wip
This commit is contained in:
mwiegand
parent
f6dce9adab
commit
ee09e81a22
6 changed files with 82 additions and 7 deletions
|
|
@ -27,7 +27,10 @@ view "${view['name']}" {
|
|||
|
||||
% for zone in zones:
|
||||
zone "${zone}" {
|
||||
type master;
|
||||
type ${type};
|
||||
% if type == 'slave':
|
||||
masters { ${master_ip}; };
|
||||
% endif
|
||||
file "/var/lib/bind/${view['name']}/db.${zone}";
|
||||
};
|
||||
% endfor
|
||||
|
|
|
|||
|
|
@ -7,4 +7,10 @@ options {
|
|||
|
||||
max-cache-size 30%;
|
||||
querylog yes;
|
||||
|
||||
% if type == 'master':
|
||||
notify yes;
|
||||
also-notify { ${' '.join([f'{ip};' for ip in slave_ips])} };
|
||||
allow-transfer { ${' '.join([f'{ip};' for ip in slave_ips])} };
|
||||
% endif
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,6 +1,18 @@
|
|||
from ipaddress import ip_address
|
||||
from ipaddress import ip_address, ip_interface
|
||||
from datetime import datetime
|
||||
|
||||
if node.metadata.get('bind/type') == 'master':
|
||||
zones = node.metadata.get('bind/zones')
|
||||
master_ip = None
|
||||
slave_ips = [
|
||||
ip_interface(repo.get_node(slave).metadata.get('network/external/ipv4')).ip
|
||||
for slave in node.metadata.get('bind/slaves')
|
||||
]
|
||||
else:
|
||||
zones = repo.get_node(node.metadata.get('bind/master_node')).metadata.get('bind/zones')
|
||||
master_ip = ip_interface(repo.get_node(node.metadata.get('bind/master_node')).metadata.get('network/external/ipv4')).ip
|
||||
slave_ips = []
|
||||
|
||||
directories[f'/var/lib/bind'] = {
|
||||
'purge': True,
|
||||
'needed_by': [
|
||||
|
|
@ -35,6 +47,11 @@ files['/etc/bind/named.conf'] = {
|
|||
],
|
||||
}
|
||||
files['/etc/bind/named.conf.options'] = {
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'type': node.metadata.get('bind/type'),
|
||||
'slave_ips': sorted(slave_ips),
|
||||
},
|
||||
'owner': 'root',
|
||||
'group': 'bind',
|
||||
'needs': [
|
||||
|
|
@ -72,8 +89,10 @@ views = [
|
|||
files['/etc/bind/named.conf.local'] = {
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'type': node.metadata.get('bind/type'),
|
||||
'master_ip': master_ip,
|
||||
'views': views,
|
||||
'zones': sorted(node.metadata.get('bind/zones')),
|
||||
'zones': sorted(zones),
|
||||
},
|
||||
'owner': 'root',
|
||||
'group': 'bind',
|
||||
|
|
@ -117,7 +136,7 @@ for view in views:
|
|||
],
|
||||
}
|
||||
|
||||
for zone, records in node.metadata.get('bind/zones').items():
|
||||
for zone, records in zones.items():
|
||||
files[f"/var/lib/bind/{view['name']}/db.{zone}"] = {
|
||||
'group': 'bind',
|
||||
'source': 'db',
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ defaults = {
|
|||
},
|
||||
'bind': {
|
||||
'zones': {},
|
||||
'slaves': {},
|
||||
},
|
||||
'telegraf': {
|
||||
'config': {
|
||||
|
|
@ -24,6 +25,17 @@ defaults = {
|
|||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'bind/type',
|
||||
)
|
||||
def type(metadata):
|
||||
return {
|
||||
'bind': {
|
||||
'type': 'slave' if metadata.get('bind/master_node', None) else 'master',
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'dns',
|
||||
)
|
||||
|
|
@ -39,6 +51,9 @@ def dns(metadata):
|
|||
'bind/zones',
|
||||
)
|
||||
def collect_records(metadata):
|
||||
if metadata.get('bind/type') == 'slave':
|
||||
return {}
|
||||
|
||||
zones = {}
|
||||
|
||||
for other_node in repo.nodes:
|
||||
|
|
@ -76,13 +91,41 @@ def collect_records(metadata):
|
|||
'bind/zones',
|
||||
)
|
||||
def ns_records(metadata):
|
||||
if metadata.get('bind/type') == 'slave':
|
||||
return {}
|
||||
|
||||
nameservers = [
|
||||
node.metadata.get('bind/hostname'),
|
||||
*[
|
||||
repo.get_node(slave).metadata.get('bind/hostname')
|
||||
for slave in node.metadata.get('bind/slaves')
|
||||
]
|
||||
]
|
||||
return {
|
||||
'bind': {
|
||||
'zones': {
|
||||
zone: [
|
||||
{'name': '@', 'type': 'NS', 'value': f"{metadata.get('bind/hostname')}."},
|
||||
{'name': '@', 'type': 'NS', 'value': f"{metadata.get('bind/secondary_hostname')}."},
|
||||
{'name': '@', 'type': 'NS', 'value': f"{nameserver}."}
|
||||
for nameserver in nameservers
|
||||
] for zone in metadata.get('bind/zones').keys()
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'bind/slaves',
|
||||
)
|
||||
def slaves(metadata):
|
||||
if metadata.get('bind/type') == 'slave':
|
||||
return {}
|
||||
|
||||
return {
|
||||
'bind': {
|
||||
'slaves': [
|
||||
other_node.name
|
||||
for other_node in repo.nodes
|
||||
if other_node.has_bundle('bind') and other_node.metadata.get('bind/master_node', None) == node.name
|
||||
],
|
||||
},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@
|
|||
'id': 'ea29bdf0-0b47-4bf4-8346-67d60c9dc4ae',
|
||||
'bind': {
|
||||
'hostname': 'resolver.name',
|
||||
'secondary_hostname': 'second.resolver.name',
|
||||
'zones': {
|
||||
'sublimity.de': [],
|
||||
'freibrief.net': [],
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
'hostname': '46.38.240.85',
|
||||
'groups': [
|
||||
'debian-10',
|
||||
'dnsserver',
|
||||
],
|
||||
'bundles': [
|
||||
'wireguard',
|
||||
|
|
@ -21,6 +22,10 @@
|
|||
'ipv4': '10.0.11.2/24',
|
||||
},
|
||||
},
|
||||
'bind': {
|
||||
'master_node': 'htz.mails',
|
||||
'hostname': 'second.resolver.name',
|
||||
},
|
||||
'wireguard': {
|
||||
'my_ip': '172.30.0.3/24',
|
||||
'peers': {
|
||||
|
|
|
|||
Loading…
Reference in a new issue