FreifunkHochstift
/
ffho-salt-public


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
							#
# DNS service checks (Salt maanged)
#
{%- set reference_ns = salt['pillar.get']('dns-server:reference_ns') %}
{%- set zones = salt['pillar.get']('dns-server:zones', {}).keys ()|sort %}

################################################################################
#                            Internal DNS services                             #
################################################################################

# Check DNS Anycast address
object Host "dns.srv.in.ffho.net" {
	import "generic-dummy-host"

	display_name = "dns.srv.in.ffho.net"

	address = "10.132.251.53"
	address6 = "2a03:2260:2342:f251::53"

	vars.roles = [
		"dns",
	]
}									


# Check DNS anycast nodes
apply Service "dns4" {
	import "generic-service"

	check_command = "dns"
	vars.dns_lookup = "dns.srv.in.ffho.net"
        vars.dns_expected_answer = "10.132.251.53"
	vars.dns_server = host.address

	assign where host.address && "dns-auth" in host.vars.roles
}

apply Service "dns6" {
	import "generic-service"

	check_command = "dns"
	vars.dns_lookup = "dns.srv.in.ffho.net"
        vars.dns_expected_answer = "10.132.251.53"
	vars.dns_server = host.address6

	assign where host.address6 && "dns-auth" in host.vars.roles
}


# Check if DNS nodes are in sync with auth server
apply Service "dns_sync" {
	import "generic-service"

	check_command = "dns_sync"
	vars.reference_ns = "{{ reference_ns }}"
	vars.replica_ns = host.address
	vars.zones = [
{%- for zone in zones %}
		"{{ zone }}",
{%- endfor %}
	]

	assign where host.address && "dns-auth" in host.vars.roles
	ignore where "dns-server-master" in host.vars.roles
}


################################################################################
#                            External DNS services                             #
################################################################################

apply Service "dns_sync_dns01.srv.rfc2324.org" {
	import "generic-service"

	check_command = "dns_sync"
	vars.reference_ns = "{{ reference_ns }}"
	vars.replica_ns = "31.172.8.66"
	vars.zones = [
		"ffho.net",
		"hochstift.freifunk.net",
		"paderborn.freifunk.net",
	]

	assign where "dns-server-master" in host.vars.roles
}

apply Service "dns_sync_ns.youngage.eu" {
	import "generic-service"

	check_command = "dns_sync"
	vars.reference_ns = "{{ reference_ns }}"
	vars.replica_ns = "5.9.142.19"
	vars.zones = [
		"ffho.net",
		"hochstift.freifunk.net",
		"paderborn.freifunk.net",
	]

	assign where "dns-server-master" in host.vars.roles
}