implement dns zone files

This commit is contained in:
Jörg Thalheim 2015-01-26 07:20:08 +00:00
parent 757e0f8992
commit 77052cacc4
6 changed files with 82 additions and 28 deletions

View File

@ -12,7 +12,7 @@
}, },
"host": { "host": {
"as": "4242420092", "as": "4242420092",
"v4_tunnel": "172.23.75.1", "ipv4": "172.23.75.1",
"start_port": 5001, "start_port": 5001,
"end_port": 5020, "end_port": 5020,
"v4_public": "dn42.higgsboson.tk", "v4_public": "dn42.higgsboson.tk",
@ -37,7 +37,7 @@
"type": "openvpn", "type": "openvpn",
"proto": "udp6", "proto": "udp6",
"remote": "2a03:4000:6:145:11::1", "remote": "2a03:4000:6:145:11::1",
"v4_tunnel": "172.23.136.65", "ipv4": "172.23.136.65",
"lport": 5001, "lport": 5001,
"rport": 5001 "rport": 5001
}, },
@ -46,7 +46,7 @@
"type": "openvpn", "type": "openvpn",
"proto": "udp6", "proto": "udp6",
"remote": "portal.chelnok.de", "remote": "portal.chelnok.de",
"v4_tunnel": "172.23.64.1", "ipv4": "172.23.64.1",
"rport": 2322, "rport": 2322,
"lport": 5002 "lport": 5002
}, },
@ -55,7 +55,7 @@
"type": "openvpn", "type": "openvpn",
"proto": "udp6", "proto": "udp6",
"remote": "dn42.wetu.c3d2.de", "remote": "dn42.wetu.c3d2.de",
"v4_tunnel": "172.22.100.254", "ipv4": "172.22.100.254",
"lport": 5003, "lport": 5003,
"rport": 5003 "rport": 5003
}, },
@ -64,22 +64,22 @@
"type": "openvpn", "type": "openvpn",
"proto": "udp6", "proto": "udp6",
"remote": "2001:1640:3::a", "remote": "2001:1640:3::a",
"v4_tunnel": "172.23.67.1", "ipv4": "172.23.67.1",
"lport": 5018, "lport": 5018,
"rport": 5018 "rport": 5018
}, },
"flatbert": { "flatbert": {
"type": "openvpn", "type": "openvpn",
"proto": "udp", "proto": "udp",
"remote": "float", "float": true,
"v4_tunnel": "172.22.99.253", "ipv4": "172.22.99.253",
"lport": 5002 "lport": 5002
}, },
"eve": { "eve": {
"type": "local", "type": "local",
"ipv4": "172.23.75.1" "ipv4": "172.23.75.1"
}, },
"matchbox": { "eva": {
"type": "tinc", "type": "tinc",
"ipv4": "172.23.75.2" "ipv4": "172.23.75.2"
}, },
@ -87,6 +87,14 @@
"type": "tinc", "type": "tinc",
"ipv4": "172.23.75.3", "ipv4": "172.23.75.3",
"mac": "02:1f:02:a6:62:8e" "mac": "02:1f:02:a6:62:8e"
},
"dns": {
"type": "local",
"ipv4": "172.23.75.4"
},
"matchbox": {
"type": "tinc",
"ipv4": "172.23.75.5"
} }
} }
} }

View File

@ -1,6 +1,52 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
require_relative "utils" require_relative "utils"
require "netaddr"
class RdnsZone
def initialize(data, subnet)
@data = data
@subnet = NetAddr::CIDR.create(subnet)
end
attr_reader :data
def [](key)
(data["zone"] || {})[key]
end
def pointers(&blk)
version = @subnet.version
@data["network"].each do |name, host|
ip = host["ipv#{version}"]
next unless ip
arpa = NetAddr::CIDR.create(ip).arpa
next unless arpa.end_with?(@subnet.arpa)
host_part = arpa[0, arpa.size - @subnet.arpa.size - 1]
yield name, host_part
end
end
def name
@subnet.arpa.gsub(/\.$/, "")
end
def write_zone_file(root_path)
zone_template = Template.new(root_path.join("templates/rdns-zone.erb"))
rdns_path = root_path.join("zones", name)
atomic_write(rdns_path, zone_template.render(zone: self))
end
end
registry = Registry.new registry = Registry.new
template_path = Pathname.new(File.expand_path("../../templates", __FILE__)) root_path = Pathname.new(File.expand_path("../..", __FILE__))
dn42_zone_template = Template.new(template_path.join("dn42-zone.erb")) zone_template = Template.new(root_path.join("templates/dn42-zone.erb"))
result = zone_template.render(data: registry.data)
atomic_write(root_path.join("zones/dn42.zone"), result)
if subnet = try(registry.data, "zone", "v4_subnet")
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
end
if subnet = try(registry.data, "zone", "v6_subnet")
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
end

View File

@ -9,7 +9,7 @@ class OpenvpnRegistry < Registry
def initialize def initialize
super super
@host = data["host"] @host = data["host"]
@v4_tunnel_ip = @host["v4_tunnel"] or die("v4_tunnel not set for host") @own_ipv4 = @host["ipv4"] or die("v4_subnet not set for host")
@start_port = @host["start_port"].to_i @start_port = @host["start_port"].to_i
@end_port = @host["end_port"].to_i @end_port = @host["end_port"].to_i
@ -89,8 +89,8 @@ class OpenvpnRegistry < Registry
unless params["proto"] unless params["proto"]
die "proto not set for peer #{name}" die "proto not set for peer #{name}"
end end
unless params["v4_tunnel"] # TODO unless params["ipv4"] # TODO
die "v4_tunnel not set for peer #{name}" die "internal ipv4 not set for peer #{name}"
end end
params["lport"] ||= next_free_port params["lport"] ||= next_free_port
@ -99,7 +99,7 @@ class OpenvpnRegistry < Registry
params["rport"] ||= params["lport"] params["rport"] ||= params["lport"]
end end
params.merge(own_v4_tunnel: @v4_tunnel_ip) params.merge(own_ipv4: @own_ipv4)
end end
def next_free_port def next_free_port

View File

@ -14,11 +14,11 @@
<%= name %> SRV <%= value["srv"] %> <%= name %> SRV <%= value["srv"] %>
<% end -%> <% end -%>
<% if value["ipv4"] -%> <% if value["ipv4"] -%>
<%= name %> A <%= ip(value["ipv4"]) %> <%= name %> A <%= value["ipv4"] %>
ipv4.<%= name %> A <%= ip(value["ipv4"]) %> ipv4.<%= name %> A <%= value["ipv4"] %>
<% end -%> <% end -%>
<% if value["ipv6"] -%> <% if value["ipv6"] -%>
<%= name %> AAAA <%= ip(value["ipv6"]) %> <%= name %> AAAA <%= value["ipv6"] %>
ipv6.<%= name %> AAAA <%= ip(value["ipv6"]) %> ipv6.<%= name %> AAAA <%= value["ipv6"] %>
<% end -%> <% end -%>
<% end -%> <% end -%>

View File

@ -18,7 +18,7 @@ rport <%= rport %>
lport <%= lport %> lport <%= lport %>
<% end -%> <% end -%>
ifconfig <%= own_v4_tunnel %> <%= v4_tunnel %> ifconfig <%= own_ipv4 %> <%= ipv4 %>
secret /etc/openvpn/<%= name %>.key secret /etc/openvpn/<%= name %>.key
script-security 2 execve script-security 2 execve
up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>" up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>"

View File

@ -1,11 +1,11 @@
@ IN SOA <%= data["zone"]["soa"] %> hostmaster ( @ IN SOA <%= zone["soa"] %> hostmaster (
<%= data["zone"]["serial"] %> ; serial <%= zone["serial"] %> ; serial
<%= data["zone"]["refresh"] %> ; refresh <%= zone["refresh"] %> ; refresh
<%= data["zone"]["retry"] %> ; retry <%= zone["retry"] %> ; retry
<%= data["zone"]["expire"] %> ; expire <%= zone["expire"] %> ; expire
<%= data["zone"]["minimum"] %>) ; minimum <%= zone["minimum"] %>) ; minimum
NS <%= data["zone"]["ns"] %> NS <%= zone["ns"] %>
<% pointers do |addr, name| %> <% zone.pointers do |name, host_part| %>
<%= addr %> PTR <%= name %>.lxc. <%= host_part %> PTR <%= name %>.dn42.higgsboson.tk
<% end -%> <% end -%>