Steven Van Acker

E-mail: steven AT singularity DOT be
Gothenburg, Sweden

from the abstract to the specific

14 Apr 2006 I'm sick of building web interfaces to do all kinds of administrative tasks (KULeuvenNet internal)
At this moment, I'm trying to work out a system that allows decentralised sysadmins to edit their DNS information using a secure support site.

When people think of such an interface, they expect that it has a lot of functionality. A list with domains they can edit, with links to edit the SOA section. An overview of all zone entries. And then a lot of logic between the lot of it to make their life easier.

Well yes, I could make a page where you have to jump between fields and then press "submit" to make a single entry. And I could do automatic checking of IP's and see if a hostname isn't already mentioned. I could automagically update the timestamp on each SOA section.

But I'm lazy

Instead of doing all the above, I will present the sysadmin with a single text box containing her raw zone information. It's up to the sysadmins to learn to edit it then.

And since I'm lazy, I don't plan to implement this myself ofcourse.
On top of that, I want the interface to be very generic. Besides DNS, I also want to include firewall rules at a later stage. And maybe DHCP config too.

The interface should be pretty simple. Users must be able to login (and logout!) preferably a system that can support shibboleth. Users must be presented with a page containing links to config-sections they can edit. They should only be able to edit those sections...
Furthermore, a record should be kept (version control system) of all changes. The software should allow grouping of users if possible. The config-sections should be easy to extract by a backend.

If possible, the system should allow custom filters (like in drupal) that can sanity check the config-sections once they are saved. This would give direct feedback to the users.

All of this should be configurable by the backend, not by a website (all our configuration is stored centrally and I don't like web-interfaces for administration)
The system should preferably be written in PHP and it should be simple and secure (KISS)

So, on of the first things that pops into mind is a Wiki. The wiki should have a decent access control system. But besides that, most features are implicitely included in a wiki.

I'm now looking at different wiki's (you wouldn't believe how many are out there! Check out these sites: http://en.wikipedia.org/wiki/Comparison_of_wiki_software, http://wikimatrix.org/, http://freewiki.info/)

These look interesting:
PMWiki, DokuWiki