diff --git a/container.json b/container.json index 875b73e..93709d9 100644 --- a/container.json +++ b/container.json @@ -38,7 +38,6 @@ "lxc": false }, "jabber": { - "ipv4": "192.168.66.22/32", "ipv6": "2a01:4f8:210:31fd:1::16/128", "rdns6": "jabber.higgsboson.tk", "lxc": false @@ -69,6 +68,7 @@ "ns1": { "ns": true, "lxc": false, + "rdns6": "ns1.higgsboson.tk", "ipv4": "192.168.66.6/32", "ipv6": "2a01:4f8:210:31fd:1::6/128" }, @@ -81,7 +81,7 @@ "dns": { "ipv4": "192.168.66.6/32", "ipv6": "2a01:4f8:210:31fd:1::6/128", - "rdns6": "ns.higgsboson.tk", + "rdns6": "ns1.higgsboson.tk", "dn42": { "ipv4": "172.23.75.4" } diff --git a/hooks/lib/lxc/hetzner.rb b/hooks/lib/lxc/hetzner.rb index f40a0f4..7182b5f 100644 --- a/hooks/lib/lxc/hetzner.rb +++ b/hooks/lib/lxc/hetzner.rb @@ -41,16 +41,14 @@ module Lxc def perform_request(req) req.basic_auth(@user, @password) - resp = Net::HTTP.start(BASE_URI.hostname, - BASE_URI.port, - use_ssl: true) do |http| - http.request(req) - end - if resp.code.start_with? "2" - return resp - else - raise StandardError.new("failed to perform request: #{resp.inspect}") - end + resp = Net::HTTP.start(BASE_URI.hostname, BASE_URI.port, use_ssl: true) do |http| + http.request(req) + end + if resp.code.start_with? "2" + return resp + else + raise StandardError.new("failed to perform request for '#{req.path}': #{resp.code} - #{resp.body}") + end end end end diff --git a/hooks/update-hetzner-rdns b/hooks/update-hetzner-rdns index 39be4b2..57cace3 100755 --- a/hooks/update-hetzner-rdns +++ b/hooks/update-hetzner-rdns @@ -1,35 +1,51 @@ #!/usr/bin/env ruby require "netaddr" +require "set" require_relative "lib/lxc" -def update_hetzner_rdns6(user, password, domain, network) +def update_hetzner_rdns6(user, password, domain, subnet, network) api = Lxc::Hetzner.new(user, password) rdns = api.get("/rdns") records = {} rdns.each do |val| rec = val["rdns"] cidr = NetAddr::CIDR.create(rec["ip"]) - next if cidr.version == 4 - records[cidr.ip] = rec["ptr"] + next unless cidr.version == 6 and subnet.contains?(rec["ip"]) + records[rec["ip"]] = rec["ptr"] end + processed_ips = Set.new + network.each do |host, data| cidr = data["ipv6"] next if cidr.nil? - ipv6 = NetAddr::CIDR.create(cidr).ip + cidr = NetAddr::CIDR.create(cidr) + next unless cidr.version == 6 and subnet.contains?(data["ipv6"]) hostname = data["rdns6"] || "#{host}.#{domain}" - ptr = records.delete(ipv6) + ip = cidr.ip(Short: true) + next if processed_ips.include?(ip) + processed_ips << ip + ptr = records.delete(ip) if ptr.nil? or ptr != hostname - api.post("/rdns/#{ipv6}", ptr: hostname) + puts "add ptr: #{ip} -> #{hostname}" + api.post("/rdns/#{ip}", ptr: hostname) end end records.each do |ip, ptr| + puts "delete ptr: #{ip} -> #{ptr}" api.delete("/rnds/#{ip}") end end -credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key")) -user, password = credentials.split(":") registry = Lxc::Registry.new registry.data["zone"] ||= {} -domain = registry.data["zone"]["domain"] -update_hetzner_rdns6(user, password, domain, registry.data["network"] || {}) +domain = registry.data["zone"]["domain"] || "lxc" +subnet = registry.data["zone"]["v6_subnet"] +if subnet + subnet_cidr = NetAddr::CIDR.create(subnet) + credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key")) + user, password = credentials.split(":") + network = registry.data["network"] || {} + update_hetzner_rdns6(user, password, domain, subnet_cidr, network) +else + puts "no v6_subnet specified in container.json. skip rdns records" +end