bundles/powerdns: ensure primary servers are in database

This commit is contained in:
Franzi 2023-05-16 19:23:52 +02:00
parent f8416215d5
commit 6d2cf0fa24
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 31 additions and 3 deletions

View file

@ -9,6 +9,10 @@ nameservers = set()
for rnode in sorted(repo.nodes_in_group('dns')): for rnode in sorted(repo.nodes_in_group('dns')):
nameservers.add(rnode.metadata.get('powerdns/my_hostname', rnode.metadata.get('hostname'))) nameservers.add(rnode.metadata.get('powerdns/my_hostname', rnode.metadata.get('hostname')))
my_primary_servers = set()
for ips in node.metadata.get('powerdns/my_primary_servers', {}).values():
my_primary_servers.update(ips)
directories = { directories = {
'/etc/powerdns/pdns.d': { '/etc/powerdns/pdns.d': {
'purge': True, 'purge': True,
@ -36,7 +40,7 @@ files = {
'api_key': node.metadata.get('powerdns/api_key'), 'api_key': node.metadata.get('powerdns/api_key'),
'my_hostname': node.metadata.get('powerdns/my_hostname', node.metadata.get('hostname')), 'my_hostname': node.metadata.get('powerdns/my_hostname', node.metadata.get('hostname')),
'is_secondary': node.metadata.get('powerdns/is_secondary', False), 'is_secondary': node.metadata.get('powerdns/is_secondary', False),
'my_primary_servers': node.metadata.get('powerdns/my_primary_servers', set()), 'my_primary_servers': my_primary_servers,
'my_secondary_servers': node.metadata.get('powerdns/my_secondary_servers', set()), 'my_secondary_servers': node.metadata.get('powerdns/my_secondary_servers', set()),
}, },
'needs': { 'needs': {
@ -167,3 +171,21 @@ if node.metadata.get('powerdns/features/pgsql', node.has_bundle('postgresql')):
'svc_systemd:pdns', 'svc_systemd:pdns',
}, },
} }
for hostname, ips in node.metadata.get('powerdns/my_primary_servers', {}).items():
for ip in ips:
ip_name = ip.replace(':', '-')
actions[f'powerdns_ensure_{hostname}_{ip_name}_in_autoprimaries'] = {
'command': 'psql -c "INSERT INTO supermasters (ip, nameserver, account) VALUES '
f'(\'{ip}\', \'{hostname}\', \'admin\') ON CONFLICT ON CONSTRAINT '
f'supermasters_pkey DO UPDATE SET nameserver = \'{hostname}\'" powerdns',
'unless': f'bash -c "[ \"$(psql -tAqc "SELECT nameserver FROM supermasters WHERE ip = \'{ip}\'" powerdns)\" == \"{hostname}\" ]"',
'triggers': {
'action:powerdns_fix_primaries',
},
}
actions['powerdns_fix_primaries'] = {
'command': f'psql -c "UPDATE domains SET master = \'{", ".join(sorted(my_primary_servers))}\'" powerdns',
'triggered': True,
}

View file

@ -86,6 +86,8 @@ def get_ips_of_secondary_nameservers(metadata):
ips = set() ips = set()
for rnode in repo.nodes_in_group('dns'): for rnode in repo.nodes_in_group('dns'):
if rnode.metadata.get('powerdns/is_secondary', False): if rnode.metadata.get('powerdns/is_secondary', False):
if rnode.name == node.name:
raise BundleError(f'{node.name} cannot be its own secondary')
for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items(): for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
ips.update({str(ip) for ip in found_ips}) ips.update({str(ip) for ip in found_ips})
@ -102,11 +104,15 @@ def get_ips_of_primary_nameservers(metadata):
if not metadata.get('powerdns/is_secondary', False): if not metadata.get('powerdns/is_secondary', False):
return {} return {}
ips = set() ips = {}
for rnode in repo.nodes_in_group('dns'): for rnode in repo.nodes_in_group('dns'):
if not rnode.metadata.get('powerdns/is_secondary', False): if not rnode.metadata.get('powerdns/is_secondary', False):
if rnode.name == node.name:
raise BundleError(f'{node.name} cannot be its own secondary')
hostname = rnode.metadata.get('hostname')
ips[hostname] = set()
for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items(): for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
ips.update({str(ip) for ip in found_ips}) ips[hostname].update({str(ip) for ip in found_ips})
return { return {
'powerdns': { 'powerdns': {