From 3e17aee6cca30712d550f28dbec7bd6a4187bee0 Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Mon, 3 Feb 2014 01:53:50 +0100 Subject: [PATCH] =?UTF-8?q?[bind2]=20D=C3=A9coupage=20de=20gen=5Fzones,=20?= =?UTF-8?q?fonction=20pour=20ne=20reg=C3=A9n=C3=A9rer=20que=20le=20multica?= =?UTF-8?q?st,=20section=20'=5F=5Fmain=5F=5F'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- gestion/gen_confs/bind2.py | 134 ++++++++++++++++++++++++++++--------- 1 file changed, 103 insertions(+), 31 deletions(-) mode change 100644 => 100755 gestion/gen_confs/bind2.py diff --git a/gestion/gen_confs/bind2.py b/gestion/gen_confs/bind2.py old mode 100644 new mode 100755 index 4b67d28f..afccac3b --- a/gestion/gen_confs/bind2.py +++ b/gestion/gen_confs/bind2.py @@ -9,6 +9,7 @@ import netaddr sys.path.append('/usr/scripts/') import lc_ldap.shortcuts +import affich_tools from gestion.gen_confs import gen_config from socket import gethostname from gestion import config @@ -175,7 +176,6 @@ class Zone(ZoneBase): else: return ret else: - #print "%s not in zone %s" % (hostname, self.zone_name) return None def add_delegation(zone, server): @@ -360,18 +360,40 @@ class dns(gen_config) : hostname = short_name(gethostname()) + serial = int(time.time()) + 1000000000 + TTL = 3600 + if hostname == short_name(config.dns.DNSs[0]): restart_cmd = '/usr/sbin/ods-signer sign --all && /etc/init.d/bind9 reload' else: restart_cmd = '/etc/init.d/bind9 reload' - def gen_zones(self, ttl, ns_list, populate=True): - zones = {} - serial = int(time.time()) + 1000000000 - for zone in config.dns.zones_ldap: - #print "Create zone %s" % zone - zones[zone]=Zone(zone, ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list, bl_zone=config.dns.zones_direct) - for net in config.dns.zones_reverse: + + def gen_soa(self, ns_list, serial, ttl): + return SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl) + + + def populate_zones(self, zones, machines): + self.anim.iter=len(zones.values()) + for zone in zones.values(): + zone.extend(self.MXs) + for rr_type in [self.SRVs, self.NATPRs, self.DSs]: + if zone.zone_name in rr_type.keys(): + zone.extend(rr_type[zone.zone_name]) + for m in machines: + zone.add_machine(m) + self.anim.cycle() + return zones + + def gen_zones_ldap(self, ttl, ns_list, serial, zones={}, zones_ldap=config.dns.zones_ldap): + for zone in zones_ldap: + zones[zone]=Zone(zone, ttl, self.gen_soa(ns_list, serial, ttl), ns_list, bl_zone=config.dns.zones_direct) + return zones + + def gen_zones_reverse(self, ttl, ns_list, serial, zones={}, + zones_reverse_v4=config.dns.zones_reverse, zones_reverse_v6=config.dns.zones_reverse_v6): + # reverse ipv4 + for net in zones_reverse_v4: net = netaddr.IPNetwork(net) if net.prefixlen > 24: subnets = net.subnet(32) @@ -382,44 +404,67 @@ class dns(gen_config) : else: subnets = net.subnet(8) for subnet in subnets: - #print "Create zone %s" % subnet - zones[str(subnet)]=ZoneReverse(str(subnet), ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list) - for net in config.dns.zones_reverse_v6: - #print "Create zone %s" % net - zones[net]=ZoneReverse(net, ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list) + zones[str(subnet)]=ZoneReverse(str(subnet), ttl, self.gen_soa(ns_list, serial, ttl), ns_list) + # reverse ipv6 + for net in zones_reverse_v6: + zones[net]=ZoneReverse(net, ttl, self.gen_soa(ns_list, serial, ttl), ns_list) + return zones - if populate: - conn = lc_ldap.shortcuts.lc_ldap_admin() - machines = conn.search(u"mid=*", sizelimit=10000) - machines.extend(conn.machinesMulticast()) - self.anim.iter=len(zones.values()) - for zone in zones.values(): - #print "Generate zone %s" % zone.zone_name - zone.extend(self.MXs) - for rr_type in [self.SRVs, self.NATPRs, self.DSs]: - if zone.zone_name in rr_type.keys(): - zone.extend(rr_type[zone.zone_name]) - for m in machines: - zone.add_machine(m) - self.anim.cycle() + def gen_zones_clone(self, ttl, ns_list, serial, zones={}): for zone_clone, zones_alias in config.dns.zone_alias.items(): for zone in zones_alias: - zones[zone]=ZoneClone(zone, zones[zone_clone], SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl)) + zones[zone]=ZoneClone(zone, zones[zone_clone], self.gen_soa(ns_list, serial, ttl)) for rr_type in [self.SRVs, self.NATPRs, self.DSs]: if zones[zone].zone_name in rr_type.keys(): zones[zone].extend(rr_type[zones[zone].zone_name]) return zones + def gen_zones(self, ttl, serial, ns_list, populate=True): + zones = {} + self.gen_zones_ldap(ttl, ns_list, serial, zones) + self.gen_zones_reverse(ttl, ns_list, serial, zones) + + if populate: + conn = lc_ldap.shortcuts.lc_ldap_admin() + machines = conn.search(u"mid=*", sizelimit=10000) + machines.extend(conn.machinesMulticast()) + self.populate_zones(zones, machines) + + # Doit être fait après populate_zones lorsque l'on a l'intention d'écrire les fichiers de zone + # En effet, la génération de la zone clone dépend du contenue de la zone originale + self.gen_zones_clone(ttl, ns_list, serial, zones) + return zones + + + def gen_tv(self, populate=True): + self.anim = affich_tools.anim('\tgénération de la zone tv') + zones = {} + serial = self.serial + self.gen_zones_reverse(self.TTL, config.dns.DNSs, serial, zones, zones_reverse_v4=config.NETs['multicast'], zones_reverse_v6=[]) + self.gen_zones_ldap(self.TTL, config.dns.DNSs, serial, zones, zones_ldap=[config.dns.zone_tv]) + + if populate: + conn = lc_ldap.shortcuts.lc_ldap_admin() + machines=conn.machinesMulticast() + self.populate_zones(zones, machines) + + for zone in zones.values(): + zone.write(self.DNS_DIR + 'db.' + zone.zone_name) + + self.anim.reinit() + print affich_tools.OK + return zones + def gen_master(self): - # Syntaxe utilisée dans le fichier DNS_CONF pour définir une zone sur le maître + # Syntaxe utilisée dans le fichier DNS_CONF pour définir une zone sur le maître zone_template=""" zone "%(zone_name)s" { type master; file "%(zone_path)s"; }; """ - zones = self.gen_zones(3600, config.dns.DNSs) + zones = self.gen_zones(self.TTL, self.serial, config.dns.DNSs) with open(self.DNS_CONF, 'w') as f: for zone in zones.values(): zone.write(self.DNS_DIR + 'db.' + zone.zone_name) @@ -437,7 +482,7 @@ zone "%(zone_name)s" { masters { %(master_ip)s; }; }; """ - zones = self.gen_zones(3600, config.dns.DNSs, populate=False) + zones = self.gen_zones(self.TTL, self.serial, config.dns.DNSs, populate=False) with open(self.DNS_CONF_BCFG2, 'w') as f: for zone in zones.values(): if zone.zone_name in config.dns.zones_dnssec: @@ -451,3 +496,30 @@ zone "%(zone_name)s" { def __str__(self): return "DNS" + + +if __name__ == '__main__' : + hostname = short_name(gethostname()) + if hostname == short_name(config.bcfg2_main): + print "Reconfiguration du fichier de BCfg2 pour configurer le bind d'un serveur en esclave (pensez à lancer bcfg2 sur les esclaves)." + c = dns() + c.gen_slave() + elif hostname == short_name(config.dns.DNSs[0]): + print "Serveur maître :" + c = dns() + zones = c.gen_tv() + import subprocess + for zone in zones.values(): + if zone.zone_name in config.dns.zones_dnssec: + args=("/usr/sbin/ods-signer sign %s" % zone.zone_name).split() + p=subprocess.Popen(args,stdout=subprocess.PIPE,stderr=subprocess.PIPE) + ret=p.communicate() + print ret[0].strip() + if ret[1].strip(): + print ret[1].strip() + print "Ce serveur est également serveur maitre pour les autres zones dns, mais leur reconfiguration se fait par generate." + elif hostname in map(lambda fullhostname : short_name(fullhostname),config.dns.DNSs[1:]): + print "Ce serveur est esclave! Lancez ce script sur %s, puis lancez bcfg2 ici" % bcfg2_main + else: + print "Ce serveur ne correspond à rien pour la configuration DNS." +