diff --git a/hooks/evenet-routes b/hooks/evenet-routes deleted file mode 100755 index 67343ff..0000000 --- a/hooks/evenet-routes +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -/usr/bin/ip route add 172.16.0.0/12 via 172.16.75.1 proto static metric 100 -/usr/bin/ip route add 10.0.0.0/8 via 172.16.75.1 proto static metric 100 -exit 0 diff --git a/hooks/lib/lxc/container.rb b/hooks/lib/lxc/container.rb index a54c604..c2bd493 100644 --- a/hooks/lib/lxc/container.rb +++ b/hooks/lib/lxc/container.rb @@ -11,11 +11,11 @@ module Lxc @data["network"][name] = {} zone = @data["zone"] || {} - @ipv4_subnet = NetAddr::CIDR.create(zone["v4_subnet"] || "192.168.10.0/24") - @ipv6_subnet = NetAddr::CIDR.create(zone["v6_subnet"] || "fd7d:aed0:18aa::/48") - @ula_subnet = NetAddr::CIDR.create(zone["ula_subnet"] || "fdc5:bdb8:b81::/48") + @ipv4_subnet = NetAddr::CIDR.create(zone["ipv4-subnet"] || "192.168.10.0/24") + @ipv6_subnet = NetAddr::CIDR.create(zone["ipv6-subnet"] || "fd7d:aed0:18aa::/48") + @ula_subnet = NetAddr::CIDR.create(zone["ula-subnet"] || "fdc5:bdb8:b81::/48") - @container_root = Pathname.new(zone["lxc_root"]).join(name) + @container_root = Pathname.new(zone["lxc-root"]).join(name) network = data["network"] @name = name diff --git a/hooks/lib/lxc/rdns.rb b/hooks/lib/lxc/rdns.rb index 99c4a2a..1a17ef3 100644 --- a/hooks/lib/lxc/rdns.rb +++ b/hooks/lib/lxc/rdns.rb @@ -21,7 +21,6 @@ module Lxc host_part = arpa[0, arpa.size - @subnet.arpa.size - 1] # only allowed characters in FQDN name = name.gsub(/[^a-zA-Z0-9\-]/, "-") - # <%= addr %> PTR <%= fqdn(name) %>.<%= data["zone"]["domain"] %>. yield name, host_part end end @@ -32,7 +31,7 @@ module Lxc def write_zone_file(path) zone_template = Template.new(CONFIG_ROOT.join("hooks/templates/rdns-zone.erb")) - domain = data["zone"]["#{@addr_field}-domain"] + domain = data["zone"]["dn42-domain"] zone_template.write(path.join("zones", name), zone: self, data: data, diff --git a/hooks/templates/config.erb b/hooks/templates/config.erb index 86ae5bd..ed8f7d1 100644 --- a/hooks/templates/config.erb +++ b/hooks/templates/config.erb @@ -8,4 +8,4 @@ lxc.mount = <%= fstab %> lxc.network.ipv4 = <%= ipv4 %> lxc.network.ipv6 = <%= ipv6 %> lxc.network.ipv6 = <%= ula %> -lxc.network.veth.pair = lxc_<%= name[0..(16-4)] %> +lxc.network.veth.pair = <%= "lxc_#{name}"[0..14] %> diff --git a/hooks/templates/lxc-zone.erb b/hooks/templates/dn42-zone.erb similarity index 90% rename from hooks/templates/lxc-zone.erb rename to hooks/templates/dn42-zone.erb index b4e566c..0445862 100644 --- a/hooks/templates/lxc-zone.erb +++ b/hooks/templates/dn42-zone.erb @@ -13,11 +13,12 @@ $TTL <%= data["zone"]["ttl"] %> <% end -%> <% if data["zone"]["a"] -%> - A <%= data["zone"]["a"] %> + A <%= data["zone"]["dn42-a"] %> <% end -%> <% if data["zone"]["aaaa"] -%> - AAAA <%= data["zone"]["aaaa"]%> + AAAA <%= data["zone"]["dn42-aaaa"]%> <% end -%> + <% data["network"].each do |name, value| %> <% if value["cname"] -%> <%= fqdn(name) %> CNAME <%= value["cname"] %> @@ -29,12 +30,11 @@ $TTL <%= data["zone"]["ttl"] %> <%= fqdn(name) %> A <%= NetAddr::CIDR.create(value["ipv4"]).ip(Short: true) %> ipv4.<%= fqdn(name) %> A <%= NetAddr::CIDR.create(value["ipv4"]).ip(Short: true) %> <% end -%> -<% if value["ipv6"] -%> -<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %> -ipv6.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %> -<% end -%> <% if value["ula"] -%> <%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ula"]).ip(Short: true) %> ula.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ula"]).ip(Short: true) %> <% end -%> +<% if value["ipv6"] -%> +ipv6.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %> +<% end -%> <% end -%> diff --git a/hooks/templates/ipv6-zone.erb b/hooks/templates/ipv6-zone.erb new file mode 100644 index 0000000..ecae114 --- /dev/null +++ b/hooks/templates/ipv6-zone.erb @@ -0,0 +1,32 @@ +<% if data["zone"]["ttl"] -%> +$TTL <%= data["zone"]["ttl"] %> +<% end -%> + +@ IN SOA <%= data["zone"]["soa"] %> <%= data["zone"]["hostmaster"] %> ( + <%= data["zone"]["serial"] %> ; serial + <%= data["zone"]["refresh"] %> ; refresh + <%= data["zone"]["retry"] %> ; retry + <%= data["zone"]["expire"] %> ; expire + <%= data["zone"]["minimum"] %>) ; minimum +<% data["zone"]["ns"].each do |name, value| -%> + NS <%= name %>. +<% end -%> + +<% if data["zone"]["a"] -%> + A <%= data["zone"]["a"] %> +<% end -%> +<% if data["zone"]["aaaa"] -%> + AAAA <%= data["zone"]["aaaa"]%> +<% end -%> + +<% data["network"].each do |name, value| %> +<% if value["cname"] -%> +<%= fqdn(name) %> CNAME <%= value["cname"] %> +<% end -%> +<% if value["srv"] -%> +<%= fqdn(name) %> SRV <%= value["srv"] %> +<% end -%> +<% if value["ipv6"] -%> +<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %> +<% end -%> +<% end -%> diff --git a/hooks/update-hetzner-rdns b/hooks/update-hetzner-rdns index 460a072..60b4b3e 100755 --- a/hooks/update-hetzner-rdns +++ b/hooks/update-hetzner-rdns @@ -39,7 +39,7 @@ end registry = Lxc::Registry.new registry.data["zone"] ||= {} domain = registry.data["zone"]["ipv6-domain"] || "lxc" -subnet = registry.data["zone"]["v6_subnet"] +subnet = registry.data["zone"]["ipv6-subnet"] if subnet subnet_cidr = NetAddr::CIDR.create(subnet) credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key")) @@ -47,5 +47,5 @@ if subnet network = registry.data["network"] || {} update_hetzner_rdns6(user, password, domain, subnet_cidr, network) else - puts "no v6_subnet specified in container.json. skip rdns records" + puts "no ipv6-subnet specified in container.json. skip rdns records" end diff --git a/hooks/update-lxc-configs b/hooks/update-lxc-configs index bff3311..07f2a9d 100755 --- a/hooks/update-lxc-configs +++ b/hooks/update-lxc-configs @@ -4,7 +4,7 @@ require_relative "lib/lxc" registry = Lxc::Registry.new -container_root = Pathname.new(registry.data["zone"]["lxc_root"]) +container_root = Pathname.new(registry.data["zone"]["lxc-root"]) network = registry.data["network"] || {} network.each do |name, container| next if container["lxc"] == false diff --git a/hooks/update-mounts b/hooks/update-mounts index f60af49..bd89b16 100755 --- a/hooks/update-mounts +++ b/hooks/update-mounts @@ -5,8 +5,10 @@ require_relative "lib/lxc" LXC_ROOT = Pathname.new("/data/containers") FSTAB_D = Pathname.new("/etc/fstab.d") +SYS_MOUNT = 165 +MS_BIND = 4096 -def fstab_entries(src_path, dest_path, mounts) +def mount(src_path, dest_path, mounts) unless src_path.exist? abort "container directory for shared mount does not exists #{dest_path}" end @@ -17,14 +19,14 @@ def fstab_entries(src_path, dest_path, mounts) src = src.gsub(/^\//, "") src_mount = dest_path.join(src) - puts ("mkdir -p #{src_mount}") if dest == true dest_mount = src_path.join(src) else dest_mount = src_path.join(dest.gsub(/^\//, "")) end + puts ("mkdir -p #{dest_mount}") FileUtils.mkdir_p(dest_mount) - "#{src_mount} #{dest_mount} none bind,nofail,x-systemd.device-timeout=1 0 0" + syscall(SYS_MOUNT, src_mount.to_s, dest_mount.to_s, "none", MS_BIND, 0) end entries @@ -38,21 +40,10 @@ def main containers = container["mounts"] next if containers.nil? - fstab = [] containers.each do |dest_container, mounts| dest_path = LXC_ROOT.join(dest_container, "rootfs") - fstab << fstab_entries(src_path, dest_path, mounts) + mount(src_path, dest_path, mounts) end - content = fstab.join("\n") - path = FSTAB_D.join("50_lxc_#{name}") - - f = File.open(path, "w+") - f.write content - f.write "\n" - f.close - - Lxc::Utils.sh("update-conf.d", "fstab") - Lxc::Utils.sh("mount", "-a") end end diff --git a/hooks/update-zone b/hooks/update-zone index 754c3d9..93ef78b 100755 --- a/hooks/update-zone +++ b/hooks/update-zone @@ -5,6 +5,16 @@ require_relative "lib/lxc" DNS_CONTAINER = "dns" +def dns_zone(registry, template, zone_name) + root_path = Pathname.new(File.expand_path("../..", __FILE__)) + zone_template = Lxc::Template.new(root_path.join("hooks/templates/#{template}.erb")) + zone = registry.data["zone"] || {} + zone_template.write(root_path.join("zones", + "#{zone_name}.zone"), + data: registry.data, + zone: zone) +end + def main registry = Lxc::Registry.new registry.data["zone"] ||= {} @@ -13,23 +23,23 @@ def main root_path = Lxc::CONFIG_ROOT - if subnet = registry.data["zone"]["ula_subnet"] - Lxc::RdnsZone.new(registry.data, "ula", subnet).write_zone_file(root_path) + if subnet = registry.data["zone"]["ula-subnet"] + zone = Lxc::RdnsZone.new(registry.data, "ula", subnet) + zone.write_zone_file(root_path) end - if subnet = registry.data["zone"]["v4_subnet"] - Lxc::RdnsZone.new(registry.data, "ipv4", subnet).write_zone_file(root_path) + if subnet = registry.data["zone"]["ipv4-subnet"] + zone = Lxc::RdnsZone.new(registry.data, "ipv4", subnet) + zone.write_zone_file(root_path) end - if subnet = registry.data["zone"]["v6_subnet"] - Lxc::RdnsZone.new(registry.data, "ipv6", subnet).write_zone_file(root_path) + if domain = registry.data["zone"]["ipv6-domain"] + dns_zone(registry, "ipv6-zone", domain) end - root_path = Pathname.new(File.expand_path("../..", __FILE__)) - zone_template = Lxc::Template.new(root_path.join("hooks/templates/lxc-zone.erb")) - zone = registry.data["zone"] || {} - zone_name = registry.data["zone"]["domain"] || "lxc" - zone_template.write(root_path.join("zones", "#{zone_name}.zone"), data: registry.data, zone: zone) + if domain = registry.data["zone"]["dn42-domain"] + dns_zone(registry, "dn42-zone", domain) + end Lxc::Utils.sh("lxc-attach", "-n", DNS_CONTAINER, "--", "rndc", "reload") end