powerdns: switch to AXFR for secondarie

bundles/powerdns/files/named.conf

@@ -1,6 +1,6 @@
 % for zone in sorted(zones):
 zone "${zone}" {
     file "/var/lib/powerdns/zones/${zone}";
-    type native;
+    type master;
 };
 % endfor

bundles/powerdns/files/pdns.conf

@@ -27,6 +27,8 @@ superslave=yes
 api=yes
 api-key=${api_key}
 webserver=yes
+webserver-address=0.0.0.0
+webserver-allow-from=0.0.0.0/0
 
 allow-notify-from=
 

bundles/powerdns/items.py

@@ -50,11 +50,11 @@ files = {
     '/etc/powerdns/pdns.conf': {
         'content_type': 'mako',
         'context': {
-            'api_key': node.metadata['powerdns']['api_key'],
+            'api_key': node.metadata.get('powerdns/api_key'),
-            'my_hostname': node.metadata['powerdns'].get('my_hostname', node.metadata.get('hostname')),
+            'my_hostname': node.metadata.get('powerdns/my_hostname', node.metadata.get('hostname')),
-            'is_secondary': node.metadata['powerdns'].get('is_secondary', False),
+            'is_secondary': node.metadata.get('powerdns/is_secondary', False),
-            'my_primary_servers': node.metadata['powerdns'].get('my_primary_servers', set()),
+            'my_primary_servers': node.metadata.get('powerdns/my_primary_servers', set()),
-            'my_secondary_servers': node.metadata['powerdns'].get('my_secondary_servers', set()),
+            'my_secondary_servers': node.metadata.get('powerdns/my_secondary_servers', set()),
         },
         'needs': {
             'pkg_apt:pdns-server',
@@ -142,12 +142,22 @@ if node.metadata.get('powerdns/features/bind', False):
             'action:powerdns_reload_zones',
         },
     }
+else:
+    files['/etc/powerdns/named.conf'] = {
+        'delete': True,
+        'needed_by': {
+            'svc_systemd:pdns',
+        },
+        'triggers': {
+            'action:powerdns_reload_zones',
+        },
+    }
 
-if node.metadata.get('powerdns/features/pgsql', False):
+if node.metadata.get('powerdns/features/pgsql', node.has_bundle('postgresql')):
     files['/etc/powerdns/pdns.d/pgsql.conf'] = {
         'content_type': 'mako',
         'context': {
-            'password': node.metadata['postgresql']['roles']['powerdns']['password'],
+            'password': node.metadata.get('postgresql/roles/powerdns/password'),
         },
         'needs': {
             'pkg_apt:pdns-backend-pgsql',
@@ -163,7 +173,7 @@ if node.metadata.get('powerdns/features/pgsql', False):
     files['/etc/powerdns/schema.pgsql.sql'] = {}
 
     actions['powerdns_load_pgsql_schema'] = {
-        'command': node.metadata['postgresql']['roles']['powerdns']['password'].format_into('PGPASSWORD={} psql -h 127.0.0.1 -d powerdns -U powerdns -w < /etc/powerdns/schema.pgsql.sql'),
+        'command': node.metadata.get('postgresql/roles/powerdns/password').format_into('PGPASSWORD={} psql -h 127.0.0.1 -d powerdns -U powerdns -w < /etc/powerdns/schema.pgsql.sql'),
         'unless': 'sudo -u postgres psql -d powerdns -c "\dt" | grep domains 2>&1 >/dev/null',
         'needs': {
             'bundle:postgresql',

groups/features.py

@@ -12,10 +12,6 @@ groups['dns'] = {
     },
     'metadata': {
         'powerdns': {
-            'features': {
-                'bind': True,
-                'pgsql': True,
-            },
             # Overridden in node metadata for primary server
             'is_secondary': True,
         },

nodes/gce/bind01.py

@@ -47,6 +47,9 @@ nodes['gce.bind01'] = {
             'version': '15',
         },
         'powerdns': {
+            'features': {
+                'bind': True,
+            },
             'is_secondary': False,
             'secondary_nameservers': 'dns',
             'my_hostname': 'ns-1.kunbox.net',