mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-22 07:17:05 +00:00
let the user override some DNS records
This commit is contained in:
parent
88709506f8
commit
33f06f29c1
@ -62,7 +62,7 @@ def dns_update():
|
||||
def dns_get_ds_records():
|
||||
from dns_update import get_ds_records
|
||||
try:
|
||||
return get_ds_records(env)
|
||||
return get_ds_records(env).replace("\t", " ") # tabs confuse godaddy
|
||||
except Exception as e:
|
||||
return (str(e), 500)
|
||||
|
||||
|
@ -3,6 +3,7 @@
|
||||
########################################################################
|
||||
|
||||
import os, os.path, urllib.parse, datetime, re
|
||||
import rtyaml
|
||||
|
||||
from mailconfig import get_mail_domains
|
||||
from utils import shell, load_env_vars_from_file
|
||||
@ -34,7 +35,7 @@ def do_dns_update(env):
|
||||
updated_domains = []
|
||||
for i, (domain, zonefile) in enumerate(zonefiles):
|
||||
# Build the records to put in the zone.
|
||||
records = build_zone(domain, env)
|
||||
records = build_zone(domain, zonefile, env)
|
||||
|
||||
# See if the zone has changed, and if so update the serial number
|
||||
# and write the zone file.
|
||||
@ -91,24 +92,43 @@ def do_dns_update(env):
|
||||
|
||||
########################################################################
|
||||
|
||||
def build_zone(domain, env):
|
||||
def build_zone(domain, zonefile, env):
|
||||
records = []
|
||||
records.append((None, "NS", "ns1.%s." % env["PUBLIC_HOSTNAME"]))
|
||||
records.append((None, "NS", "ns2.%s." % env["PUBLIC_HOSTNAME"]))
|
||||
records.append((None, "A", env["PUBLIC_IP"]))
|
||||
if env.get('PUBLIC_IPV6'):
|
||||
records.append((None, "AAAA", env["PUBLIC_IPV6"]))
|
||||
records.append((None, "MX", "10 %s." % env["PUBLIC_HOSTNAME"]))
|
||||
records.append((None, "TXT", '"v=spf1 mx -all"'))
|
||||
records.append(("www", "A", env["PUBLIC_IP"]))
|
||||
if env.get('PUBLIC_IPV6'):
|
||||
records.append(("www", "AAAA", env["PUBLIC_IPV6"]))
|
||||
|
||||
# In PUBLIC_HOSTNAME, also define ns1 and ns2.
|
||||
if domain == env["PUBLIC_HOSTNAME"]:
|
||||
records.append(("ns1", "A", env["PUBLIC_IP"]))
|
||||
records.append(("ns2", "A", env["PUBLIC_IP"]))
|
||||
|
||||
def has_rec(qname, rtype):
|
||||
for rec in records:
|
||||
if rec[0] == qname and rec[1] == rtype:
|
||||
return True
|
||||
return False
|
||||
|
||||
# The user may set other records that don't conflict with our settings.
|
||||
custom_zone_file = os.path.join(env['STORAGE_ROOT'], 'dns/custom', zonefile.replace(".txt", ".yaml"))
|
||||
if os.path.exists(custom_zone_file):
|
||||
custom_zone = rtyaml.load(open(custom_zone_file))
|
||||
for qname, value in custom_zone.items():
|
||||
if has_rec(qname, value): continue
|
||||
if isinstance(value, str):
|
||||
records.append((qname, "A", value))
|
||||
elif isinstance(value, dict):
|
||||
for rtype, value2 in value.items():
|
||||
if rtype == "TXT": value2 = "\"" + value2 + "\""
|
||||
records.append((qname, rtype, value2))
|
||||
|
||||
# Add defaults if not overridden by the user's custom settings.
|
||||
if not has_rec(None, "A"): records.append((None, "A", env["PUBLIC_IP"]))
|
||||
if env.get('PUBLIC_IPV6') and not has_rec(None, "AAAA"): records.append((None, "AAAA", env["PUBLIC_IPV6"]))
|
||||
if not has_rec("www", "A"): records.append(("www", "A", env["PUBLIC_IP"]))
|
||||
if env.get('PUBLIC_IPV6') and not has_rec("www", "AAAA"): records.append(("www", "AAAA", env["PUBLIC_IPV6"]))
|
||||
|
||||
# If OpenDKIM is in use..
|
||||
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.txt')
|
||||
if os.path.exists(opendkim_record_file):
|
||||
@ -121,6 +141,9 @@ def build_zone(domain, env):
|
||||
records.append(("_adsp._domainkey", "TXT", '"dkim=all"'))
|
||||
records.append(("_dmarc", "TXT", '"v=DMARC1; p=quarantine"'))
|
||||
|
||||
# Sort the records. The None records *must* go first. Otherwise it doesn't matter.
|
||||
records.sort(key = lambda rec : (rec[0] is not None, str(rec[0])))
|
||||
|
||||
return records
|
||||
|
||||
########################################################################
|
||||
|
@ -2,7 +2,8 @@
|
||||
|
||||
source setup/functions.sh
|
||||
|
||||
apt_install python3-flask links duplicity
|
||||
apt_install python3-flask links duplicity libyaml-dev
|
||||
pip3 install rtyaml
|
||||
|
||||
# Create a backup directory and a random key for encrypting backups.
|
||||
mkdir -p $STORAGE_ROOT/backup
|
||||
|
@ -7,7 +7,7 @@ apt-get -qq -y upgrade
|
||||
|
||||
# Install basic utilities.
|
||||
|
||||
apt_install python3 wget curl bind9-host
|
||||
apt_install python3 python3-pip wget curl bind9-host
|
||||
|
||||
# Turn on basic services:
|
||||
#
|
||||
@ -29,4 +29,4 @@ if [ -z "$DISABLE_FIREWALL" ]; then
|
||||
apt_install ufw
|
||||
ufw_allow ssh;
|
||||
ufw --force enable;
|
||||
fi
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user