168.192.in-addr.arpa",
+                    "name": "168.192.in-addr.arpa",
+                    "view": {
+                        "id": 1,
+                        "url": "https://netbox.example.org/api/plugins/netbox-dns/views/1/",
+                        "display": "_default_",
+                        "name": "_default_",
+                        "default_view": true,
+                        "description": "Default View"
+                    },
+                    "status": "active",
+                    "active": true,
+                    "rfc2317_prefix": null
+                },
+                "managed": true,
+                "active": null
+            },
+            "address_record": null,
+            "active": true,
+            "custom_fields": {},
+            "tenant": null,
+            "ipam_ip_address": {
+                "id": 21,
+                "url": "https://netbox.example.org/api/ipam/ip-addresses/1/",
+                "display": "192.168.0.1/24",
+                "family": {
+                    "value": 4,
+                    "label": "IPv4"
+                },
+                "address": "192.168.0.1/24",
+                "description": ""
+            },
+            "absolute_value": "192.168.0.1"
+        }
+    ]
+}
+```
+
 ## Enabling
 
-To activate the *netbox* plugin you need to compile CoreDNS with the plugin added
+To activate the _netbox_ plugin you need to compile CoreDNS with the plugin added
 to `plugin.cfg`
 
 ```
@@ -42,10 +139,10 @@ netbox:github.com/oz123/coredns-netbox-plugin
 
 The ordering of plugins in the `plugin.cfg` file is important to ensure you
 get the behaviour you expect when using multiple plugins in a
-[Corefile server block][2].
+[Corefile server block][3].
 
 For example, in order to utilise the native cache plugin, ensure that you add
-the *netbox* plugin _after_ `cache:cache` but _before_ any plugins you want to
+the _netbox_ plugin _after_ `cache:cache` but _before_ any plugins you want to
 be able to fall-through to (eg `file:file` or `forward:forward`).
 
 ## Syntax
@@ -59,46 +156,50 @@ netbox [ZONES...] {
 }
 ```
 
-* **ZONES** zones that the *netbox* should be authoritative for.
-* `token` **TOKEN** sets the API token used to authenticate against NetBox
+- **ZONES** zones that the _netbox_ should be authoritative for.
+  If you use DNS Plugin for Netbox you MUST specify a zone
+- `token` **TOKEN** sets the API token used to authenticate against NetBox
   (**REQUIRED**).
-* `url` **URL** defines the URL *netbox* should query. This URL must be
-  specified in full as `SCHEME://HOST/api/ipam/ip-addresses` (**REQUIRED**).
-* `tls` is followed by:
-  * no arguments, if the server certificate is signed by a system-installed
+- `url` **URL** defines the URL _netbox_ should query. This URL must be
+  specified as `SCHEME://HOST` (**REQUIRED**).
+- `tls` is followed by:
+
+  - no arguments, if the server certificate is signed by a system-installed
     CA and no client cert is needed (this is the default if HTTPS is used).
-  * a single argument that is the CA PEM file, if the server cert is not
+  - a single argument that is the CA PEM file, if the server cert is not
     signed by a system CA and no client cert is needed.
-  * two arguments - path to cert PEM file, the path to private key PEM file -
+  - two arguments - path to cert PEM file, the path to private key PEM file -
     if the server certificate is signed by a system-installed CA and a client
     certificate is needed.
-  * three arguments - path to cert PEM file, path to client private key PEM
+  - three arguments - path to cert PEM file, path to client private key PEM
     file, path to CA PEM file - if the server certificate is not signed by a
     system-installed CA and client certificate is needed.
-  
+
   These options set certificate verification method for the NetBox server if
   HTTPS is used to access the API.
 
-* `ttl` **DURATION** defines the TTL of records returned from *netbox*. Default
+- `ttl` **DURATION** defines the TTL of records returned from _netbox_. Default
   is 1h (3600s).
-* `timeout` **DURATION** defines the HTTP timeout for API requests against
+- `timeout` **DURATION** defines the HTTP timeout for API requests against
   NetBox. Default is 5s.
-* `fallthrough` If a zone matches but no record can be generated, pass request
-to the next plugin. If **[ZONES…]** is omitted, then fallthrough happens for
-all zones for which the plugin is authoritative. If specific zones are listed
-then only queries for those zones will be subject to fallthrough.
+- `fallthrough` If a zone matches but no record can be generated, pass request
+  to the next plugin. If **[ZONES…]** is omitted, then fallthrough happens for
+  all zones for which the plugin is authoritative. If specific zones are listed
+  then only queries for those zones will be subject to fallthrough.
 
 The config parameters `token`, `url` and `localCacheDuration` are required.
 
 ## Examples
 
+### LEGACY
+
 Send all requests to NetBox:
 
 ```
 . {
     netbox {
         token SuperSecretNetBoxAPIToken
-        url https://netbox.example.org/api/ipam/ip-addresses
+        url https://netbox.example.org
     }
 }
 ```
@@ -110,41 +211,71 @@ plugin in order to respond to unsupported record types (ie `SOA`, `NS` etc):
 . {
     netbox example.org {
         token SuperSecretNetBoxAPIToken
-        url https://netbox.example.org/api/ipam/ip-addresses
+        url https://netbox.example.org
         fallthrough
     }
     file db.example.org
 }
 
 ```
 
-Handle all requests with *netbox* and fall-through to the `forward`
+Handle all requests with _netbox_ and fall-through to the `forward`
 plugin for requests within `example.org` with caching via the `cache` plugin:
 
 ```
 . {
     netbox {
         token SuperSecretNetBoxAPIToken
-        url https://netbox.example.org/api/ipam/ip-addresses
+        url https://netbox.example.org
         fallthrough example.org
     }
     forward . 1.1.1.1 1.0.0.1
     cache
 }
 ```
 
+### WITH NETBOX DNS PLUGIN
+
+Send requests within `example.org` to NetBox and fall-through to the `file`
+plugin in order to respond to unsupported record types:
+
+```
+. {
+    netbox example.org {
+        token SuperSecretNetBoxAPIToken
+        url https://netbox.example.org
+        fallthrough
+    }
+    file db.example.org
+}
+
+```
+
+Resolve requests within `example.org` and PTR for `0.168.192.in-addr.arpa` with NetBox
+
+```
+. {
+    netbox example.org 0.168.192.in-addr.arpa {
+        token SuperSecretNetBoxAPIToken
+        url https://netbox.example.org
+    }
+}
+
+```
+
 ## Changelog
 
 0.2 - Cleanup add IPv6 support
-
- * Refactor query.go
- * Add tests for IPv6
- * Enable IPv6 in ``query.go``
 
-0.1 - Initial Naive release
+- Refactor query.go
+- Add tests for IPv6
+- Enable IPv6 in `query.go`
+
+  0.1 - Initial Naive release
+
+- Got it somehow working
+- Gather feedback
 
- * Got it somehow working 
- * Gather feedback
 ## Developing locally
 
 You can test the plugin functionallity with CoreDNS by adding the following to
@@ -167,6 +298,6 @@ Host YourHost
 
 This plugin is heavily based on the code of the redis-plugin for CoreDNS.
 
-
 [1]: https://netbox.readthedocs.io/en/stable/
-[2]: https://coredns.io/manual/toc/#server-blocks
+[2]: https://github.com/peteeckel/netbox-plugin-dns
+[3]: https://coredns.io/manual/toc/#server-blocks

examples/Corefile-reverse-zone-authority

@@ -12,12 +12,27 @@
 
   netbox {
     token 0123456789abcdef0123456789abcdef01234567
-    url http://localhost:8000/api/ipam/ip-addresses
+    url http://localhost:8000
     fallthrough
   }
 
   cache 300 # see docs for the cache Plugin about config
 }
 
 # To make coredns authoritative for reverse zone you need to have soa record provided by template plugin
-# and netbox plugin handled ptr record resolution via netbox api
+# and netbox plugin handled ptr record resolution via netbox api
+# UPDATE: This only applies if you don't use netbox_plugin_dns
+
+# In case of netbox_plugin_dns is used:
+
+. {
+  debug
+
+  netbox example.org 0.168.192.in-addr.arpa {
+    token 0123456789abcdef0123456789abcdef01234567
+    url http://localhost:8000
+    fallthrough
+  }
+
+  cache 300 # see docs for the cache Plugin about config
+}

examples/Corefile-with-cache

@@ -1,10 +1,22 @@
 # cache, if entry is found it will be saved in the cache and not be
 # asked again
+
+# WITHOUT netbox_dns_plugin:
 . {
   debug
   netbox {
     token 0123456789abcdef0123456789abcdef01234567
-    url http://localhost:8000/api/ipam/ip-addresses
+    url http://localhost:8000
+  }
+  cache 300  # see docs for the cache Plugin about config
+}
+
+# WITH netbox_dns_plugin:
+. {
+  debug
+  netbox example.com {
+    token 0123456789abcdef0123456789abcdef01234567
+    url http://localhost:8000
   }
   cache 300  # see docs for the cache Plugin about config
 }

examples/Corefile-with-forwarding

@@ -5,14 +5,24 @@
 # NOTE: Thix example assumes that netbox was added to plugin.cfg before
 # forward.
 #
+# WITHOUT netbox_plugin_dns
 . {
    netbox {
      token 0123456789abcdef0123456789abcdef01234567
-     url http://localhost:8000/api/ipam/ip-addresses
+     url http://localhost:8000
      ttl 1800s
      fallthrough
    }
    forward . 1.1.1.1 1.0.0.1
 }
 
-
+# WITH netbox_plugin_dns
+. {
+   netbox example.com {
+     token 0123456789abcdef0123456789abcdef01234567
+     url http://localhost:8000
+     ttl 1800s
+     fallthrough
+   }
+   forward . 1.1.1.1 1.0.0.1
+}