From d442ab399eee3d85aa7fa43efaad498c9c58a285 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Fri, 16 Oct 2020 19:23:45 +0200 Subject: [PATCH] bundles/powerdns: support pgsql --- bundles/powerdns/files/pgsql.conf | 6 ++ bundles/powerdns/files/schema.pgsql.sql | 105 ++++++++++++++++++++++++ bundles/powerdns/items.py | 31 +++++++ groups/features.py | 1 + 4 files changed, 143 insertions(+) create mode 100644 bundles/powerdns/files/pgsql.conf create mode 100644 bundles/powerdns/files/schema.pgsql.sql diff --git a/bundles/powerdns/files/pgsql.conf b/bundles/powerdns/files/pgsql.conf new file mode 100644 index 0000000..293d286 --- /dev/null +++ b/bundles/powerdns/files/pgsql.conf @@ -0,0 +1,6 @@ +launch+=gpgsql +gpgsql-host=localhost +gpgsql-port=5432 +gpgsql-dbname=powerdns +gpgsql-user=powerdns +gpgsql-password=${password} diff --git a/bundles/powerdns/files/schema.pgsql.sql b/bundles/powerdns/files/schema.pgsql.sql new file mode 100644 index 0000000..9635168 --- /dev/null +++ b/bundles/powerdns/files/schema.pgsql.sql @@ -0,0 +1,105 @@ +-- 4.3 schema, https://doc.powerdns.com/authoritative/backends/generic-postgresql.html + +CREATE TABLE domains ( + id SERIAL PRIMARY KEY, + name VARCHAR(255) NOT NULL, + master VARCHAR(128) DEFAULT NULL, + last_check INT DEFAULT NULL, + type VARCHAR(6) NOT NULL, + notified_serial BIGINT DEFAULT NULL, + account VARCHAR(40) DEFAULT NULL, + CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT))) +); + +CREATE UNIQUE INDEX name_index ON domains(name); + +ALTER TABLE domains OWNER TO ${user}; + +CREATE TABLE records ( + id BIGSERIAL PRIMARY KEY, + domain_id INT DEFAULT NULL, + name VARCHAR(255) DEFAULT NULL, + type VARCHAR(10) DEFAULT NULL, + content VARCHAR(65535) DEFAULT NULL, + ttl INT DEFAULT NULL, + prio INT DEFAULT NULL, + change_date INT DEFAULT NULL, + disabled BOOL DEFAULT 'f', + ordername VARCHAR(255), + auth BOOL DEFAULT 't', + CONSTRAINT domain_exists + FOREIGN KEY(domain_id) REFERENCES domains(id) + ON DELETE CASCADE, + CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT))) +); + +CREATE INDEX rec_name_index ON records(name); +CREATE INDEX nametype_index ON records(name,type); +CREATE INDEX domain_id ON records(domain_id); +CREATE INDEX recordorder ON records (domain_id, ordername text_pattern_ops); + +ALTER TABLE records OWNER TO ${user}; + +CREATE TABLE supermasters ( + ip INET NOT NULL, + nameserver VARCHAR(255) NOT NULL, + account VARCHAR(40) NOT NULL, + PRIMARY KEY(ip, nameserver) +); + +ALTER TABLE supermasters OWNER TO ${user}; + +CREATE TABLE comments ( + id SERIAL PRIMARY KEY, + domain_id INT NOT NULL, + name VARCHAR(255) NOT NULL, + type VARCHAR(10) NOT NULL, + modified_at INT NOT NULL, + account VARCHAR(40) DEFAULT NULL, + comment VARCHAR(65535) NOT NULL, + CONSTRAINT domain_exists + FOREIGN KEY(domain_id) REFERENCES domains(id) + ON DELETE CASCADE, + CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT))) +); + +CREATE INDEX comments_domain_id_idx ON comments (domain_id); +CREATE INDEX comments_name_type_idx ON comments (name, type); +CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); + +ALTER TABLE comments OWNER TO ${user}; + +CREATE TABLE domainmetadata ( + id SERIAL PRIMARY KEY, + domain_id INT REFERENCES domains(id) ON DELETE CASCADE, + kind VARCHAR(32), + content TEXT +); + +CREATE INDEX domainidmetaindex ON domainmetadata(domain_id); + +ALTER TABLE domainmetadata OWNER TO ${user}; + +CREATE TABLE cryptokeys ( + id SERIAL PRIMARY KEY, + domain_id INT REFERENCES domains(id) ON DELETE CASCADE, + flags INT NOT NULL, + active BOOL, + content TEXT +); + +CREATE INDEX domainidindex ON cryptokeys(domain_id); +ALTER TABLE cryptokeys OWNER TO ${user}; + + +CREATE TABLE tsigkeys ( + id SERIAL PRIMARY KEY, + name VARCHAR(255), + algorithm VARCHAR(50), + secret VARCHAR(255), + CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT))) +); + +CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); + +ALTER TABLE tsigkeys OWNER TO ${user}; diff --git a/bundles/powerdns/items.py b/bundles/powerdns/items.py index 2a2aeb2..fe8bd8d 100644 --- a/bundles/powerdns/items.py +++ b/bundles/powerdns/items.py @@ -109,6 +109,7 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False): 'svc_systemd:pdns:restart', }, } + files['/etc/powerdns/named.conf'] = { 'content_type': 'mako', 'context': { @@ -121,3 +122,33 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False): 'svc_systemd:pdns:reload', }, } + +if node.metadata['powerdns'].get('features', {}).get('pgsql', False): + files['/etc/powerdns/pdns.d/pgsql.conf'] = { + 'content_type': 'mako', + 'context': { + 'password': node.metadata['postgresql']['users']['powerdns']['password'], + }, + 'needs': { + 'pkg_apt:pdns-backend-pgsql', + }, + 'triggers': { + 'svc_systemd:pdns:restart', + }, + } + + files['/etc/powerdns/schema.pgsql.sql'] = {} + + actions = { + 'powerdns_load_pgsql_schema': { + 'command': 'sudo -u postgres psql -d powerdns < /etc/powerdns/schema.pgsql.sql', + 'unless': 'sudo -u postgres psql -d powerdns -c "\dt" | grep domains 2>&1 >/dev/null', + 'needs': { + 'bundle:postgresql', + 'file:/etc/powerdns/schema.pgsql.sql', + }, + 'needed_by': { + 'svc_systemd:pdns', + }, + } + } diff --git a/groups/features.py b/groups/features.py index 1c5009e..796369b 100644 --- a/groups/features.py +++ b/groups/features.py @@ -14,6 +14,7 @@ groups['dns'] = { 'powerdns': { 'features': { 'bind': True, + 'pgsql': True, }, }, },