Mic92
/
lxc-config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

correct zone settings, new mail search domain

This commit is contained in:
Jörg Thalheim 2015-01-18 18:22:19 +00:00
parent 05fac20909
commit b1bb4a9bd5
7 changed files with 194 additions and 216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
container.json
View File

@ -1,13 +1,14 @@
{ {
"zone": { "zone": {
"soa": "higgsboson.tk.", "soa": "ns1.higgsboson.tk.",
"ns": "higgsboson.tk.", "serial": 112,
"serial": 94,
"refresh": "1H", "refresh": "1H",
"hostmaster": "hostmaster.higgsboson.tk",
"domain": "eve.higgsboson.tk",
"retry": "4H", "retry": "4H",
"expire": "3W", "expire": "3W",
"minimum": "1D", "minimum": "1D",
"v4_subnet": "192.168.66.0/16", "v4_subnet": "192.168.66.0/24",
"v6_subnet": "2a01:4f8:210:31fd:1::/80" "v6_subnet": "2a01:4f8:210:31fd:1::/80"
}, },
"network": { "network": {
@ -21,7 +22,8 @@
"lxc": false "lxc": false
}, },
"jabber": { "jabber": {
"cname": "prosody", "ipv4": "192.168.66.22/32",
"ipv6": "2a01:4f8:210:31fd:1::16/128",
"lxc": false "lxc": false
}, },
"_xmpp-client._tcp": { "_xmpp-client._tcp": {
@ -46,6 +48,18 @@
"ipv4": "192.168.66.5/32", "ipv4": "192.168.66.5/32",
"ipv6": "2a01:4f8:210:31fd:1::5/128" "ipv6": "2a01:4f8:210:31fd:1::5/128"
}, },
"ns1": {
"ns": true,
"lxc": false,
"ipv4": "192.168.66.6/32",
"ipv6": "2a01:4f8:210:31fd:1::6/128"
},
"ns2": {
"ns": true,
"lxc": false,
"ipv4": "192.168.67.1/32",
"ipv6": "2a03:b0c0:2:d0:1::1/128"
},
"dns": { "dns": {
"ipv4": "192.168.66.6/32", "ipv4": "192.168.66.6/32",
"ipv6": "2a01:4f8:210:31fd:1::6/128", "ipv6": "2a01:4f8:210:31fd:1::6/128",
@ -327,4 +341,4 @@
} }
} }
} }
} }

48
hooks/update-zone
View File

@ -4,12 +4,13 @@ require 'erb'
require 'netaddr' require 'netaddr'
require 'fileutils' require 'fileutils'
require 'pathname' require 'pathname'
require 'ostruct'
LXC_ROOT = Pathname.new("/etc/lxc") LXC_ROOT = Pathname.new("/etc/lxc")
ZONE_PATH = LXC_ROOT.join("zones") ZONE_PATH = LXC_ROOT.join("zones")
TEMPLATE_PATH = LXC_ROOT.join("templates") TEMPLATE_PATH = LXC_ROOT.join("templates")
CONTAINER_DATA = LXC_ROOT.join("container.json") CONTAINER_DATA = LXC_ROOT.join("container.json")
LXC_ZONE = ZONE_PATH.join("lxc.zone") LXC_ZONE = ZONE_PATH.join("eve.higgsboson.tk.zone")
DNS_CONTAINER = "dns" DNS_CONTAINER = "dns"
def atomic_write(path, content) def atomic_write(path, content)
@ -21,11 +22,7 @@ def atomic_write(path, content)
FileUtils.mv(temp_path, path) FileUtils.mv(temp_path, path)
end end
class ZoneData class ZoneData < OpenStruct
def initialize(data)
@data = data
end
attr_reader :data
def get_binding def get_binding
binding binding
end end
@ -33,21 +30,10 @@ class ZoneData
def ip(subnet) def ip(subnet)
NetAddr::CIDR.create(subnet).ip(Short: true) NetAddr::CIDR.create(subnet).ip(Short: true)
end end
end
class RdnsData
def initialize(data, subnet)
@data = data
@subnet = subnet
end
attr_reader :data, :subnet
def get_binding
binding
end
def pointers(&block) def pointers(&block)
subnet_arpa = @subnet.arpa subnet_arpa = subnet.arpa
version = @subnet.version version = subnet.version
data["network"].each do |name, data| data["network"].each do |name, data|
next unless data["ipv#{version}"] next unless data["ipv#{version}"]
@ -58,27 +44,27 @@ class RdnsData
end end
end end
def reverse_zone(data, subnet)
subnet = NetAddr::CIDR.create(subnet)
zone_data = ZoneData.new(data: data, subnet: subnet).get_binding
rdns_zone_template = File.read(TEMPLATE_PATH.join("rdns-zone.erb"))
rdns_path = ZONE_PATH.join(subnet.arpa.gsub(/\.$/, ""))
template = ERB.new(rdns_zone_template, nil, '-').result(zone_data)
[rdns_path, template]
end
def main def main
json = JSON.load(File.open(CONTAINER_DATA)) json = JSON.load(File.open(CONTAINER_DATA))
json["zone"]["serial"] += 1 json["zone"]["serial"] += 1
rdns_zone_template = File.read(TEMPLATE_PATH.join("rdns-zone.erb")) zone_data = ZoneData.new(data: json)
zone_data = ZoneData.new(json)
lxc_zone_template = File.read(TEMPLATE_PATH.join("lxc-zone.erb")) lxc_zone_template = File.read(TEMPLATE_PATH.join("lxc-zone.erb"))
zone = ERB.new(lxc_zone_template, nil, '-').result(zone_data.get_binding) zone = ERB.new(lxc_zone_template, nil, '-').result(zone_data.get_binding)
v4_subnet = NetAddr::CIDR.create(json["zone"]["v4_subnet"])
v4_rdns_path = ZONE_PATH.join(v4_subnet.arpa.gsub(/\.$/, ""))
v4_rdns_zone = ERB.new(rdns_zone_template, nil, '-').result(RdnsData.new(json, v4_subnet).get_binding)
v6_subnet = NetAddr::CIDR.create(json["zone"]["v6_subnet"])
v6_rdns_path = ZONE_PATH.join(v6_subnet.arpa.gsub(/\.$/, ""))
v6_rdns_zone = ERB.new(rdns_zone_template, nil, '-').result(RdnsData.new(json, v6_subnet).get_binding)
atomic_write(LXC_ZONE, zone) atomic_write(LXC_ZONE, zone)
atomic_write(v4_rdns_path, v4_rdns_zone) atomic_write(*reverse_zone(json, json["zone"]["v4_subnet"]))
atomic_write(v6_rdns_path, v6_rdns_zone) atomic_write(*reverse_zone(json, json["zone"]["v6_subnet"]))
atomic_write(CONTAINER_DATA, JSON.pretty_generate(json)) atomic_write(CONTAINER_DATA, JSON.pretty_generate(json))
system("lxc-attach", "-e", "-n", DNS_CONTAINER, "--", "rec_control", "reload-zones") system("lxc-attach", "-e", "-n", DNS_CONTAINER, "--", "rec_control", "reload-zones")

18
templates/lxc-zone.erb
View File

@ -1,10 +1,14 @@
@ IN SOA <%= data["zone"]["soa"] %> hostmaster ( @ IN SOA <%= data["zone"]["soa"] %> <%= data["zone"]["hostmaster"] %> (
<%= data["zone"]["serial"] %> ; serial <%= data["zone"]["serial"] %> ; serial
<%= data["zone"]["refresh"] %> ; refresh <%= data["zone"]["refresh"] %> ; refresh
<%= data["zone"]["retry"] %> ; retry <%= data["zone"]["retry"] %> ; retry
<%= data["zone"]["expire"] %> ; expire <%= data["zone"]["expire"] %> ; expire
<%= data["zone"]["minimum"] %>) ; minimum <%= data["zone"]["minimum"] %>) ; minimum
NS <%= data["zone"]["ns"] %> <% data["network"].each do |name, value| -%>
<% if value["ns"] -%>
IN NS <%= name %>
<% end -%>
<% end -%>
<% data["network"].each do |name, value| %> <% data["network"].each do |name, value| %>
<% if value["cname"] -%> <% if value["cname"] -%>

35
templates/rdns-zone.erb
View File

@ -1,11 +1,26 @@
@ IN SOA <%= data["zone"]["soa"] %> hostmaster ( @ IN SOA <%= data["zone"]["soa"] %> <%= data["zone"]["hostmaster"] %> (
<%= data["zone"]["serial"] %> ; serial <%= data["zone"]["serial"] %> ; serial
<%= data["zone"]["refresh"] %> ; refresh <%= data["zone"]["refresh"] %> ; refresh
<%= data["zone"]["retry"] %> ; retry <%= data["zone"]["retry"] %> ; retry
<%= data["zone"]["expire"] %> ; expire <%= data["zone"]["expire"] %> ; expire
<%= data["zone"]["minimum"] %>) ; minimum <%= data["zone"]["minimum"] %>) ; minimum
NS <%= data["zone"]["ns"] %> <% data["network"].each do |name, value| -%>
<% if value["ns"] -%>
<% pointers do |addr, name| %> IN NS <%= name %>
<%= addr %> PTR <%= name %>.lxc. <% end -%>
<% end -%>
<% data["network"].each do |name, value| -%>
<% if value["ns"] -%>
<% if value["ipv4"] -%>
<%= name %> A <%= ip(value["ipv4"]) %>
<% end -%>
<% if value["ipv6"] -%>
<%= name %> AAAA <%= ip(value["ipv6"]) %>
<% end -%>
<% end -%>
<% end -%>
<% pointers do |addr, name| -%>
<%= addr %> PTR <%= name %>.<%= data["zone"]["domain"] %>.
<% end -%> <% end -%>

126
zones/1.0.0.0.d.f.1.3.0.1.2.0.8.f.4.0.1.0.a.2.ip6.arpa
View File

@ -1,78 +1,52 @@
@ IN SOA higgsboson.tk. hostmaster ( @ IN SOA ns1.higgsboson.tk. hostmaster.higgsboson.tk (
94 ; serial 112 ; serial
1H ; refresh 1H ; refresh
4H ; retry 4H ; retry
3W ; expire 3W ; expire
1D) ; minimum 1D) ; minimum
NS higgsboson.tk. IN NS ns1
IN NS ns2
ns1 A 192.168.66.6
ns1 AAAA 2a01:4f8:210:31fd:1::6
ns2 A 192.168.67.1
ns2 AAAA 2a03:b0c0:2:d0:1::1
1.0.0.0.0.0.0.0.0.0.0.0 PTR eve.lxc. 1.0.0.0.0.0.0.0.0.0.0.0 PTR eve.eve.higgsboson.tk.
1.0.0.0.0.0.0.0.0.0.0.0 PTR bridge.eve.higgsboson.tk.
1.0.0.0.0.0.0.0.0.0.0.0 PTR bridge.lxc. 6.1.0.0.0.0.0.0.0.0.0.0 PTR jabber.eve.higgsboson.tk.
0.4.0.0.0.0.0.0.0.0.0.0 PTR olddevkid.eve.higgsboson.tk.
0.4.0.0.0.0.0.0.0.0.0.0 PTR olddevkid.lxc. 2.0.0.0.0.0.0.0.0.0.0.0 PTR base.eve.higgsboson.tk.
3.0.0.0.0.0.0.0.0.0.0.0 PTR ldap.eve.higgsboson.tk.
2.0.0.0.0.0.0.0.0.0.0.0 PTR base.lxc. 5.0.0.0.0.0.0.0.0.0.0.0 PTR web.eve.higgsboson.tk.
6.0.0.0.0.0.0.0.0.0.0.0 PTR ns1.eve.higgsboson.tk.
3.0.0.0.0.0.0.0.0.0.0.0 PTR ldap.lxc. 1.0.0.0.0.0.0.0.0.0.0.0 PTR ns2.eve.higgsboson.tk.
6.0.0.0.0.0.0.0.0.0.0.0 PTR dns.eve.higgsboson.tk.
5.0.0.0.0.0.0.0.0.0.0.0 PTR web.lxc. 7.0.0.0.0.0.0.0.0.0.0.0 PTR faces.eve.higgsboson.tk.
8.0.0.0.0.0.0.0.0.0.0.0 PTR jtes.eve.higgsboson.tk.
6.0.0.0.0.0.0.0.0.0.0.0 PTR dns.lxc. 9.0.0.0.0.0.0.0.0.0.0.0 PTR mysql.eve.higgsboson.tk.
4.0.0.0.0.0.0.0.0.0.0.0 PTR git.eve.higgsboson.tk.
7.0.0.0.0.0.0.0.0.0.0.0 PTR faces.lxc. a.0.0.0.0.0.0.0.0.0.0.0 PTR postgres.eve.higgsboson.tk.
b.0.0.0.0.0.0.0.0.0.0.0 PTR phpmyadmin.eve.higgsboson.tk.
8.0.0.0.0.0.0.0.0.0.0.0 PTR jtes.lxc. d.0.0.0.0.0.0.0.0.0.0.0 PTR phppgadmin.eve.higgsboson.tk.
e.0.0.0.0.0.0.0.0.0.0.0 PTR adminer.eve.higgsboson.tk.
9.0.0.0.0.0.0.0.0.0.0.0 PTR mysql.lxc. 0.1.0.0.0.0.0.0.0.0.0.0 PTR mail.eve.higgsboson.tk.
1.1.0.0.0.0.0.0.0.0.0.0 PTR istwiki.eve.higgsboson.tk.
4.0.0.0.0.0.0.0.0.0.0.0 PTR git.lxc. 2.1.0.0.0.0.0.0.0.0.0.0 PTR ytm.eve.higgsboson.tk.
c.0.0.0.0.0.0.0.0.0.0.0 PTR ldapadmin.eve.higgsboson.tk.
a.0.0.0.0.0.0.0.0.0.0.0 PTR postgres.lxc. 3.1.0.0.0.0.0.0.0.0.0.0 PTR rainloop.eve.higgsboson.tk.
f.0.0.0.0.0.0.0.0.0.0.0 PTR owncloud.eve.higgsboson.tk.
b.0.0.0.0.0.0.0.0.0.0.0 PTR phpmyadmin.lxc. 4.1.0.0.0.0.0.0.0.0.0.0 PTR ttrss.eve.higgsboson.tk.
5.1.0.0.0.0.0.0.0.0.0.0 PTR teamspeak.eve.higgsboson.tk.
d.0.0.0.0.0.0.0.0.0.0.0 PTR phppgadmin.lxc. 6.1.0.0.0.0.0.0.0.0.0.0 PTR prosody.eve.higgsboson.tk.
7.1.0.0.0.0.0.0.0.0.0.0 PTR piwik.eve.higgsboson.tk.
e.0.0.0.0.0.0.0.0.0.0.0 PTR adminer.lxc. 8.1.0.0.0.0.0.0.0.0.0.0 PTR tweetnest.eve.higgsboson.tk.
9.1.0.0.0.0.0.0.0.0.0.0 PTR etherpad.eve.higgsboson.tk.
0.1.0.0.0.0.0.0.0.0.0.0 PTR mail.lxc. a.1.0.0.0.0.0.0.0.0.0.0 PTR pyload.eve.higgsboson.tk.
b.1.0.0.0.0.0.0.0.0.0.0 PTR squid.eve.higgsboson.tk.
1.1.0.0.0.0.0.0.0.0.0.0 PTR istwiki.lxc. c.1.0.0.0.0.0.0.0.0.0.0 PTR classifier.eve.higgsboson.tk.
d.1.0.0.0.0.0.0.0.0.0.0 PTR seafile.eve.higgsboson.tk.
2.1.0.0.0.0.0.0.0.0.0.0 PTR ytm.lxc. e.1.0.0.0.0.0.0.0.0.0.0 PTR login.eve.higgsboson.tk.
f.1.0.0.0.0.0.0.0.0.0.0 PTR dn42.eve.higgsboson.tk.
c.0.0.0.0.0.0.0.0.0.0.0 PTR ldapadmin.lxc. 0.2.0.0.0.0.0.0.0.0.0.0 PTR halfcode.eve.higgsboson.tk.
1.2.0.0.0.0.0.0.0.0.0.0 PTR phonefinder.eve.higgsboson.tk.
3.1.0.0.0.0.0.0.0.0.0.0 PTR rainloop.lxc.
f.0.0.0.0.0.0.0.0.0.0.0 PTR owncloud.lxc.
4.1.0.0.0.0.0.0.0.0.0.0 PTR ttrss.lxc.
5.1.0.0.0.0.0.0.0.0.0.0 PTR teamspeak.lxc.
6.1.0.0.0.0.0.0.0.0.0.0 PTR prosody.lxc.
7.1.0.0.0.0.0.0.0.0.0.0 PTR piwik.lxc.
8.1.0.0.0.0.0.0.0.0.0.0 PTR tweetnest.lxc.
9.1.0.0.0.0.0.0.0.0.0.0 PTR etherpad.lxc.
a.1.0.0.0.0.0.0.0.0.0.0 PTR pyload.lxc.
b.1.0.0.0.0.0.0.0.0.0.0 PTR squid.lxc.
c.1.0.0.0.0.0.0.0.0.0.0 PTR classifier.lxc.
d.1.0.0.0.0.0.0.0.0.0.0 PTR seafile.lxc.
e.1.0.0.0.0.0.0.0.0.0.0 PTR login.lxc.
f.1.0.0.0.0.0.0.0.0.0.0 PTR dn42.lxc.
0.2.0.0.0.0.0.0.0.0.0.0 PTR halfcode.lxc.
1.2.0.0.0.0.0.0.0.0.0.0 PTR phonefinder.lxc.

119
zones/66.168.192.in-addr.arpa
View File

@ -1,72 +1,51 @@
@ IN SOA higgsboson.tk. hostmaster ( @ IN SOA ns1.higgsboson.tk. hostmaster.higgsboson.tk (
69 ; serial 112 ; serial
1H ; refresh 1H ; refresh
4H ; retry 4H ; retry
3W ; expire 3W ; expire
1D) ; minimum 1D) ; minimum
NS higgsboson.tk. IN NS ns1
IN NS ns2
ns1 A 192.168.66.6
ns1 AAAA 2a01:4f8:210:31fd:1::6
ns2 A 192.168.67.1
ns2 AAAA 2a03:b0c0:2:d0:1::1
1 PTR bridge.lxc. 1 PTR bridge.eve.higgsboson.tk.
22 PTR jabber.eve.higgsboson.tk.
100 PTR olddevkid.lxc. 100 PTR olddevkid.eve.higgsboson.tk.
2 PTR base.eve.higgsboson.tk.
2 PTR base.lxc. 3 PTR ldap.eve.higgsboson.tk.
5 PTR web.eve.higgsboson.tk.
3 PTR ldap.lxc. 6 PTR ns1.eve.higgsboson.tk.
1 PTR ns2.eve.higgsboson.tk.
5 PTR web.lxc. 6 PTR dns.eve.higgsboson.tk.
7 PTR faces.eve.higgsboson.tk.
6 PTR dns.lxc. 8 PTR jtes.eve.higgsboson.tk.
9 PTR mysql.eve.higgsboson.tk.
7 PTR faces.lxc. 4 PTR git.eve.higgsboson.tk.
10 PTR postgres.eve.higgsboson.tk.
8 PTR jtes.lxc. 11 PTR phpmyadmin.eve.higgsboson.tk.
13 PTR phppgadmin.eve.higgsboson.tk.
9 PTR mysql.lxc. 14 PTR adminer.eve.higgsboson.tk.
16 PTR mail.eve.higgsboson.tk.
4 PTR git.lxc. 17 PTR istwiki.eve.higgsboson.tk.
18 PTR ytm.eve.higgsboson.tk.
10 PTR postgres.lxc. 12 PTR ldapadmin.eve.higgsboson.tk.
19 PTR rainloop.eve.higgsboson.tk.
11 PTR phpmyadmin.lxc. 15 PTR owncloud.eve.higgsboson.tk.
20 PTR ttrss.eve.higgsboson.tk.
13 PTR phppgadmin.lxc. 21 PTR teamspeak.eve.higgsboson.tk.
22 PTR prosody.eve.higgsboson.tk.
14 PTR adminer.lxc. 23 PTR piwik.eve.higgsboson.tk.
24 PTR tweetnest.eve.higgsboson.tk.
16 PTR mail.lxc. 25 PTR etherpad.eve.higgsboson.tk.
26 PTR pyload.eve.higgsboson.tk.
17 PTR istwiki.lxc. 27 PTR squid.eve.higgsboson.tk.
28 PTR classifier.eve.higgsboson.tk.
18 PTR ytm.lxc. 29 PTR seafile.eve.higgsboson.tk.
30 PTR login.eve.higgsboson.tk.
12 PTR ldapadmin.lxc. 31 PTR dn42.eve.higgsboson.tk.
32 PTR halfcode.eve.higgsboson.tk.
19 PTR rainloop.lxc. 33 PTR phonefinder.eve.higgsboson.tk.
15 PTR owncloud.lxc.
20 PTR ttrss.lxc.
21 PTR teamspeak.lxc.
22 PTR prosody.lxc.
23 PTR piwik.lxc.
24 PTR tweetnest.lxc.
25 PTR etherpad.lxc.
26 PTR pyload.lxc.
27 PTR squid.lxc.
28 PTR classifier.lxc.
29 PTR seafile.lxc.
30 PTR login.lxc.
31 PTR dn42.lxc.

38
zones/lxc.zone → zones/eve.higgsboson.tk.zone
View File

@ -1,10 +1,11 @@
@ IN SOA higgsboson.tk. hostmaster ( @ IN SOA ns1.higgsboson.tk. hostmaster.higgsboson.tk (
94 ; serial 112 ; serial
1H ; refresh 1H ; refresh
4H ; retry 4H ; retry
3W ; expire 3W ; expire
1D) ; minimum 1D) ; minimum
NS higgsboson.tk. IN NS ns1
IN NS ns2
eve AAAA 2a01:4f8:210:31fd::1 eve AAAA 2a01:4f8:210:31fd::1
@ -15,7 +16,10 @@ ipv4.bridge A 192.168.66.1
bridge AAAA 2a01:4f8:210:31fd:1::1 bridge AAAA 2a01:4f8:210:31fd:1::1
ipv6.bridge AAAA 2a01:4f8:210:31fd:1::1 ipv6.bridge AAAA 2a01:4f8:210:31fd:1::1
jabber CNAME prosody jabber A 192.168.66.22
ipv4.jabber A 192.168.66.22
jabber AAAA 2a01:4f8:210:31fd:1::16
ipv6.jabber AAAA 2a01:4f8:210:31fd:1::16
_xmpp-client._tcp SRV 0 5 5222 jabber _xmpp-client._tcp SRV 0 5 5222 jabber
@ -39,19 +43,21 @@ ipv4.web A 192.168.66.5
web AAAA 2a01:4f8:210:31fd:1::5 web AAAA 2a01:4f8:210:31fd:1::5
ipv6.web AAAA 2a01:4f8:210:31fd:1::5 ipv6.web AAAA 2a01:4f8:210:31fd:1::5
ns1 A 192.168.66.6
ipv4.ns1 A 192.168.66.6
ns1 AAAA 2a01:4f8:210:31fd:1::6
ipv6.ns1 AAAA 2a01:4f8:210:31fd:1::6
ns2 A 192.168.67.1
ipv4.ns2 A 192.168.67.1
ns2 AAAA 2a03:b0c0:2:d0:1::1
ipv6.ns2 AAAA 2a03:b0c0:2:d0:1::1
dns A 192.168.66.6 dns A 192.168.66.6
ipv4.dns A 192.168.66.6 ipv4.dns A 192.168.66.6
dns AAAA 2a01:4f8:210:31fd:1::6 dns AAAA 2a01:4f8:210:31fd:1::6
ipv6.dns AAAA 2a01:4f8:210:31fd:1::6 ipv6.dns AAAA 2a01:4f8:210:31fd:1::6
faces A 192.168.66.7 faces A 192.168.66.7
ipv4.faces A 192.168.66.7 ipv4.faces A 192.168.66.7
faces AAAA 2a01:4f8:210:31fd:1::7 faces AAAA 2a01:4f8:210:31fd:1::7