From 77052cacc49d841703752cb4b73a731bd6a5eac5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@higgsboson.tk>
Date: Mon, 26 Jan 2015 07:20:08 +0000
Subject: [PATCH] implement dns zone files

---
 registry.json              | 24 ++++++++++++------
 scripts/dns                | 50 ++++++++++++++++++++++++++++++++++++--
 scripts/openvpn            |  8 +++---
 templates/dn42-zone.erb    |  8 +++---
 templates/openvpn.conf.erb |  2 +-
 templates/rdns-zone.erb    | 18 +++++++-------
 6 files changed, 82 insertions(+), 28 deletions(-)

diff --git a/registry.json b/registry.json
index 22471d4..1d11a04 100644
--- a/registry.json
+++ b/registry.json
@@ -12,7 +12,7 @@
   },
   "host": {
     "as": "4242420092",
-    "v4_tunnel": "172.23.75.1",
+    "ipv4": "172.23.75.1",
     "start_port": 5001,
     "end_port": 5020,
     "v4_public": "dn42.higgsboson.tk",
@@ -37,7 +37,7 @@
       "type": "openvpn",
       "proto": "udp6",
       "remote": "2a03:4000:6:145:11::1",
-      "v4_tunnel": "172.23.136.65",
+      "ipv4": "172.23.136.65",
       "lport": 5001,
       "rport": 5001
     },
@@ -46,7 +46,7 @@
       "type": "openvpn",
       "proto": "udp6",
       "remote": "portal.chelnok.de",
-      "v4_tunnel": "172.23.64.1",
+      "ipv4": "172.23.64.1",
       "rport": 2322,
       "lport": 5002
     },
@@ -55,7 +55,7 @@
       "type": "openvpn",
       "proto": "udp6",
       "remote": "dn42.wetu.c3d2.de",
-      "v4_tunnel": "172.22.100.254",
+      "ipv4": "172.22.100.254",
       "lport": 5003,
       "rport": 5003
     },
@@ -64,22 +64,22 @@
       "type": "openvpn",
       "proto": "udp6",
       "remote": "2001:1640:3::a",
-      "v4_tunnel": "172.23.67.1",
+      "ipv4": "172.23.67.1",
       "lport": 5018,
       "rport": 5018
     },
     "flatbert": {
       "type": "openvpn",
       "proto": "udp",
-      "remote": "float",
-      "v4_tunnel": "172.22.99.253",
+      "float": true,
+      "ipv4": "172.22.99.253",
       "lport": 5002
     },
     "eve": {
       "type": "local",
       "ipv4": "172.23.75.1"
     },
-    "matchbox": {
+    "eva": {
       "type": "tinc",
       "ipv4": "172.23.75.2"
     },
@@ -87,6 +87,14 @@
       "type": "tinc",
       "ipv4": "172.23.75.3",
       "mac": "02:1f:02:a6:62:8e"
+    },
+    "dns": {
+      "type": "local",
+      "ipv4": "172.23.75.4"
+    },
+    "matchbox": {
+      "type": "tinc",
+      "ipv4": "172.23.75.5"
     }
   }
 }
diff --git a/scripts/dns b/scripts/dns
index 194a478..40db98c 100755
--- a/scripts/dns
+++ b/scripts/dns
@@ -1,6 +1,52 @@
 #!/usr/bin/env ruby
 require_relative "utils"
+require "netaddr"
+
+class RdnsZone
+  def initialize(data, subnet)
+    @data = data
+    @subnet = NetAddr::CIDR.create(subnet)
+  end
+  attr_reader :data
+
+  def [](key)
+    (data["zone"] || {})[key]
+  end
+
+  def pointers(&blk)
+    version = @subnet.version
+
+    @data["network"].each do |name, host|
+      ip = host["ipv#{version}"]
+      next unless ip
+      arpa = NetAddr::CIDR.create(ip).arpa
+      next unless arpa.end_with?(@subnet.arpa)
+      host_part = arpa[0, arpa.size - @subnet.arpa.size - 1]
+      yield name, host_part
+    end
+  end
+
+  def name
+    @subnet.arpa.gsub(/\.$/, "")
+  end
+
+  def write_zone_file(root_path)
+    zone_template = Template.new(root_path.join("templates/rdns-zone.erb"))
+    rdns_path = root_path.join("zones", name)
+    atomic_write(rdns_path, zone_template.render(zone: self))
+  end
+end
 
 registry = Registry.new
-template_path = Pathname.new(File.expand_path("../../templates", __FILE__))
-dn42_zone_template = Template.new(template_path.join("dn42-zone.erb"))
+root_path = Pathname.new(File.expand_path("../..", __FILE__))
+zone_template = Template.new(root_path.join("templates/dn42-zone.erb"))
+result = zone_template.render(data: registry.data)
+atomic_write(root_path.join("zones/dn42.zone"), result)
+
+if subnet = try(registry.data, "zone", "v4_subnet")
+  RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
+end
+
+if subnet = try(registry.data, "zone", "v6_subnet")
+  RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
+end
diff --git a/scripts/openvpn b/scripts/openvpn
index 08473c6..00bf908 100755
--- a/scripts/openvpn
+++ b/scripts/openvpn
@@ -9,7 +9,7 @@ class OpenvpnRegistry < Registry
   def initialize
     super
     @host = data["host"]
-    @v4_tunnel_ip = @host["v4_tunnel"] or die("v4_tunnel not set for host")
+    @own_ipv4 = @host["ipv4"] or die("v4_subnet not set for host")
 
     @start_port = @host["start_port"].to_i
     @end_port = @host["end_port"].to_i
@@ -89,8 +89,8 @@ class OpenvpnRegistry < Registry
       unless params["proto"]
         die "proto not set for peer #{name}"
       end
-      unless params["v4_tunnel"] # TODO
-        die "v4_tunnel not set for peer #{name}"
+      unless params["ipv4"] # TODO
+        die "internal ipv4 not set for peer #{name}"
       end
 
       params["lport"] ||= next_free_port
@@ -99,7 +99,7 @@ class OpenvpnRegistry < Registry
         params["rport"] ||= params["lport"]
       end
 
-      params.merge(own_v4_tunnel: @v4_tunnel_ip)
+      params.merge(own_ipv4: @own_ipv4)
     end
 
     def next_free_port
diff --git a/templates/dn42-zone.erb b/templates/dn42-zone.erb
index 2e5eb81..c5137f2 100644
--- a/templates/dn42-zone.erb
+++ b/templates/dn42-zone.erb
@@ -14,11 +14,11 @@
 <%= name %> SRV <%= value["srv"] %>
 <% end -%>
 <% if value["ipv4"] -%>
-<%= name %> A <%= ip(value["ipv4"]) %>
-ipv4.<%= name %> A <%= ip(value["ipv4"]) %>
+<%= name %> A <%= value["ipv4"] %>
+ipv4.<%= name %> A <%= value["ipv4"] %>
 <% end -%>
 <% if value["ipv6"] -%>
-<%= name %> AAAA <%= ip(value["ipv6"]) %>
-ipv6.<%= name %> AAAA <%= ip(value["ipv6"]) %>
+<%= name %> AAAA <%= value["ipv6"] %>
+ipv6.<%= name %> AAAA <%= value["ipv6"] %>
 <% end -%>
 <% end -%>
diff --git a/templates/openvpn.conf.erb b/templates/openvpn.conf.erb
index ccd2b90..2f8628f 100644
--- a/templates/openvpn.conf.erb
+++ b/templates/openvpn.conf.erb
@@ -18,7 +18,7 @@ rport       <%= rport %>
 lport       <%= lport %>
 <% end -%>
 
-ifconfig    <%= own_v4_tunnel %> <%= v4_tunnel %>
+ifconfig    <%= own_ipv4 %> <%= ipv4 %>
 secret /etc/openvpn/<%= name %>.key
 script-security 2 execve
 up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>"
diff --git a/templates/rdns-zone.erb b/templates/rdns-zone.erb
index f7e9393..e33b54c 100644
--- a/templates/rdns-zone.erb
+++ b/templates/rdns-zone.erb
@@ -1,11 +1,11 @@
-@     IN SOA   <%= data["zone"]["soa"] %> hostmaster (
-                        <%= data["zone"]["serial"] %> ; serial
-                        <%= data["zone"]["refresh"] %> ; refresh
-                        <%= data["zone"]["retry"] %> ; retry
-                        <%= data["zone"]["expire"] %> ; expire
-                        <%= data["zone"]["minimum"] %>) ; minimum
-        NS      <%= data["zone"]["ns"] %>
+@     IN SOA   <%= zone["soa"] %> hostmaster (
+                        <%= zone["serial"] %> ; serial
+                        <%= zone["refresh"] %> ; refresh
+                        <%= zone["retry"] %> ; retry
+                        <%= zone["expire"] %> ; expire
+                        <%= zone["minimum"] %>) ; minimum
+        NS      <%= zone["ns"] %>
 
-<% pointers do |addr, name| %>
-<%= addr %> PTR <%= name %>.lxc.
+<% zone.pointers do |name, host_part| %>
+<%= host_part %> PTR <%= name %>.dn42.higgsboson.tk
 <% end -%>