From 44a6e8292a14810dabb0d801ceaec020ac55a600 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sun, 20 Sep 2020 18:35:35 +0200 Subject: [PATCH] bundles/bind: add node-dns-auto-generator --- bundles/bind/metadata.py | 39 +++++++++++++++++++++++ data/bind/files/zones/felix-kunsmann.de | 1 - data/bind/files/zones/franzi.business | 8 ++++- data/bind/files/zones/kunbox.net | 35 ++++---------------- nodes/doc/lon1/grafana.py | 17 ++++++++++ nodes/doc/lon1/icinga2.py | 17 ++++++++++ nodes/gce/bind01.py | 9 ++++++ nodes/home/octoprint-vielschichtigkeit.py | 9 ++++++ nodes/htz-cloud/pirmasens.py | 12 +++++++ nodes/htz-cloud/sewfile.py | 12 +++++++ nodes/htz/ex42-1048908.py | 13 ++++++++ 11 files changed, 141 insertions(+), 31 deletions(-) diff --git a/bundles/bind/metadata.py b/bundles/bind/metadata.py index a885db7..a99c341 100644 --- a/bundles/bind/metadata.py +++ b/bundles/bind/metadata.py @@ -31,3 +31,42 @@ def port_checks(metadata): }, }, } + +@metadata_reactor +def generate_dns_entries_for_nodes(metadata): + results = set() + + for rnode in repo.nodes: + node_name_split = rnode.name.split('.') + node_name_split.reverse() + dns_name = '.'.join(node_name_split) + ip4 = None + ip6 = None + + # We only need this for GCE, because machines over there don't + # have a public ipv4 address. + if rnode.metadata.get('external_ipv4', None): + ip4 = rnode.metadata.get('external_ipv4') + + for iface, config in sorted(rnode.metadata.get('interfaces', {}).items()): + if not ip4 and 'ipv4' in config: + ip4 = sorted(config['ipv4'])[0] + + if not ip6 and 'ipv6' in config: + ip6 = sorted(config['ipv6'])[0] + + if ip4: + results.add('{} IN A {}'.format(dns_name, ip4)) + + if ip6: + results.add('{} IN AAAA {}'.format(dns_name, ip6)) + + return { + 'bind': { + 'zones_primary': { + 'kunbox.net': { + 'records': results, + }, + }, + }, + } diff --git a/data/bind/files/zones/felix-kunsmann.de b/data/bind/files/zones/felix-kunsmann.de index 1e2e406..46f6cca 100644 --- a/data/bind/files/zones/felix-kunsmann.de +++ b/data/bind/files/zones/felix-kunsmann.de @@ -3,4 +3,3 @@ ${header} $ORIGIN felix-kunsmann.de. @ IN MX 10 mx0.kunbox.net. - IN TXT v=spf1 a mx ~all diff --git a/data/bind/files/zones/franzi.business b/data/bind/files/zones/franzi.business index 093436f..ce9b927 100644 --- a/data/bind/files/zones/franzi.business +++ b/data/bind/files/zones/franzi.business @@ -5,11 +5,17 @@ $ORIGIN franzi.business. @ IN A 94.130.52.224 IN AAAA 2a01:4f8:10b:2a5f::2 IN MX 10 mx0.kunbox.net. - IN TXT v=spf1 a mx ~all + IN TXT v=spf1 mx ~all * IN A 94.130.52.224 IN AAAA 2a01:4f8:10b:2a5f::2 +grafana IN A 165.232.105.69 + IN AAAA 2a03:b0c0:1:e0::627:8001 + +icinga IN A 165.232.42.173 + IN AAAA 2a03:b0c0:1:e0::665:8001 + sewfile IN A 116.203.205.248 IN AAAA 2a01:4f8:c0c:c71b::1 IN TXT v=spf1 a mx ~all diff --git a/data/bind/files/zones/kunbox.net b/data/bind/files/zones/kunbox.net index 181a659..94fa4e5 100644 --- a/data/bind/files/zones/kunbox.net +++ b/data/bind/files/zones/kunbox.net @@ -7,39 +7,16 @@ $ORIGIN kunbox.net. ; Needs to have a working Mail address, otherwise Telekom goes mimimi IN MX 10 mx0 - IN TXT v=spf1 a mx ~all + IN TXT v=spf1 mx ~all -; NODE doc.lon1.grafana -grafana.lon1.doc IN A 165.232.105.69 - IN AAAA 2a03:b0c0:1:e0::627:8001 - -; NODE doc.lon1.icinga2 -icinga2.lon1.doc IN A 165.232.42.173 - IN AAAA 2a03:b0c0:1:e0::665:8001 - -; NODE gce.bind01 -bind01.gce IN A 34.89.208.78 -ns-3 IN A 34.89.208.78 - -; NODE htz.ex42-1048908 -ex42-1048908.htz IN A 94.130.52.224 - IN AAAA 2a01:4f8:10b:2a5f::2 +; Mail servers mx0 IN A 94.130.52.224 + IN AAAA 2a01:4f8:10b:2a5f::2 *.mx0 IN CNAME mx0 -; NODE htz-cloud.pirmasens -pirmasens.htz-cloud IN A 195.201.90.143 - IN AAAA 2a01:4f8:1c1c:2acf::1 - -; NODE htz-cloud.sewfile -sewfile.htz-cloud IN A 116.203.205.248 - IN AAAA 2a01:4f8:c0c:c71b::1 - -; old systems, hostnames are never to be used again -gendo IN A 0.0.0.0 -kaito IN A 0.0.0.0 -rei IN A 0.0.0.0 -yuki IN A 0.0.0.0 +% for record in sorted(metadata_records): +${record} +% endfor 2019._domainkey IN TXT v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB _dmarc IN TXT v=DMARC1; p=none; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r diff --git a/nodes/doc/lon1/grafana.py b/nodes/doc/lon1/grafana.py index feba32b..0f8ffec 100644 --- a/nodes/doc/lon1/grafana.py +++ b/nodes/doc/lon1/grafana.py @@ -7,6 +7,23 @@ nodes['doc.lon1.grafana'] = { 'webserver', }, 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '165.232.105.69', + }, + 'ipv6': { + '2a03:b0c0:1:e0::627:8001', + }, + 'gateway4': '165.232.96.1', + 'gateway6': '2a03:b0c0:1:e0::1', + }, + 'eth1': { + 'ipv4': { + '10.106.0.3', + }, + }, + }, 'apt': { 'repos': { 'backports': { diff --git a/nodes/doc/lon1/icinga2.py b/nodes/doc/lon1/icinga2.py index afd1151..1d6bb39 100644 --- a/nodes/doc/lon1/icinga2.py +++ b/nodes/doc/lon1/icinga2.py @@ -7,6 +7,23 @@ nodes['doc.lon1.icinga2'] = { 'webserver', }, 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '165.232.42.173', + }, + 'ipv6': { + '2a03:b0c0:1:e0::665:8001', + }, + 'gateway4': '165.232.32.1', + 'gateway6': '2a03:b0c0:1:e0::1', + }, + 'eth1': { + 'ipv4': { + '10.106.0.2', + }, + }, + }, 'apt': { 'repos': { 'backports': { diff --git a/nodes/gce/bind01.py b/nodes/gce/bind01.py index 0a6ce04..e432679 100644 --- a/nodes/gce/bind01.py +++ b/nodes/gce/bind01.py @@ -6,6 +6,15 @@ nodes['gce.bind01'] = { 'dns', }, 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '10.156.0.4', + }, + 'gateway4': '10.156.0.1', + }, + }, + 'external_ipv4': '34.89.208.78', 'vm': { 'cpu': 1, 'ram': 1, diff --git a/nodes/home/octoprint-vielschichtigkeit.py b/nodes/home/octoprint-vielschichtigkeit.py index 35a836b..3471bf3 100644 --- a/nodes/home/octoprint-vielschichtigkeit.py +++ b/nodes/home/octoprint-vielschichtigkeit.py @@ -6,6 +6,15 @@ nodes['home.octoprint-vielschichtigkeit'] = { }, 'groups': set(), 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '172.19.138.22', + }, + 'dhcp': True, + 'mac': 'b8:27:eb:8e:0b:1d', + }, + }, 'nginx': { 'use_ssl_for_all_connections': False, 'vhosts': { diff --git a/nodes/htz-cloud/pirmasens.py b/nodes/htz-cloud/pirmasens.py index c7fe354..79d1683 100644 --- a/nodes/htz-cloud/pirmasens.py +++ b/nodes/htz-cloud/pirmasens.py @@ -4,6 +4,18 @@ nodes['htz-cloud.pirmasens'] = { 'webserver', }, 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '195.201.90.143', + }, + 'ipv6': { + '2a01:4f8:1c1c:2acf::1', + }, + 'gateway4': '172.31.1.1', + 'gateway6': 'fe80::1', + }, + }, 'letsencrypt': { 'domains': { 'mail.kunsmann.info': {}, diff --git a/nodes/htz-cloud/sewfile.py b/nodes/htz-cloud/sewfile.py index 646df4b..2ad8098 100644 --- a/nodes/htz-cloud/sewfile.py +++ b/nodes/htz-cloud/sewfile.py @@ -9,6 +9,18 @@ nodes['htz-cloud.sewfile'] = { 'webserver', }, 'metadata': { + 'interfaces': { + 'eth0': { + 'ipv4': { + '195.201.90.143', + }, + 'ipv6': { + '2a01:4f8:1c1c:2acf::1', + }, + 'gateway4': '172.31.1.1', + 'gateway6': 'fe80::1', + }, + }, 'nginx': { 'vhosts': { 'sewfile.franzi.business': { diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index 8b66bd1..22b3421 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -16,6 +16,19 @@ nodes['htz.ex42-1048908'] = { 'webserver', }, 'metadata': { + 'interfaces': { + 'enp0s31f6': { + 'ipv4': { + '94.130.52.224', + }, + 'ipv6': { + '2a01:4f8:10b:2a5f::02', + '2a01:4f8:10b:2a5f::1337', + }, + 'gateway4': '94.130.52.193', + 'gateway6': 'fe80::1', + }, + }, 'apt': { 'packages': { # No need to create a bundle just to install packages,