Home Explore Help
Register Sign In
FreifunkHochstift
/
ffho-salt-public
2
0
Fork 2
Files Issues 0 Pull Requests 0
Browse Source

First shot on dynamically generated DNS entries for salt managed devices.

  Due to some unknown reasons Salt/Jinja does not want to push a lenghty list
  of entries into the jinja template. So as a workaround the module function
  is called several times. Wil be fixed.

  Greetings from #ICE951.

Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Maximilian Wilhelm 7 years ago
parent
17e84b204f
commit
c1f5365a5c
3 changed files with 65 additions and 24 deletions
Split View Show Diff Stats
  1. 54 2
      dns-server/auth/init.sls
  2. 11 11
      dns-server/auth/named.conf.local
  3. 0 11
      dns-server/init.sls

+ 54 - 2
dns-server/auth/init.sls
View File 

@@ -26,10 +26,31 @@ include:
 
       - cmd: rndc-reload
 
 
 
+# Create zones directory
 
+/etc/bind/zones/:
 
+  file.directory:
 
+    - makedirs: true
 
+    - user: root
 
+    - group: root
 
+    - mode: 755
 
+    - require:
 
+      - pkg: bind9
 
+
 
+# Create directory for static zone files
 
+/etc/bind/zones/static:
 
+  file.directory:
 
+    - makedirs: true
 
+    - user: root
 
+    - group: root
 
+    - mode: 755
 
+    - require:
 
+      - pkg: bind9
 
+      - file: /etc/bind/zones/
 
+
 
 # Copy zonefiles
 
-/etc/bind/zones/_tree:
 
+/etc/bind/zones/static/_tree:
 
   file.recurse:
 
-    - name: /etc/bind/zones
 
+    - name: /etc/bind/zones/static
 
     - source: salt://dns-server/auth/zones
 
     - file_mode: 644
 
     - dir_mode: 755
 
@@ -37,3 +58,34 @@ include:
 
     - group: root
 
     - watch_in:
 
       - cmd: rndc-reload
 
+
 
+
 
+# Create directory for generated zone files
 
+/etc/bind/zones/generated:
 
+  file.directory:
 
+    - makedirs: true
 
+    - user: root
 
+    - group: root
 
+    - mode: 755
 
+    - require:
 
+      - pkg: bind9
 
+      - file: /etc/bind/zones/
 
+
 
+{% set nodes_config = salt['pillar.get'] ('nodes', {}) %}
 
+{% set sites_config = salt['pillar.get'] ('sites', {}) %}
 
+{% set zones = salt['ffho_net.generate_DNS_entries'] (nodes_config, sites_config) %}
 
+{% for zone, entries in zones.items () %}
 
+/etc/bind/zones/generated/{{ zone }}.zone:
 
+  file.managed:
 
+    - source: salt://dns-server/auth/zone.gen.tmpl
 
+    - template: jinja
 
+    - context:
 
+      zone: {{ zone }}
 
+      nodes_config: {{ nodes_config }}
 
+      sites_config: {{ sites_config }}
 
+    - require:
 
+      - file: /etc/bind/zones/generated
 
+    - watch_in:
 
+      - cmd: rndc-reload
 
+{% endfor %}
 
+

+ 11 - 11
dns-server/auth/named.conf.local
View File 

@@ -26,25 +26,25 @@ acl ffho-ops {
 
 
 zone "paderborn.freifunk.net" {
 
 	type master;
 
-	file "/etc/bind/zones/paderborn.freifunk.net.zone";
 
+	file "/etc/bind/zones/static/paderborn.freifunk.net.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
 zone "pb.freifunk.net" {
 
 	type master;
 
-	file "/etc/bind/zones/pb.freifunk.net.zone";
 
+	file "/etc/bind/zones/static/pb.freifunk.net.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
 zone "hochstift.freifunk.net" {
 
 	type master;
 
-	file "/etc/bind/zones/hochstift.freifunk.net.zone";
 
+	file "/etc/bind/zones/static/hochstift.freifunk.net.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
 zone "ffho.net" {
 
 	type master;
 
-	file "/etc/bind/zones/ffho.net.zone";
 
+	file "/etc/bind/zones/static/ffho.net.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
@@ -55,14 +55,14 @@ zone "ffho.net" {
 
 // 2a02:450:0:6::/64
 
 zone "6.0.0.0.0.0.0.0.0.5.4.0.2.0.a.2.ip6.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones/2a02:450:0:6_64.ip6.arpa.zone";
 
+	file "/etc/bind/zones/static/2a02:450:0:6_64.ip6.arpa.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
 // 2a02:450:1::/60
 
 zone "0.0.0.1.0.0.0.0.5.4.0.2.0.a.2.ip6.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones/2a02:450:1_60.ip6.arpa.zone";
 
+	file "/etc/bind/zones/static/2a02:450:1_60.ip6.arpa.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
@@ -74,7 +74,7 @@ zone "0.0.0.1.0.0.0.0.5.4.0.2.0.a.2.ip6.arpa" {
 
 // 2a03:2260:2342::/48
 
 zone "2.4.3.2.0.6.2.2.3.0.a.2.ip6.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones/2a03:2260:2342::_48.ip6.arpa.zone";
 
+	file "/etc/bind/zones/static/2a03:2260:2342::_48.ip6.arpa.zone";
 
 	allow-transfer { slaves; localhost; ffho-ops; };
 
 };
 
 
@@ -86,21 +86,21 @@ zone "2.4.3.2.0.6.2.2.3.0.a.2.ip6.arpa" {
 
 // 10.132.0.0/16 reverse
 
 zone "132.10.in-addr.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones/132.10.in-addr.arpa.db";
 
+	file "/etc/bind/zones/static/132.10.in-addr.arpa.db";
 
 	allow-transfer { localhost; ffho-ops; };
 
 };
 
 
 // Management reverse
 
 zone "30.172.in-addr.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones/30.172.in-addr.arpa.zone";
 
+	file "/etc/bind/zones/static/30.172.in-addr.arpa.zone";
 
 	allow-transfer { localhost; ffho-ops; };
 
 };
 
 
 // Legacy .ffpb
 
 zone "ffpb" {
 
 	type master;
 
-	file "/etc/bind/zones/ffpb.db";
 
+	file "/etc/bind/zones/static/ffpb.db";
 
 	allow-transfer { localhost; ffho-ops; };
 
 };
 
 
@@ -108,6 +108,6 @@ zone "ffpb" {
 
 // Legacy fdca:ffee:ff12::/48 reverse
 
 zone "2.1.f.f.e.e.f.f.a.c.d.f.ip6.arpa" {
 
 	type master;
 
-	file "/etc/bind/zones//fdca:ffce:ff12::_48.db";
 
+	file "/etc/bind/zones/static//fdca:ffce:ff12::_48.db";
 
 	allow-transfer { localhost; ffho-ops; };
 
 };

+ 0 - 11
dns-server/init.sls
View File 

@@ -10,17 +10,6 @@ bind9:
 
     - reload: True
 
 
 
-# Create zones directory
 
-/etc/bind/zones/:
 
-  file.directory:
 
-    - makedirs: true
 
-    - user: root
 
-    - group: root
 
-    - mode: 755
 
-    - require:
 
-      - pkg: bind9
 
-
 
-
 
 # Reload command
 
 rndc-reload:
 
   cmd.wait: