implement dns zone files

This commit is contained in:
Jörg Thalheim 2015-01-26 07:20:08 +00:00
parent 757e0f8992
commit 77052cacc4
6 changed files with 82 additions and 28 deletions

View File

@ -12,7 +12,7 @@
},
"host": {
"as": "4242420092",
"v4_tunnel": "172.23.75.1",
"ipv4": "172.23.75.1",
"start_port": 5001,
"end_port": 5020,
"v4_public": "dn42.higgsboson.tk",
@ -37,7 +37,7 @@
"type": "openvpn",
"proto": "udp6",
"remote": "2a03:4000:6:145:11::1",
"v4_tunnel": "172.23.136.65",
"ipv4": "172.23.136.65",
"lport": 5001,
"rport": 5001
},
@ -46,7 +46,7 @@
"type": "openvpn",
"proto": "udp6",
"remote": "portal.chelnok.de",
"v4_tunnel": "172.23.64.1",
"ipv4": "172.23.64.1",
"rport": 2322,
"lport": 5002
},
@ -55,7 +55,7 @@
"type": "openvpn",
"proto": "udp6",
"remote": "dn42.wetu.c3d2.de",
"v4_tunnel": "172.22.100.254",
"ipv4": "172.22.100.254",
"lport": 5003,
"rport": 5003
},
@ -64,22 +64,22 @@
"type": "openvpn",
"proto": "udp6",
"remote": "2001:1640:3::a",
"v4_tunnel": "172.23.67.1",
"ipv4": "172.23.67.1",
"lport": 5018,
"rport": 5018
},
"flatbert": {
"type": "openvpn",
"proto": "udp",
"remote": "float",
"v4_tunnel": "172.22.99.253",
"float": true,
"ipv4": "172.22.99.253",
"lport": 5002
},
"eve": {
"type": "local",
"ipv4": "172.23.75.1"
},
"matchbox": {
"eva": {
"type": "tinc",
"ipv4": "172.23.75.2"
},
@ -87,6 +87,14 @@
"type": "tinc",
"ipv4": "172.23.75.3",
"mac": "02:1f:02:a6:62:8e"
},
"dns": {
"type": "local",
"ipv4": "172.23.75.4"
},
"matchbox": {
"type": "tinc",
"ipv4": "172.23.75.5"
}
}
}

View File

@ -1,6 +1,52 @@
#!/usr/bin/env ruby
require_relative "utils"
require "netaddr"
class RdnsZone
def initialize(data, subnet)
@data = data
@subnet = NetAddr::CIDR.create(subnet)
end
attr_reader :data
def [](key)
(data["zone"] || {})[key]
end
def pointers(&blk)
version = @subnet.version
@data["network"].each do |name, host|
ip = host["ipv#{version}"]
next unless ip
arpa = NetAddr::CIDR.create(ip).arpa
next unless arpa.end_with?(@subnet.arpa)
host_part = arpa[0, arpa.size - @subnet.arpa.size - 1]
yield name, host_part
end
end
def name
@subnet.arpa.gsub(/\.$/, "")
end
def write_zone_file(root_path)
zone_template = Template.new(root_path.join("templates/rdns-zone.erb"))
rdns_path = root_path.join("zones", name)
atomic_write(rdns_path, zone_template.render(zone: self))
end
end
registry = Registry.new
template_path = Pathname.new(File.expand_path("../../templates", __FILE__))
dn42_zone_template = Template.new(template_path.join("dn42-zone.erb"))
root_path = Pathname.new(File.expand_path("../..", __FILE__))
zone_template = Template.new(root_path.join("templates/dn42-zone.erb"))
result = zone_template.render(data: registry.data)
atomic_write(root_path.join("zones/dn42.zone"), result)
if subnet = try(registry.data, "zone", "v4_subnet")
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
end
if subnet = try(registry.data, "zone", "v6_subnet")
RdnsZone.new(registry.data, subnet).write_zone_file(root_path)
end

View File

@ -9,7 +9,7 @@ class OpenvpnRegistry < Registry
def initialize
super
@host = data["host"]
@v4_tunnel_ip = @host["v4_tunnel"] or die("v4_tunnel not set for host")
@own_ipv4 = @host["ipv4"] or die("v4_subnet not set for host")
@start_port = @host["start_port"].to_i
@end_port = @host["end_port"].to_i
@ -89,8 +89,8 @@ class OpenvpnRegistry < Registry
unless params["proto"]
die "proto not set for peer #{name}"
end
unless params["v4_tunnel"] # TODO
die "v4_tunnel not set for peer #{name}"
unless params["ipv4"] # TODO
die "internal ipv4 not set for peer #{name}"
end
params["lport"] ||= next_free_port
@ -99,7 +99,7 @@ class OpenvpnRegistry < Registry
params["rport"] ||= params["lport"]
end
params.merge(own_v4_tunnel: @v4_tunnel_ip)
params.merge(own_ipv4: @own_ipv4)
end
def next_free_port

View File

@ -14,11 +14,11 @@
<%= name %> SRV <%= value["srv"] %>
<% end -%>
<% if value["ipv4"] -%>
<%= name %> A <%= ip(value["ipv4"]) %>
ipv4.<%= name %> A <%= ip(value["ipv4"]) %>
<%= name %> A <%= value["ipv4"] %>
ipv4.<%= name %> A <%= value["ipv4"] %>
<% end -%>
<% if value["ipv6"] -%>
<%= name %> AAAA <%= ip(value["ipv6"]) %>
ipv6.<%= name %> AAAA <%= ip(value["ipv6"]) %>
<%= name %> AAAA <%= value["ipv6"] %>
ipv6.<%= name %> AAAA <%= value["ipv6"] %>
<% end -%>
<% end -%>

View File

@ -18,7 +18,7 @@ rport <%= rport %>
lport <%= lport %>
<% end -%>
ifconfig <%= own_v4_tunnel %> <%= v4_tunnel %>
ifconfig <%= own_ipv4 %> <%= ipv4 %>
secret /etc/openvpn/<%= name %>.key
script-security 2 execve
up "/etc/openvpn/scripts/ipv6.sh fd70:96c9:ef25::fe:6/124 <%= name %>"

View File

@ -1,11 +1,11 @@
@ IN SOA <%= data["zone"]["soa"] %> hostmaster (
<%= data["zone"]["serial"] %> ; serial
<%= data["zone"]["refresh"] %> ; refresh
<%= data["zone"]["retry"] %> ; retry
<%= data["zone"]["expire"] %> ; expire
<%= data["zone"]["minimum"] %>) ; minimum
NS <%= data["zone"]["ns"] %>
@ IN SOA <%= zone["soa"] %> hostmaster (
<%= zone["serial"] %> ; serial
<%= zone["refresh"] %> ; refresh
<%= zone["retry"] %> ; retry
<%= zone["expire"] %> ; expire
<%= zone["minimum"] %>) ; minimum
NS <%= zone["ns"] %>
<% pointers do |addr, name| %>
<%= addr %> PTR <%= name %>.lxc.
<% zone.pointers do |name, host_part| %>
<%= host_part %> PTR <%= name %>.dn42.higgsboson.tk
<% end -%>