wip

2021-07-08 00:32:32 +02:00 · 2021-07-08 00:32:32 +02:00 · 9152574276
commit 9152574276
parent ddf331f4f0
7 changed files with 35 additions and 7 deletions
--- a/bundles/bind/items.py
+++ b/bundles/bind/items.py
@ -23,6 +23,9 @@ files['/etc/default/bind9'] = {
 files['/etc/bind/named.conf'] = {
    'owner': 'root',
    'group': 'bind',
+    'needs': [
+        'pkg_apt:bind9',
+    ],
    'needed_by': [
        'svc_systemd:bind9',
    ],
--- a/bundles/nginx/metadata.py
+++ b/bundles/nginx/metadata.py
@ -90,8 +90,8 @@ def vhosts(metadata):
 def dns(metadata):
    return {
        'dns': {
-            domain: repo.libs.dns.get_a_records(metadata)
-                for domain in metadata.get('nginx/vhosts')
+            domain: repo.libs.dns.get_a_records(metadata, internal=config.get('internal_dns', True))
+                for domain, config in metadata.get('nginx/vhosts').items()
        },
    }

--- a/bundles/postgresql/items.py
+++ b/bundles/postgresql/items.py
@ -1,5 +1,18 @@
 from bundlewrap.utils.dicts import merge_dict

+directories = {
+    '/var/lib/postgresql': {
+        'owner': 'postgres',
+        'group': 'postgres',
+        'needs': [
+            'zfs_dataset:tank/postgresql',
+        ],
+        'needed_by': [
+            'svc_systemd:postgresql',
+        ],
+    }
+}
+

 svc_systemd['postgresql'] = {
    'needs': [
--- a/bundles/roundcube/metadata.py
+++ b/bundles/roundcube/metadata.py
@ -11,7 +11,8 @@ defaults = {
            'php-intl': {},
            'php-mail-mime': {},
            'php-mbstring': {},
-            'php-net-idna2': {},
+            # FIXME: not available in bullseye?
+            # 'php-net-idna2': {}, 
            'php-net-smtp': {},
            'php-net-socket': {},
            'php-pear': {},
--- a/groups/applications/mailserver.py
+++ b/groups/applications/mailserver.py
@ -4,6 +4,7 @@
        'dovecot',
        'letsencrypt',
        'mailserver',
+        'nginx',
        'php',
        'postfix',
        'postgresql',
--- a/libs/dns.py
+++ b/libs/dns.py
@ -1,15 +1,23 @@
 from ipaddress import ip_interface

-def get_a_records(metadata):
+def get_a_records(metadata, internal=True, external=True):
+    networks = metadata.get('network')
+    
+    if not internal:
+        networks.pop('internal')
+
+    if not external:
+        networks.pop('external')
+    
    return {
        'A': [
            str(ip_interface(network['ipv4']).ip)
-                for network in metadata.get('network').values()
+                for network in networks.values()
                if 'ipv4' in network
        ],
        'AAAA': [
            str(ip_interface(network['ipv6']).ip)
-                for network in metadata.get('network').values()
+                for network in networks.values()
                if 'ipv6' in network
        ],
    }
--- a/nodes/htz.mails.py
+++ b/nodes/htz.mails.py
@ -4,7 +4,7 @@
 #        'archive',
        'backup',
        'hetzner-cloud',
-        'debian-10',
+        'debian-11',
        'mailserver',
        'monitored',
        'webserver',
@ -65,12 +65,14 @@
                    'context': {
                        'target': 'https://cloud.sublimity.de:443',
                    },
+                    'internal_dns': False,
                },
                'git.sublimity.de': {
                    'content': 'nginx/proxy_pass.conf',
                    'context': {
                        'target': 'https://git.sublimity.de:443',
                    },
+                    'internal_dns': False,
                },
            },
        },