====== DNSViz at home ======
DNSViz is a powerful utility when you want to check you DNSSEC setup for your domains. DNSSEC is difficult to manage and makes a hard protocol (DNS) even harder.

You can find the online version of this tool [[https://dnsviz.net|here]]

===== Preparations =====
I love Docker so that's how I choose to run it.
First of all you of course need to have Docker installed.

Next, you can either clone the project on Github or download [[https://github.com/dnsviz/dnsviz/tree/master/external|external]] dependencies manually.

I find it easiest to clone the project:
<code>
git clone https://github.com/dnsviz/dnsviz.git
</code>

Say you want to save the output to "/home/user1/dns" create the directory structure with this command:
<code>
mkdir -p /home/user1/dns/web
</code>

Go into the "dnsviz/external" folder on the local git clone and copy all *.js and *.css into "/home/user1/dns/web" folder.

===== Run script =====
I use the following script to run a test on a domain:
<file>
#!/usr/bin/env bash

z=example.com

docker run --network host -v "$PWD:/data:rw" dnsviz/dnsviz \
        probe -A -a . --nsid --pretty-output -o $z.json $z

docker run -v "$PWD:/data:rw" dnsviz/dnsviz \
        graph -r $z.json -T png -O

docker run -v "$PWD:/data:rw" dnsviz/dnsviz \
        graph -r $z.json -T html -O

# Modify the output html file with the matching directory for the js and css files.
sed -i -e 's,file:///usr/share/dnsviz/css,web,' \
    -e 's,file:///usr/share/dnsviz/js,web,' $z.html
</file>

Make it executable:
<code>
chmod +x run.sh
</code>

Before you run it change the "z" parameter to the domain you want to test and make sure you save the script in the directory "home/user1/dns".

Also, remember to run the script as root otherwise Docker complains.

The script will output three files, example.com.html, example.com.png and example.com.json. You basically only need to open the html file in a browser to see the result.

===== Single commands =====
You can run the queries by hand but you will have to handle the input and output of files yourself.

Fx. you could make a simple lookup like this:
<code>
sudo docker run dnsviz/dnsviz query example.com
</code>