# DNS

The DNS component does several things:

1. It uses CoreDNS as a split-DNS nameserver for resolving local handles.
2. It provides a small HTTP application for generating new handles for testing purposes.

## Configuration

This service makes API calls to the local PDS and also exists on a tailscale network.

Copy `docker-compose.example.yml` to `docker-compose.yml` and make the following changes:

* Set the `PDS_ADMIN_PASSWORD` environment variable to your PDS admin password.
* Set the `PDS_HOSTNAME` to the internal hostname of your PDS. (i.e. `pds.sneaky-fox.ts.net`)
* Optionally, if you are not using the `pyroclastic.cloud` domain (it's fine to leave this as-is) then change that.
* Optional, set the `TS_AUTHKEY` if you are using one.

## Operation

1. First, build the `didadmin` tool.

    `docker build -f ./didadmin/Dockerfile -t didadmin ./didadmin/`

3. Bring networking up.

    `docker compose up tailscale -d`

    If you are using dynamic machine authentication, you'll need to view the logs and click on the link.

    `docker compose logs tailscale`

4. Generate an SSL certificate for the node. Be sure to change `internal.ts.net` to whatever your Tailnet name is (i.e. `sneaky-fox.ts.net`)

    `docker compose exec tailscale /bin/sh -c "tailscale cert --cert-file /mnt/tls/cert.pem --key-file /mnt/tls/cert.key didadmin.internal.ts.net"`

5. Bring didadmin up.

    `docker compose up app -d`

    When this first starts, it'll create the `/etc/coredns/database.db` and `/etc/coredns/Corefile` files inside the container.

6. Bring coredns and the proxy up. 

    `docker compose up -d`

7. Ensure the PLC and PDS services are running, and split-DNS is configured before using.

## Usage

In a browser, visit https://didadmin.sneaky-fox.ts.net/ and use the form to create accounts on the local PDS.