Support domains/zones

[ghost]

Basically what it says on the tin. For me personally it's just about the zone aspect of a dnsimple domain (i.e. state=hosted) -- I do registrations with a different provider and only use dnsimple for DNS itself. It does look like you can only create domains with state=hosted through the API anyway.

[weppos]

Can you clarify what you mean? AFAIK, the current provider supports creating zones and records.

As for zones (domains) with a not hosted state, the API support domain registration and transfer: https://developer.dnsimple.com/v2/registrar/

[ghost]

I'm under the impression the provider can only create records. The only available resource is dnsimple_record, and attaching a record to a non-existing zone ends up with an error:

* dnsimple_record.records: Failed to create DNSimple Record: POST https://api.dnsimple.com/v2/$account/zones/$zone/records: 404 Domain `$zone` not found

[weppos]

Oh, I see what you are saying. That's correct, I think that you need to have the zone already present (as of today).

[Nowaker]

This is really needed. AWS Route53 equivalent: https://www.terraform.io/docs/providers/aws/r/route53_zone.html

[nbering]

Zones are read-only in the DNSimple API. Would it make more sense to have a data resource for Zones, rather than a regular writable resource?

[nbering]

Just to add to my previous... a Domain is read/create/delete... so it can be made as a Terraform resource. But most registrars have a bunch of email validation and stuff that happens behind the scenes that make them very un-Terraform in their operation. There is precedent for Terraform providers to refuse implementation of certain features because they don't fit in automated flows.

[ghost]

In my case it's just about "hosted" domains, where we use DNSimple purely for DNS, and not as a registrar. So the step I'm currently doing manually for every new zone is only entering a zone name.

[Nowaker]

Zones are NOT read only in Dnsimple API, it'd be extremely stupid to have it like that. They call it a domain in API because you can also register them via API, but you don't have to, which results in just crating a zone. And this is an equivalent of AWS.route53_zone. https://developer.dnsimple.com/v2/domains/ +1 @lgierth

[ghost]

it'd be extremely stupid to have it like that

Please - no need to escalate the tone. There's a ton of different reasons for why any API or other interface is (currently) the way it is - context matters.

[Nowaker]

I meant: Zones are NOT read only in Dnsimple API, it'd be extremely stupid [for Dnsimple API] to have it [zones] like that [readonly]. No single word about this TF provider! I've been using it since its very early versions and I'm happy it exists.

[nbering]

The DNSimple API is pretty fuzzy about parameters accepted for Domain creation. And really... it wouldn't be that unusual for an API to be feature incomplete compared to a UI. Some things become very complex when you try to automate away details like optional validations or conditional steps in a workflow.

[nbering]

Ok. I see where some of my mix-up was there. Domain has a create method, but there's also a registration section which is a separate API route.

https://developer.dnsimple.com/v2/domains/ https://developer.dnsimple.com/v2/registrar/

[Nowaker]

Exactly, Dnsimple API for creating zones is dead simple. It's called "create a domain" and accepts one parameter -name - and is equivalent of this web form:

Registering domains isn't probably in the scope of Terraform providers. (But I wouldn't mind a register_if_not_present = true at some point)

[weppos]

Let me clarify a bit here.

In DNSimple we have zones AND domains. From an API point of view, today, they are almost the same thing. However, they are separate entities for a reason: a domain always belong to a zone, but a zone can or cannot have a domain.

There are 2 types of zones: forward zones (the normal ones) and reverse zones (ARPA). Reverse zones don't have a domain attached. We don't support managing reverse zones via API yet, because of some internal changes we haven't completed yet to transition reverse zones to a single zone management code.

In the past, we used arpa zones (for reverse zones) and domains (for forward zones). Hence the reason of the confusion and the fact still today you cannot create a zone but you create a domain, that in turn create a (forward) zones.

Once we'll complete the cleanup, we'll likely expand the zone management capability (create/delete/update a zone). It's still not defined how the creation of a domain and the corresponding forward zone (or vice-versa) will work. We are trying to find a way to avoid confusion for API users.

But I hope this explanation sheds some light.

Today, in the API you create a domain (which also creates and makes a forward zone available). Then you can GET a domain (as the domain has a bunch of non-DNS entities connected) and you can also GET the zone (which in turns has a bunch of DNS entities connected).

Both share the same name, but as they are separate entities they have different IDs.

[nbering]

@weppos Thanks for the clarification. I think what matters most for this issue is whether there is a way to implement a resource for a domain, that makes sense for how Terraform users would interact with the service, and would avoid the bulk of the impact from planned changes to the API?

From the sounds of it, it would seem most reasonable to have a Domain resource, and add read-only attributes to be able to reference the Zone on the new domain.

Given the nature of domain registrations having a year or multi-year lifespan, and a varied cost associated with them, I can't imagine a lot of people wanting to do domain registrations from Terraform. So perhaps registrations can be left out of scope.

[Nowaker]

@weppos Any news on support for dnsimple_zone in the provider? Is it planned for 2018? We're now considering moving to AWS provider if this isn't on a roadmap and likely to be implemented somewhat soon.

[weppos]

@Nowaker FYI I just jumped in the conversation to share some details about the domain/zone at DNSimple, I'm not actively involved in this issue.

[Nowaker]

@weppos Oh, sorry, I misinterpreted your "collaborator" label.

[ecomba]

Closed as per #44