[main.py] Intègre la gestion du DNSSEC
This commit is contained in:
Benjamin Graillot
parent
5bdcde4a02
commit
0bcb71e5f1
3 changed files with 53 additions and 64 deletions
30
main.py
30
main.py
|
|
@ -11,6 +11,8 @@ import sys
|
|||
|
||||
from re2oapi import Re2oAPIClient
|
||||
|
||||
import knot
|
||||
|
||||
|
||||
path = os.path.dirname(os.path.abspath(__file__))
|
||||
config = ConfigParser()
|
||||
|
|
@ -90,7 +92,9 @@ try:
|
|||
except:
|
||||
serial = 1
|
||||
|
||||
def write_dns_file(zone):
|
||||
zone_names = []
|
||||
|
||||
def write_dns_file(zone, verbose=False):
|
||||
global serial
|
||||
|
||||
zone_name = zone['name'][1:]
|
||||
|
|
@ -214,11 +218,9 @@ def write_dns_file(zone):
|
|||
)
|
||||
|
||||
if zone['name'][1:] == "crans.org":
|
||||
with open(path + '/dnssec.json') as ds:
|
||||
zones_ds = json.load(ds)
|
||||
ds_records = ""
|
||||
for zone in zones_ds:
|
||||
for ds in zones_ds[zone]:
|
||||
for extension in filter(lambda zone: zone.endswith('.crans.org'), zone_names):
|
||||
for ds in knot.get_ds(extension, verbose):
|
||||
ds_records += template_ds.format(**ds) + "\n"
|
||||
else:
|
||||
ds_records = "\n"
|
||||
|
|
@ -244,13 +246,16 @@ def write_dns_file(zone):
|
|||
f.write(zone_file_content)
|
||||
|
||||
|
||||
def write_dns_files(api_client, processes):
|
||||
def write_dns_files(api_client, processes, verbose=False):
|
||||
global zone_names
|
||||
zones = api_client.list("dns/zones")
|
||||
zone_names = [zone["name"][1:] for zone in zones]
|
||||
if processes:
|
||||
with Pool(processes) as pool:
|
||||
pool.map(write_dns_file, api_client.list("dns/zones"))
|
||||
pool.map(write_dns_file, zones)
|
||||
else:
|
||||
for zone in api_client.list("dns/zones"):
|
||||
write_dns_file(zone)
|
||||
for zone in zones:
|
||||
write_dns_file(zone, verbose)
|
||||
|
||||
|
||||
def get_ip_reverse(ip, prefix_length):
|
||||
|
|
@ -417,11 +422,12 @@ if __name__ == '__main__':
|
|||
parser.add_argument('-f', '--force', '--forced', help="Forcer la régénaration des fichiers de zone.", action='store_true')
|
||||
parser.add_argument('-k', '--keep', help="Ne pas changer le statut du service.", action='store_true')
|
||||
parser.add_argument('-p', '--processes', help="Regénérer en utilisant n processus en parallèle (par défaut ne pas parallèliser).", metavar='n', nargs=1, type=int, default=[0])
|
||||
parser.add_argument('-n', '--no-reload', help="Ne pas recharger les zones dans knot", action='store_true')
|
||||
parser.add_argument('-n', '--no-reload', help="Ne pas recharger les zones dans knot.", action='store_true')
|
||||
parser.add_argument('-v', '--verbose', help="Afficher des informations de debug.", action='store_true')
|
||||
args = parser.parse_args()
|
||||
|
||||
if args.force:
|
||||
write_dns_files(api_client, args.processes[0])
|
||||
write_dns_files(api_client, args.processes[0], args.verbose)
|
||||
write_dns_reverse_file(api_client)
|
||||
with open(path + '/serial.json', 'w') as serial_json:
|
||||
json.dump(serial + 1, serial_json)
|
||||
|
|
@ -438,7 +444,7 @@ if __name__ == '__main__':
|
|||
service['service_name'] == 'dns' and \
|
||||
service['need_regen']:
|
||||
increase_serial = True
|
||||
write_dns_files(api_client, args.processes[0])
|
||||
write_dns_files(api_client, args.processes[0], args.verbose)
|
||||
write_dns_reverse_file(api_client)
|
||||
if not args.keep:
|
||||
api_client.patch(service['api_url'], data={'need_regen': False})
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue