bundles/powerdns: support pgsql

2020-10-16 19:23:45 +02:00 · 2020-10-16 19:23:45 +02:00 · d442ab399e
parent 2c1a825b7d
commit d442ab399e
4 changed files with 143 additions and 0 deletions
--- a/bundles/powerdns/files/pgsql.conf
+++ b/bundles/powerdns/files/pgsql.conf
@ -0,0 +1,6 @@
+launch+=gpgsql
+gpgsql-host=localhost
+gpgsql-port=5432
+gpgsql-dbname=powerdns
+gpgsql-user=powerdns
+gpgsql-password=${password}
--- a/bundles/powerdns/files/schema.pgsql.sql
+++ b/bundles/powerdns/files/schema.pgsql.sql
@ -0,0 +1,105 @@
+-- 4.3 schema, https://doc.powerdns.com/authoritative/backends/generic-postgresql.html
+
+CREATE TABLE domains (
+  id                    SERIAL PRIMARY KEY,
+  name                  VARCHAR(255) NOT NULL,
+  master                VARCHAR(128) DEFAULT NULL,
+  last_check            INT DEFAULT NULL,
+  type                  VARCHAR(6) NOT NULL,
+  notified_serial       BIGINT DEFAULT NULL,
+  account               VARCHAR(40) DEFAULT NULL,
+  CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
+);
+
+CREATE UNIQUE INDEX name_index ON domains(name);
+
+ALTER TABLE domains OWNER TO ${user};
+
+CREATE TABLE records (
+  id                    BIGSERIAL PRIMARY KEY,
+  domain_id             INT DEFAULT NULL,
+  name                  VARCHAR(255) DEFAULT NULL,
+  type                  VARCHAR(10) DEFAULT NULL,
+  content               VARCHAR(65535) DEFAULT NULL,
+  ttl                   INT DEFAULT NULL,
+  prio                  INT DEFAULT NULL,
+  change_date           INT DEFAULT NULL,
+  disabled              BOOL DEFAULT 'f',
+  ordername             VARCHAR(255),
+  auth                  BOOL DEFAULT 't',
+  CONSTRAINT domain_exists
+  FOREIGN KEY(domain_id) REFERENCES domains(id)
+  ON DELETE CASCADE,
+  CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
+);
+
+CREATE INDEX rec_name_index ON records(name);
+CREATE INDEX nametype_index ON records(name,type);
+CREATE INDEX domain_id ON records(domain_id);
+CREATE INDEX recordorder ON records (domain_id, ordername text_pattern_ops);
+
+ALTER TABLE records OWNER TO ${user};
+
+CREATE TABLE supermasters (
+  ip                    INET NOT NULL,
+  nameserver            VARCHAR(255) NOT NULL,
+  account               VARCHAR(40) NOT NULL,
+  PRIMARY KEY(ip, nameserver)
+);
+
+ALTER TABLE supermasters OWNER TO ${user};
+
+CREATE TABLE comments (
+  id                    SERIAL PRIMARY KEY,
+  domain_id             INT NOT NULL,
+  name                  VARCHAR(255) NOT NULL,
+  type                  VARCHAR(10) NOT NULL,
+  modified_at           INT NOT NULL,
+  account               VARCHAR(40) DEFAULT NULL,
+  comment               VARCHAR(65535) NOT NULL,
+  CONSTRAINT domain_exists
+  FOREIGN KEY(domain_id) REFERENCES domains(id)
+  ON DELETE CASCADE,
+  CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
+);
+
+CREATE INDEX comments_domain_id_idx ON comments (domain_id);
+CREATE INDEX comments_name_type_idx ON comments (name, type);
+CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
+
+ALTER TABLE comments OWNER TO ${user};
+
+CREATE TABLE domainmetadata (
+  id                    SERIAL PRIMARY KEY,
+  domain_id             INT REFERENCES domains(id) ON DELETE CASCADE,
+  kind                  VARCHAR(32),
+  content               TEXT
+);
+
+CREATE INDEX domainidmetaindex ON domainmetadata(domain_id);
+
+ALTER TABLE domainmetadata OWNER TO ${user};
+
+CREATE TABLE cryptokeys (
+  id                    SERIAL PRIMARY KEY,
+  domain_id             INT REFERENCES domains(id) ON DELETE CASCADE,
+  flags                 INT NOT NULL,
+  active                BOOL,
+  content               TEXT
+);
+
+CREATE INDEX domainidindex ON cryptokeys(domain_id);
+ALTER TABLE cryptokeys OWNER TO ${user};
+
+
+CREATE TABLE tsigkeys (
+  id                    SERIAL PRIMARY KEY,
+  name                  VARCHAR(255),
+  algorithm             VARCHAR(50),
+  secret                VARCHAR(255),
+  CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
+);
+
+CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
+
+ALTER TABLE tsigkeys OWNER TO ${user};
--- a/bundles/powerdns/items.py
+++ b/bundles/powerdns/items.py
@ -109,6 +109,7 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False):
            'svc_systemd:pdns:restart',
        },
    }
+
    files['/etc/powerdns/named.conf'] = {
        'content_type': 'mako',
        'context': {
@ -121,3 +122,33 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False):
            'svc_systemd:pdns:reload',
        },
    }
+
+if node.metadata['powerdns'].get('features', {}).get('pgsql', False):
+    files['/etc/powerdns/pdns.d/pgsql.conf'] = {
+        'content_type': 'mako',
+        'context': {
+            'password': node.metadata['postgresql']['users']['powerdns']['password'],
+        },
+        'needs': {
+            'pkg_apt:pdns-backend-pgsql',
+        },
+        'triggers': {
+            'svc_systemd:pdns:restart',
+        },
+    }
+
+    files['/etc/powerdns/schema.pgsql.sql'] = {}
+
+    actions = {
+        'powerdns_load_pgsql_schema': {
+            'command': 'sudo -u postgres psql -d powerdns < /etc/powerdns/schema.pgsql.sql',
+            'unless':  'sudo -u postgres psql -d powerdns -c "\dt" | grep domains 2>&1 >/dev/null',
+            'needs': {
+                'bundle:postgresql',
+                'file:/etc/powerdns/schema.pgsql.sql',
+            },
+            'needed_by': {
+                'svc_systemd:pdns',
+            },
+        }
+    }
--- a/groups/features.py
+++ b/groups/features.py
@ -14,6 +14,7 @@ groups['dns'] = {
        'powerdns': {
            'features': {
                'bind': True,
+                'pgsql': True,
            },
        },
    },