implement dns zone files
This commit is contained in:
parent
757e0f8992
commit
77052cacc4
@ -12,7 +12,7 @@
|
|||||||
},
|
},
|
||||||
"host": {
|
"host": {
|
||||||
"as": "4242420092",
|
"as": "4242420092",
|
||||||
"v4_tunnel": "172.23.75.1",
|
"ipv4": "172.23.75.1",
|
||||||
"start_port": 5001,
|
"start_port": 5001,
|
||||||
"end_port": 5020,
|
"end_port": 5020,
|
||||||
"v4_public": "dn42.higgsboson.tk",
|
"v4_public": "dn42.higgsboson.tk",
|
||||||
@ -37,7 +37,7 @@
|
|||||||
"type": "openvpn",
|
"type": "openvpn",
|
||||||
"proto": "udp6",
|
"proto": "udp6",
|
||||||
"remote": "2a03:4000:6:145:11::1",
|
"remote": "2a03:4000:6:145:11::1",
|
||||||
"v4_tunnel": "172.23.136.65",
|
"ipv4": "172.23.136.65",
|
||||||
"lport": 5001,
|
"lport": 5001,
|
||||||
"rport": 5001
|
"rport": 5001
|
||||||
},
|
},
|
||||||
@ -46,7 +46,7 @@
|
|||||||
"type": "openvpn",
|
"type": "openvpn",
|
||||||
"proto": "udp6",
|
"proto": "udp6",
|
||||||
"remote": "portal.chelnok.de",
|
"remote": "portal.chelnok.de",
|
||||||
"v4_tunnel": "172.23.64.1",
|
"ipv4": "172.23.64.1",
|
||||||
"rport": 2322,
|
"rport": 2322,
|
||||||
"lport": 5002
|
"lport": 5002
|
||||||
},
|
},
|
||||||
@ -55,7 +55,7 @@
|
|||||||
"type": "openvpn",
|
"type": "openvpn",
|
||||||
"proto": "udp6",
|
"proto": "udp6",
|
||||||
"remote": "dn42.wetu.c3d2.de",
|
"remote": "dn42.wetu.c3d2.de",
|
||||||
"v4_tunnel": "172.22.100.254",
|
"ipv4": "172.22.100.254",
|
||||||
"lport": 5003,
|
"lport": 5003,
|
||||||
"rport": 5003
|
"rport": 5003
|
||||||
},
|
},
|
||||||
@ -64,22 +64,22 @@
|
|||||||
"type": "openvpn",
|
"type": "openvpn",
|
||||||
"proto": "udp6",
|
"proto": "udp6",
|
||||||
"remote": "2001:1640:3::a",
|
"remote": "2001:1640:3::a",
|
||||||
"v4_tunnel": "172.23.67.1",
|
"ipv4": "172.23.67.1",
|
||||||
"lport": 5018,
|
"lport": 5018,
|
||||||
"rport": 5018
|
"rport": 5018
|
||||||
},
|
},
|
||||||
"flatbert": {
|
"flatbert": {
|
||||||
"type": "openvpn",
|
"type": "openvpn",
|
||||||
"proto": "udp",
|
"proto": "udp",
|
||||||
"remote": "float",
|
"float": true,
|
||||||
"v4_tunnel": "172.22.99.253",
|
"ipv4": "172.22.99.253",
|
||||||
"lport": 5002
|
"lport": 5002
|
||||||
},
|
},
|
||||||
"eve": {
|
"eve": {
|
||||||
"type": "local",
|
"type": "local",
|
||||||
"ipv4": "172.23.75.1"
|
"ipv4": "172.23.75.1"
|
||||||
},
|
},
|
||||||
"matchbox": {
|
"eva": {
|
||||||
"type": "tinc",
|
"type": "tinc",
|
||||||
"ipv4": "172.23.75.2"
|
"ipv4": "172.23.75.2"
|
||||||
},
|
},
|
||||||
@ -87,6 +87,14 @@
|
|||||||
"type": "tinc",
|
"type": "tinc",
|
||||||
"ipv4": "172.23.75.3",
|
"ipv4": "172.23.75.3",
|
||||||
"mac": "02:1f:02:a6:62:8e"
|
"mac": "02:1f:02:a6:62:8e"
|
||||||
|
},
|
||||||
|
"dns": {
|
||||||
|
"type": "local",
|
||||||
|
"ipv4": "172.23.75.4"
|
||||||
|
},
|
||||||
|
"matchbox": {
|
||||||
|
"type": "tinc",
|
||||||
|
"ipv4": "172.23.75.5"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
50
scripts/dns
50
scripts/dns
@ -1,6 +1,52 @@
|
|||||||
#!/usr/bin/env ruby
|
#!/usr/bin/env ruby
|
||||||
require_relative "utils"
|
require_relative "utils"
|
||||||
|
require "netaddr"
|
||||||
|
|
||||||
|
class RdnsZone
|
||||||
|
def initialize(data, subnet)
|
||||||
|
@data = data
|
||||||
|
@subnet = NetAddr::CIDR.create(subnet)
|
||||||
|
end
|
||||||
|
attr_reader :data
|
||||||
|
|
||||||
|
def [](key)
|
||||||
|
(data["zone"] || {})[key]
|
||||||
|
end
|
||||||
|
|
||||||
|
def pointers(&blk)
|
||||||
|
version = @subnet.version
|
||||||
|
|
||||||
|
@data["network"].each do |name, host|
|
||||||
|
ip = host["ipv#{version}"]
|
||||||
|
next unless ip
|
||||||
|
arpa = NetAddr::CIDR.create(ip).arpa
|
||||||
|
next unless arpa.end_with?(@subnet.arpa)
|
||||||
|
host_part = arpa[0, arpa.size - @subnet.arpa.size - 1]
|
||||||
|
yield name, host_part
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def name
|
||||||
|
@subnet.arpa.gsub(/\.$/, "")
|
||||||
|
end
|
||||||
|
|
||||||
|
def write_zone_file(root_path)
|
||||||
|
zone_template = Template.new(root_path.join("templates/rdns-zone.erb"))
|
||||||
|
rdns_path = root_path.join("zones", name)
|
||||||
|
atomic_write(rdns_path, zone_template.render(zone: self))
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
registry = Registry.new
|
registry = Registry.new
|
||||||
template_path = Pathname.new(File.expand_path("../../templates", __FILE__))
|
root_path = Pathname.new(File.expand_path("../..", __FILE__))
|
||||||
dn42_zone_template = Template.new(template_path.join("dn42-zone.erb"))
|
zone_template = Template.new(root_path.join("templates/dn42-zone.erb"))
|
||||||
|
result = zone_template.render(data: registry.data)
|
||||||
|
atomic_write(root_path.join("zones/dn42.zone"), result)
|
||||||
|
|
||||||
|
if subnet = try(registry.data, "zone", "v4_subnet")
|
||||||
|
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
if subnet = try(registry.data, "zone", "v6_subnet")
|
||||||
|
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
|
||||||
|
end
|
||||||
|
@ -9,7 +9,7 @@ class OpenvpnRegistry < Registry
|
|||||||
def initialize
|
def initialize
|
||||||
super
|
super
|
||||||
@host = data["host"]
|
@host = data["host"]
|
||||||
@v4_tunnel_ip = @host["v4_tunnel"] or die("v4_tunnel not set for host")
|
@own_ipv4 = @host["ipv4"] or die("v4_subnet not set for host")
|
||||||
|
|
||||||
@start_port = @host["start_port"].to_i
|
@start_port = @host["start_port"].to_i
|
||||||
@end_port = @host["end_port"].to_i
|
@end_port = @host["end_port"].to_i
|
||||||
@ -89,8 +89,8 @@ class OpenvpnRegistry < Registry
|
|||||||
unless params["proto"]
|
unless params["proto"]
|
||||||
die "proto not set for peer #{name}"
|
die "proto not set for peer #{name}"
|
||||||
end
|
end
|
||||||
unless params["v4_tunnel"] # TODO
|
unless params["ipv4"] # TODO
|
||||||
die "v4_tunnel not set for peer #{name}"
|
die "internal ipv4 not set for peer #{name}"
|
||||||
end
|
end
|
||||||
|
|
||||||
params["lport"] ||= next_free_port
|
params["lport"] ||= next_free_port
|
||||||
@ -99,7 +99,7 @@ class OpenvpnRegistry < Registry
|
|||||||
params["rport"] ||= params["lport"]
|
params["rport"] ||= params["lport"]
|
||||||
end
|
end
|
||||||
|
|
||||||
params.merge(own_v4_tunnel: @v4_tunnel_ip)
|
params.merge(own_ipv4: @own_ipv4)
|
||||||
end
|
end
|
||||||
|
|
||||||
def next_free_port
|
def next_free_port
|
||||||
|
@ -14,11 +14,11 @@
|
|||||||
<%= name %> SRV <%= value["srv"] %>
|
<%= name %> SRV <%= value["srv"] %>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<% if value["ipv4"] -%>
|
<% if value["ipv4"] -%>
|
||||||
<%= name %> A <%= ip(value["ipv4"]) %>
|
<%= name %> A <%= value["ipv4"] %>
|
||||||
ipv4.<%= name %> A <%= ip(value["ipv4"]) %>
|
ipv4.<%= name %> A <%= value["ipv4"] %>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<% if value["ipv6"] -%>
|
<% if value["ipv6"] -%>
|
||||||
<%= name %> AAAA <%= ip(value["ipv6"]) %>
|
<%= name %> AAAA <%= value["ipv6"] %>
|
||||||
ipv6.<%= name %> AAAA <%= ip(value["ipv6"]) %>
|
ipv6.<%= name %> AAAA <%= value["ipv6"] %>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
@ -18,7 +18,7 @@ rport <%= rport %>
|
|||||||
lport <%= lport %>
|
lport <%= lport %>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
||||||
ifconfig <%= own_v4_tunnel %> <%= v4_tunnel %>
|
ifconfig <%= own_ipv4 %> <%= ipv4 %>
|
||||||
secret /etc/openvpn/<%= name %>.key
|
secret /etc/openvpn/<%= name %>.key
|
||||||
script-security 2 execve
|
script-security 2 execve
|
||||||
up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>"
|
up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>"
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
@ IN SOA <%= data["zone"]["soa"] %> hostmaster (
|
@ IN SOA <%= zone["soa"] %> hostmaster (
|
||||||
<%= data["zone"]["serial"] %> ; serial
|
<%= zone["serial"] %> ; serial
|
||||||
<%= data["zone"]["refresh"] %> ; refresh
|
<%= zone["refresh"] %> ; refresh
|
||||||
<%= data["zone"]["retry"] %> ; retry
|
<%= zone["retry"] %> ; retry
|
||||||
<%= data["zone"]["expire"] %> ; expire
|
<%= zone["expire"] %> ; expire
|
||||||
<%= data["zone"]["minimum"] %>) ; minimum
|
<%= zone["minimum"] %>) ; minimum
|
||||||
NS <%= data["zone"]["ns"] %>
|
NS <%= zone["ns"] %>
|
||||||
|
|
||||||
<% pointers do |addr, name| %>
|
<% zone.pointers do |name, host_part| %>
|
||||||
<%= addr %> PTR <%= name %>.lxc.
|
<%= host_part %> PTR <%= name %>.dn42.higgsboson.tk
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
Loading…
Reference in New Issue
Block a user