wip

2021-11-06 08:03:48 +01:00 · 2021-11-06 08:03:48 +01:00 · 7cbc8e1029
commit 7cbc8e1029
parent 9035f8c445
3 changed files with 5 additions and 3 deletions
--- a/bundles/bind-acme/metadata.py
+++ b/bundles/bind-acme/metadata.py
@ -33,11 +33,12 @@ def acme_records(metadata):
                            for name in {
                                record['name'] if record['name'] != '@' else ''
                                    for record in conf['records']
-                                    if '._domainkey' not in record['name']
+                                    if f"{record['name']}.{zone}" in metadata.get('letsencrypt/domains')
                            }
                    }
                }
                    for zone, conf in metadata.get('bind/zones').items()
+                    if zone != metadata.get('bind/acme_hostname')
            },
        },
    }
--- a/bundles/bind/files/db
+++ b/bundles/bind/files/db
@ -11,8 +11,8 @@ $TTL 600
        900        ;Negative response caching TTL
 )

-% for record in sorted(records, key=lambda r: (r['name'], r['type'], r['value'])):
-${(record['name'] or '@').ljust(column_width('name', records))} \
+% for record in sorted(records, key=lambda r: (tuple(reversed(r['name'].split('.'))), r['type'], r['value'])):
+(${(record['name'] or '@').rjust(column_width('name', records))}) \
 IN \
 ${record['type'].ljust(column_width('type', records))} \
    % if record['type'] == 'TXT':
--- a/bundles/bind/items.py
+++ b/bundles/bind/items.py
@ -151,6 +151,7 @@ for view in views:
            'group': 'bind',
            'source': 'db',
            'content_type': 'mako',
+            'unless': f"test -f /var/lib/bind/{view['name']}/db.{zone}" if 'keys' in conf else 'false',
            'context': {
                'view': view['name'],
                'serial': datetime.now().strftime('%Y%m%d%H'),