PDNS Manager

FAQ

What it does

  • Manage multiple PowerDNS servers (4.x) in parallel – with connection tests, in-place edit in settings, cross-server search.
  • Zones + records – common types via form; ALIAS, DNAME, SVCB/HTTPS and all DNSSEC records as RDATA text with hints.
  • DNSSEC on/off per zone.
  • Zone templates with NS, SOA and default records.
  • Multi-server on a shared DB – per server entry whether it actually writes.
  • Users with two roles, read/full access per zone.
  • Audit log with timestamp + user; CSV export.
  • SMTP for password reset and welcome mail.
  • Welcome mail with placeholders and live preview.
  • Optional captcha on login, registration and password reset.
  • Branding (app name, tagline, logo).
  • Multilingual UI: DE, EN, SR, HR, BS, HU.
  • Mobile friendly.
  • ACME / auto-TLS with scoped API tokens.

What it deliberately doesn't

  • No DHCP, no recursor, no slave-setup tool – this manages authoritative zones.
  • No multi-tenant separation (no isolated "customers").
  • No built-in reverse proxy / TLS – use Caddy / nginx / Traefik in front.

License?

MIT. Usable in commercial settings, no copyleft strings attached.

Which PowerDNS versions?

Tested with PowerDNS Authoritative 4.x. As long as the HTTP API stays compatible 5.x should work too – open an issue if anything breaks.

Which backends?

That's a PowerDNS choice, not the panel's. Real-world tested: gmysql, gpgsql, gsqlite3. As long as PowerDNS exposes the HTTP API and serves records via it, the manager doesn't care about the backend.

Need internet during install?

Yes – for git clone/tarball fallback and pulling container images (MariaDB + build deps). After first start everything runs offline until you update.

Can I contribute a language?

Yes – see Languages for the workflow.

Where's the API doc?

Right here under Panel API, plus the optional interactive OpenAPI docs at /docs (when DOCS_ENABLED=true).

Which data goes to which third party?

  • By default: none. The manager doesn't phone home.
  • If you enable captcha, the provider sees login IPs and browser headers.
  • If you set up webhooks, change payloads go to your endpoint.
  • If you use SMTP with an external provider, they see mail content and recipients.

Bug or feature request?

Open an issue on GitHub. For larger work please discuss first so the PR doesn't sit in review.