refactor dns_update so that the zone is first generated in a file-format agnostic way
This commit is contained in:
parent
8ed15168c0
commit
7fa4862f1a
|
@ -25,7 +25,8 @@ def do_dns_update(env):
|
||||||
os.makedirs('/etc/nsd/zones', exist_ok=True)
|
os.makedirs('/etc/nsd/zones', exist_ok=True)
|
||||||
updated_domains = []
|
updated_domains = []
|
||||||
for domain, zonefile in zonefiles:
|
for domain, zonefile in zonefiles:
|
||||||
if write_nsd_zone(domain, "/etc/nsd/zones/" + zonefile, env):
|
records = build_zone(domain, env)
|
||||||
|
if write_nsd_zone(domain, "/etc/nsd/zones/" + zonefile, records, env):
|
||||||
updated_domains.append(domain)
|
updated_domains.append(domain)
|
||||||
|
|
||||||
# Write the main nsd.conf file.
|
# Write the main nsd.conf file.
|
||||||
|
@ -45,7 +46,37 @@ def do_dns_update(env):
|
||||||
|
|
||||||
########################################################################
|
########################################################################
|
||||||
|
|
||||||
def write_nsd_zone(domain, zonefile, env):
|
def build_zone(domain, env):
|
||||||
|
records = []
|
||||||
|
records.append((None, "NS", "ns1.%s." % env["PUBLIC_HOSTNAME"]))
|
||||||
|
records.append((None, "NS", "ns2.%s." % env["PUBLIC_HOSTNAME"]))
|
||||||
|
records.append((None, "A", env["PUBLIC_IP"]))
|
||||||
|
records.append((None, "MX", "10 %s." % env["PUBLIC_HOSTNAME"]))
|
||||||
|
records.append((None, "TXT", '"v=spf1 mx -all"'))
|
||||||
|
records.append(("www", "A", env["PUBLIC_IP"]))
|
||||||
|
|
||||||
|
# In PUBLIC_HOSTNAME, also define ns1 and ns2.
|
||||||
|
if domain == env["PUBLIC_HOSTNAME"]:
|
||||||
|
records.append(("ns1", "A", env["PUBLIC_IP"]))
|
||||||
|
records.append(("ns2", "A", env["PUBLIC_IP"]))
|
||||||
|
|
||||||
|
# If OpenDKIM is in use..
|
||||||
|
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.txt')
|
||||||
|
if os.path.exists(opendkim_record_file):
|
||||||
|
# Append the DKIM TXT record to the zone as generated by OpenDKIM, after string formatting above.
|
||||||
|
with open(opendkim_record_file) as orf:
|
||||||
|
m = re.match(r"(\S+)\s+IN\s+TXT\s+(\(.*\))\s*;", orf.read(), re.S)
|
||||||
|
records.append((m.group(1), "TXT", m.group(2)))
|
||||||
|
|
||||||
|
# Append ADSP (RFC 5617) and DMARC records.
|
||||||
|
records.append(("_adsp._domainkey", "TXT", '"dkim=all"'))
|
||||||
|
records.append(("_dmarc", "TXT", '"v=DMARC1; p=quarantine"'))
|
||||||
|
|
||||||
|
return records
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
def write_nsd_zone(domain, zonefile, records, env):
|
||||||
# We set the administrative email address for every domain to domain_contact@[domain.com].
|
# We set the administrative email address for every domain to domain_contact@[domain.com].
|
||||||
# You should probably create an alias to your email address.
|
# You should probably create an alias to your email address.
|
||||||
|
|
||||||
|
@ -60,39 +91,17 @@ $TTL 86400 ; default time to live
|
||||||
864000 ; Expire
|
864000 ; Expire
|
||||||
86400 ; Min TTL
|
86400 ; Min TTL
|
||||||
)
|
)
|
||||||
|
|
||||||
NS ns1.{primary_domain}.
|
|
||||||
NS ns2.{primary_domain}.
|
|
||||||
IN A {ip}
|
|
||||||
MX 10 {primary_domain}.
|
|
||||||
|
|
||||||
300 TXT "v=spf1 mx -all"
|
|
||||||
|
|
||||||
www IN A {ip}
|
|
||||||
"""
|
|
||||||
|
|
||||||
# In PUBLIC_HOSTNAME, also define ns1 and ns2.
|
|
||||||
if domain == env["PUBLIC_HOSTNAME"]:
|
|
||||||
zone += """
|
|
||||||
ns1 IN A {ip}
|
|
||||||
ns2 IN A {ip}
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# Replace replacement strings.
|
# Replace replacement strings.
|
||||||
zone = zone.format(domain=domain, primary_domain=env["PUBLIC_HOSTNAME"], ip=env["PUBLIC_IP"])
|
zone = zone.format(domain=domain, primary_domain=env["PUBLIC_HOSTNAME"])
|
||||||
|
|
||||||
# If OpenDKIM is in use..
|
# Add records.
|
||||||
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.txt')
|
for subdomain, querytype, value in records:
|
||||||
if os.path.exists(opendkim_record_file):
|
if subdomain:
|
||||||
# Append the DKIM TXT record to the zone as generated by OpenDKIM, after string formatting above.
|
zone += subdomain
|
||||||
with open(opendkim_record_file) as orf:
|
zone += "\tIN\t" + querytype + "\t"
|
||||||
zone += orf.read()
|
zone += value + "\n"
|
||||||
|
|
||||||
# Append ADSP (RFC 5617) and DMARC records.
|
|
||||||
zone += """
|
|
||||||
_adsp._domainkey IN TXT "dkim=all"
|
|
||||||
_dmarc IN TXT "v=DMARC1; p=quarantine"
|
|
||||||
"""
|
|
||||||
|
|
||||||
# Set the serial number.
|
# Set the serial number.
|
||||||
serial = time.strftime("%Y%m%d00")
|
serial = time.strftime("%Y%m%d00")
|
||||||
|
@ -177,4 +186,3 @@ def write_opendkim_tables(zonefiles, env):
|
||||||
for domain, zonefile in zonefiles
|
for domain, zonefile in zonefiles
|
||||||
))
|
))
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue