Mic92
/
lxc-config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

hetzner rdns: filter ipv6 addresses not in the current zone

This commit is contained in:
Jörg Thalheim 2015-01-30 09:18:44 +00:00
parent cae4cf542f
commit 51aff603ff
3 changed files with 36 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
container.json
View File

@ -38,7 +38,6 @@
"lxc": false "lxc": false
}, },
"jabber": { "jabber": {
"ipv4": "192.168.66.22/32",
"ipv6": "2a01:4f8:210:31fd:1::16/128", "ipv6": "2a01:4f8:210:31fd:1::16/128",
"rdns6": "jabber.higgsboson.tk", "rdns6": "jabber.higgsboson.tk",
"lxc": false "lxc": false
@ -69,6 +68,7 @@
"ns1": { "ns1": {
"ns": true, "ns": true,
"lxc": false, "lxc": false,
"rdns6": "ns1.higgsboson.tk",
"ipv4": "192.168.66.6/32", "ipv4": "192.168.66.6/32",
"ipv6": "2a01:4f8:210:31fd:1::6/128" "ipv6": "2a01:4f8:210:31fd:1::6/128"
}, },
@ -81,7 +81,7 @@
"dns": { "dns": {
"ipv4": "192.168.66.6/32", "ipv4": "192.168.66.6/32",
"ipv6": "2a01:4f8:210:31fd:1::6/128", "ipv6": "2a01:4f8:210:31fd:1::6/128",
"rdns6": "ns.higgsboson.tk", "rdns6": "ns1.higgsboson.tk",
"dn42": { "dn42": {
"ipv4": "172.23.75.4" "ipv4": "172.23.75.4"
} }

18
hooks/lib/lxc/hetzner.rb
View File

@ -41,16 +41,14 @@ module Lxc
def perform_request(req) def perform_request(req)
req.basic_auth(@user, @password) req.basic_auth(@user, @password)
resp = Net::HTTP.start(BASE_URI.hostname, resp = Net::HTTP.start(BASE_URI.hostname, BASE_URI.port, use_ssl: true) do |http|
BASE_URI.port, http.request(req)
use_ssl: true) do |http| end
http.request(req) if resp.code.start_with? "2"
end return resp
if resp.code.start_with? "2" else
return resp raise StandardError.new("failed to perform request for '#{req.path}': #{resp.code} - #{resp.body}")
else end
raise StandardError.new("failed to perform request: #{resp.inspect}")
end
end end
end end
end end

36
hooks/update-hetzner-rdns
View File

@ -1,35 +1,51 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
require "netaddr" require "netaddr"
require "set"
require_relative "lib/lxc" require_relative "lib/lxc"
def update_hetzner_rdns6(user, password, domain, network) def update_hetzner_rdns6(user, password, domain, subnet, network)
api = Lxc::Hetzner.new(user, password) api = Lxc::Hetzner.new(user, password)
rdns = api.get("/rdns") rdns = api.get("/rdns")
records = {} records = {}
rdns.each do |val| rdns.each do |val|
rec = val["rdns"] rec = val["rdns"]
cidr = NetAddr::CIDR.create(rec["ip"]) cidr = NetAddr::CIDR.create(rec["ip"])
next if cidr.version == 4 next unless cidr.version == 6 and subnet.contains?(rec["ip"])
records[cidr.ip] = rec["ptr"] records[rec["ip"]] = rec["ptr"]
end end
processed_ips = Set.new
network.each do |host, data| network.each do |host, data|
cidr = data["ipv6"] cidr = data["ipv6"]
next if cidr.nil? next if cidr.nil?
ipv6 = NetAddr::CIDR.create(cidr).ip cidr = NetAddr::CIDR.create(cidr)
next unless cidr.version == 6 and subnet.contains?(data["ipv6"])
hostname = data["rdns6"] || "#{host}.#{domain}" hostname = data["rdns6"] || "#{host}.#{domain}"
ptr = records.delete(ipv6) ip = cidr.ip(Short: true)
next if processed_ips.include?(ip)
processed_ips << ip
ptr = records.delete(ip)
if ptr.nil? or ptr != hostname if ptr.nil? or ptr != hostname
api.post("/rdns/#{ipv6}", ptr: hostname) puts "add ptr: #{ip} -> #{hostname}"
api.post("/rdns/#{ip}", ptr: hostname)
end end
end end
records.each do |ip, ptr| records.each do |ip, ptr|
puts "delete ptr: #{ip} -> #{ptr}"
api.delete("/rnds/#{ip}") api.delete("/rnds/#{ip}")
end end
end end
credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key"))
user, password = credentials.split(":")
registry = Lxc::Registry.new registry = Lxc::Registry.new
registry.data["zone"] ||= {} registry.data["zone"] ||= {}
domain = registry.data["zone"]["domain"] domain = registry.data["zone"]["domain"] || "lxc"
update_hetzner_rdns6(user, password, domain, registry.data["network"] || {}) subnet = registry.data["zone"]["v6_subnet"]
if subnet
subnet_cidr = NetAddr::CIDR.create(subnet)
credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key"))
user, password = credentials.split(":")
network = registry.data["network"] || {}
update_hetzner_rdns6(user, password, domain, subnet_cidr, network)
else
puts "no v6_subnet specified in container.json. skip rdns records"
end