bundles/bind/files/keys.conf

@@ -1,6 +0,0 @@
-% for key in keys:
-key ${key['name']} {
-        algorithm ${key['algorithm']};
-        secret "${key['secret']}";
-};
-% endfor

bundles/bind/files/named.conf.local

@@ -1,30 +0,0 @@
-include "/etc/bind/keys.conf";
-
-% for zone in sorted(primary_zones):
-zone "${zone}" IN {
-    type master;
-    file "/var/lib/bind/primary/${zone}";
-};
-% endfor
-
-
-zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };
-
-zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
-
-zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };

bundles/bind/files/named.conf.options

@@ -1,3 +0,0 @@
-% for o in node.metadata.get('bind', {}).get('options', []):
-<%include file="options/${o}"/>
-% endfor

bundles/bind/items.py

@@ -1,146 +0,0 @@
-from os import listdir
-from os.path import isfile, join
-from datetime import datetime
-from subprocess import check_output
-
-ZONE_HEADER = """
-;      _    ____ _   _ _____ _   _ _   _  ____
-;     / \\  / ___| | | |_   _| | | | \\ | |/ ___|
-;    / _ \\| |   | |_| | | | | | | |  \\| | |  _
-;   / ___ \\ |___|  _  | | | | |_| | |\\  | |_| |
-;  /_/   \\_\\____|_| |_| |_|  \\___/|_| \\_|\\____|
-;
-; --> Diese Datei wird von BundleWrap verwaltet! <--
-
-$TTL 60
-@       IN  SOA ns-1.kunbox.net.    hostmaster.kunbox.net. (
-        {serial}
-        3600
-        3600
-        86400
-        300
-        )
-@       IN  NS  bind01.gce.kunbox.net.
-        IN  NS  b.ns14.net.
-        IN  NS  c.ns14.net.
-        IN  NS  d.ns14.net.
-"""
-
-svc_systemd = {
-    'bind9': {
-        'needs': {
-            'pkg_apt:bind9',
-        },
-    },
-}
-
-pkg_apt = {
-    'bind9': {},
-}
-
-directories = {
-    "/var/lib/bind/primary": {
-        'group': 'bind',
-        'needs': {
-            'pkg_apt:bind9',
-        },
-        'owner': 'bind',
-        'purge': True,
-    },
-    "/var/log/named": {
-        'group': 'bind',
-        'needs': {
-            'pkg_apt:bind9',
-        },
-        'owner': 'bind',
-    },
-}
-
-files = {
-    "/etc/bind/keys.conf": {
-        'content_type': 'mako',
-        'group': 'bind',
-        'mode': '0440',
-        'context': {
-            'keys': node.metadata.get('bind', {}).get('keys', []),
-        },
-        'triggers': {
-            'svc_systemd:bind9:reload',
-        },
-        'needs': {
-            'pkg_apt:bind9',
-        },
-    },
-    "/etc/bind/named.conf.options": {
-        'content_type': 'mako',
-        'group': 'bind',
-        'mode': '0440',
-        'triggers': {
-            'svc_systemd:bind9:reload',
-        },
-        'needs': {
-            'pkg_apt:bind9',
-        },
-    },
-}
-
-if node.metadata.get('bind', {}).get('rndc', ''):
-    files['/etc/bind/rndc.conf'] = {
-        'mode': '0440',
-        'source': 'rndc/{}'.format(node.metadata['bind']['rndc']),
-        'content_type': 'mako',
-        'triggers': {
-            'svc_systemd:bind9:reload',
-        },
-    }
-
-# this looks for zones either directly at data/bind/zones/ or in a subdirectory if so configured
-zone_path = join(
-    repo.path,
-    'data', 'bind', 'files', 'zones',
-    node.metadata.get('bind', {}).get('zone_path', ""),
-)
-
-primary_zones = set()
-
-for zone in listdir(zone_path):
-    if not isfile(join(zone_path, zone)) or zone.startswith(".") or zone.startswith("_"):
-        continue
-
-    output = check_output(['git', 'log', '-1', '--pretty=%ci', join(zone_path, zone)]).decode('utf-8').strip()
-    serial = datetime.strptime(output, '%Y-%m-%d %H:%M:%S %z').strftime('%y%m%d%H%M')
-
-    primary_zones.add(zone)
-
-    files["/var/lib/bind/primary/{}".format(zone)] = {
-        'content_type': 'mako',
-        'context': {
-            'header': ZONE_HEADER.format(serial=serial),
-            'metadata_records': node.metadata.get('bind', {}).get('zones_primary', {}).get(zone, {}).get('records', []),
-        },
-        'mode': '0444',
-        'owner': 'bind',
-        'source': 'zones/{}'.format(join(node.metadata.get('bind', {}).get('zone_path', ""), zone)),
-        'triggers': {
-            'svc_systemd:bind9:reload',
-        },
-        'needs': {
-            'pkg_apt:bind9'
-        },
-    }
-
-primary_zones.union(set(node.metadata.get('bind', {}).get('zones_primary', {}).keys()))
-
-files['/etc/bind/named.conf.local'] = {
-    'content_type': 'mako',
-    'context': {
-        'primary_zones': list(primary_zones),
-    },
-    'group': 'bind',
-    'triggers': {
-        'svc_systemd:bind9:reload',
-    },
-    'needs': {
-        'pkg_apt:bind9',
-    },
-}

bundles/bind/metadata.py

@@ -1,72 +0,0 @@
-from bundlewrap.metadata import atomic
-
-
-defaults = {
-    'icinga2_api': {
-        'bind': {
-            'services': {
-                'BIND PROCESS': {
-                    'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -C named -c 1:1',
-                },
-            },
-        },
-    },
-}
-
-@metadata_reactor
-def port_checks(metadata):
-    services = {}
-
-    for interface in metadata.get('bind/listen', set()):
-        services[f'BIND PORT {interface}'] = {
-            'check_command': 'tcp',
-            'vars.tcp_address': metadata.get(f'interfaces/{interface}/ip_addresses')[0],
-            'vars.tcp_port': 53,
-        }
-
-    return {
-        'icinga2_api': {
-            'bind': {
-                'services': services,
-            },
-        },
-    }
-
-@metadata_reactor
-def generate_dns_entries_for_nodes(metadata):
-    results = set()
-
-    for rnode in repo.nodes:
-        node_name_split = rnode.name.split('.')
-        node_name_split.reverse()
-        dns_name = '.'.join(node_name_split)
-        ip4 = None
-        ip6 = None
-
-        # We only need this for GCE, because machines over there don't
-        # have a public ipv4 address.
-        if rnode.metadata.get('external_ipv4', None):
-            ip4 = rnode.metadata.get('external_ipv4')
-
-        for iface, config in sorted(rnode.metadata.get('interfaces', {}).items()):
-            if not ip4 and 'ipv4' in config:
-                ip4 = sorted(config['ipv4'])[0]
-
-            if not ip6 and 'ipv6' in config:
-                ip6 = sorted(config['ipv6'])[0]
-
-        if ip4:
-            results.add('{} IN A {}'.format(dns_name, ip4))
-
-        if ip6:
-            results.add('{} IN AAAA {}'.format(dns_name, ip6))
-
-    return {
-        'bind': {
-            'zones_primary': {
-                'kunbox.net': {
-                    'records': results,
-                },
-            },
-        },
-    }

data/powerdns/files/bind-zones

@@ -1 +0,0 @@
-../../bind/files/zones