[bind.py] Gestion plus propre des alias de domaines
Ignore-this: f2bc99e92c9e384087778340a9b1308b darcs-hash:20130112182407-3a55a-46b838ec99e93c7abd62a1d8d3caae6b2d60211b.gz
This commit is contained in:
Valentin Samir
parent
fe958d0009
commit
151c6fec97
1 changed files with 35 additions and 10 deletions
|
|
@ -52,7 +52,13 @@ la base LDAP
|
|||
## zone des esclaves (sur le serveur principal de bcfg2 : python /usr/scripts/gestion/gen_confs/bind.py puis lancer bcfg2 sur les miroirs)
|
||||
# Résolution directe
|
||||
zones_direct = [ 'crans.org', 'crans.ens-cachan.fr', 'wifi.crans.org', 'ferme.crans.org' , 'clubs.ens-cachan.fr', 'adm.crans.org','crans.eu','wifi.crans.eu' ]
|
||||
# Zones signée par opendnssec sur le serveur maitre
|
||||
zones_dnssec = ['crans.eu','wifi.crans.eu','v6.crans.eu','wifi.v6.crans.eu']
|
||||
# Zones alias pour les enregistrement A AAAA CNAME TXT et SSHFP
|
||||
zone_alias = {
|
||||
'crans.org' : ['crans.eu'],
|
||||
'wifi.crans.org' : ['wifi.crans.eu'],
|
||||
}
|
||||
zones_v4_to_v6 = {
|
||||
'wifi.crans.eu': 'wifi.v6.crans.eu',
|
||||
'crans.eu': 'v6.crans.eu',
|
||||
|
|
@ -278,11 +284,13 @@ zone "%(NOM_zone)s" {
|
|||
# Le direct
|
||||
if zone in self.zones_direct :
|
||||
ligne = "%s\tIN\tA\t%s\n" % ( nom, machine.ip() )
|
||||
# Si la machine est une borne wifi, on ajoute la position
|
||||
if isinstance(machine,ldap_crans.BorneWifi) and machine.position():
|
||||
ligne +="%s\tIN\tTXT\t\"LOC %s,%s\"\n" % (nom,machine.position()[0],machine.position()[1])
|
||||
for key in machine.sshFingerprint():
|
||||
# Si la machine à des clefs ssh, on ajoute les champs SSFP correspondant
|
||||
for sshkey in machine.sshFingerprint():
|
||||
try:
|
||||
[algo,key]=key.split()[:2]
|
||||
[algo,key]=sshkey.split()[:2]
|
||||
if algo == "ssh-rsa": algo=1
|
||||
elif algo == "ssh-dss": algo=2
|
||||
else: raise ValueError("Invalid Algorithms %s" % algo)
|
||||
|
|
@ -290,6 +298,9 @@ zone "%(NOM_zone)s" {
|
|||
ligne +="%s\tIN\tSSHFP\t%s\t1\t%s\n" % (nom,algo,key)
|
||||
except(ValueError,TypeError): pass
|
||||
direct[zone] = direct.get(zone, "") + ligne
|
||||
if zone in self.zone_alias:
|
||||
for alias in self.zone_alias[zone]:
|
||||
direct[alias] = direct.get(alias, "") + ligne
|
||||
elif self.verbose and machine.nom() != "ftp.federez.net":
|
||||
warnings += u'Résolution directe ignorée (mid=%s) : zone non autoritaire (%s)\n' % ( machine.id().encode('iso-8859-1'), zone.encode('iso-8859-1') )
|
||||
|
||||
|
|
@ -303,7 +314,13 @@ zone "%(NOM_zone)s" {
|
|||
direct[zone_v6] = direct.get(zone_v6, "") + ligne
|
||||
if machine.dnsIpv6():
|
||||
direct[zone] = direct.get(zone, "") + ligne
|
||||
|
||||
if zone in self.zone_alias:
|
||||
for alias in self.zone_alias[zone]:
|
||||
if alias in self.zones_v4_to_v6:
|
||||
alias_v6=self.zones_v4_to_v6[alias]
|
||||
direct[alias_v6] = direct.get(alias_v6, "") + ligne
|
||||
if machine.dnsIpv6():
|
||||
direct[alias] = direct.get(alias, "") + ligne
|
||||
# Reverse
|
||||
zone_rev, length = self.reverse(net_v6, ipv6)
|
||||
rev = '.'.join(ipv6.reverse_dns.split('.')[:length])
|
||||
|
|
@ -319,15 +336,24 @@ zone "%(NOM_zone)s" {
|
|||
ligne = "@\tIN\tA\t%s\n" % machine.ip()
|
||||
ligne = ligne.encode('iso-8859-1')
|
||||
direct[alias] = direct.get(alias, "") + ligne
|
||||
if alias in self.zone_alias:
|
||||
for alias2 in self.zone_alias[alias]: direct[alias2] = direct.get(alias2, "") + ligne
|
||||
if machine.dnsIpv6():
|
||||
ligne = "@\tIN\tAAAA\t%s\n" % machine.ipv6()
|
||||
ligne = ligne.encode('iso-8859-1')
|
||||
direct[alias]= direct.get(alias, "") + ligne
|
||||
if alias in self.zone_alias:
|
||||
for alias2 in self.zone_alias[alias]: direct[alias2] = direct.get(alias2, "") + ligne
|
||||
if alias in self.zones_v4_to_v6:
|
||||
ligne = "@\tIN\tAAAA\t%s\n" % machine.ipv6()
|
||||
ligne = ligne.encode('iso-8859-1')
|
||||
zone6 = self.zones_v4_to_v6[alias]
|
||||
direct[zone6] = direct.get(zone6, '') + ligne
|
||||
if alias in self.zone_alias:
|
||||
for alias2 in self.zone_alias[alias]:
|
||||
if alias2 in self.zones_v4_to_v6:
|
||||
alias26=self.zones_v4_to_v6[alias2]
|
||||
direct[alias26] = direct.get(alias26, "") + ligne
|
||||
continue
|
||||
|
||||
# Bon format ?
|
||||
|
|
@ -352,6 +378,12 @@ zone "%(NOM_zone)s" {
|
|||
zone6 = self.zones_v4_to_v6[zone]
|
||||
ligne = "%s\tIN\tCNAME\t%s.\n" % ( nom, machine.nom6() )
|
||||
direct[zone6] = direct.get(zone6, '') + ligne
|
||||
if zone in self.zone_alias:
|
||||
for alias in self.zone_alias[zone]:
|
||||
direct[alias] = direct.get(alias, '') + ligne
|
||||
if alias in self.zones_v4_to_v6:
|
||||
alias6 = self.zones_v4_to_v6[alias]
|
||||
direct[alias6] = direct.get(alias6, '') + ligne
|
||||
|
||||
# Le reverse
|
||||
ip = machine.ip()
|
||||
|
|
@ -387,13 +419,6 @@ zone "%(NOM_zone)s" {
|
|||
direct[zone] = direct[zone] + "%s\tIN\tNS\t%s\n" % ( nom, serv )
|
||||
|
||||
|
||||
### aliasing pour crans.eu
|
||||
direct['crans.eu']=re.sub('crans.org','crans.eu',direct['crans.org'])
|
||||
direct['wifi.crans.eu']=re.sub('crans.org','crans.eu',direct['wifi.crans.org'])
|
||||
direct[self.zones_v4_to_v6['crans.eu']]=re.sub('crans.org','crans.eu',direct[self.zones_v4_to_v6['crans.org']])
|
||||
direct[self.zones_v4_to_v6['wifi.crans.eu']]=re.sub('crans.org','crans.eu',direct[self.zones_v4_to_v6['wifi.crans.org']])
|
||||
|
||||
|
||||
### Ajout d'eventuel champs DS pour les délégation dnssec
|
||||
for zone,ds in self.DS.items():
|
||||
for s in ds:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue