mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-25 07:47:05 +00:00
add principal functionality to act as hidden master
This commit is contained in:
parent
8b13a3b177
commit
b9e7175d9f
@ -145,13 +145,20 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en
|
|||||||
# 'False' in the tuple indicates these records would not be used if the zone
|
# 'False' in the tuple indicates these records would not be used if the zone
|
||||||
# is managed outside of the box.
|
# is managed outside of the box.
|
||||||
if is_zone:
|
if is_zone:
|
||||||
|
# Define ns2.PRIMARY_HOSTNAME or whatever the user overrides.
|
||||||
|
# User may provide one or more additional nameservers
|
||||||
|
secondary_ns_list = get_secondary_dns(additional_records, mode="NS")
|
||||||
|
|
||||||
|
# Need at least two nameservers in the secondary dns list
|
||||||
|
useHiddenMaster = os.path.exists("/etc/usehiddenmasterdns") and len(secondary_ns_list) > 1
|
||||||
|
|
||||||
|
if not useHiddenMaster:
|
||||||
# Obligatory definition of ns1.PRIMARY_HOSTNAME.
|
# Obligatory definition of ns1.PRIMARY_HOSTNAME.
|
||||||
records.append((None, "NS", "ns1.%s." % env["PRIMARY_HOSTNAME"], False))
|
records.append((None, "NS", "ns1.%s." % env["PRIMARY_HOSTNAME"], False))
|
||||||
|
|
||||||
# Define ns2.PRIMARY_HOSTNAME or whatever the user overrides.
|
if len(secondary_ns_list) == 0:
|
||||||
# User may provide one or more additional nameservers
|
secondary_ns_list = ["ns2." + env["PRIMARY_HOSTNAME"]]
|
||||||
secondary_ns_list = get_secondary_dns(additional_records, mode="NS") \
|
|
||||||
or ["ns2." + env["PRIMARY_HOSTNAME"]]
|
|
||||||
for secondary_ns in secondary_ns_list:
|
for secondary_ns in secondary_ns_list:
|
||||||
records.append((None, "NS", secondary_ns+'.', False))
|
records.append((None, "NS", secondary_ns+'.', False))
|
||||||
|
|
||||||
@ -467,12 +474,26 @@ def write_nsd_zone(domain, zonefile, records, env, force):
|
|||||||
# For the refresh through TTL fields, a good reference is:
|
# For the refresh through TTL fields, a good reference is:
|
||||||
# http://www.peerwisdom.org/2013/05/15/dns-understanding-the-soa-record/
|
# http://www.peerwisdom.org/2013/05/15/dns-understanding-the-soa-record/
|
||||||
|
|
||||||
|
# Time To Refresh – How long in seconds a nameserver should wait prior to checking for a Serial Number
|
||||||
|
# increase within the primary zone file. An increased Serial Number means a transfer is needed to sync
|
||||||
|
# your records. Only applies to zones using secondary DNS.
|
||||||
|
# Time To Retry – How long in seconds a nameserver should wait prior to retrying to update a zone after
|
||||||
|
# a failed attempt. Only applies to zones using secondary DNS.
|
||||||
|
# Time To Expire – How long in seconds a nameserver should wait prior to considering data from a secondary
|
||||||
|
# zone invalid and stop answering queries for that zone. Only applies to zones using secondary DNS.
|
||||||
|
# Minimum TTL – How long in seconds that a nameserver or resolver should cache a negative response.
|
||||||
|
|
||||||
|
# To make use of hidden master initialize the DNS to be used as secondary DNS. Then change the following
|
||||||
|
# in the zone file:
|
||||||
|
# - Name the secondary DNS server as primary DNS in the SOA record
|
||||||
|
# - Do not add NS records for the Mail-in-a-Box server
|
||||||
|
|
||||||
|
|
||||||
zone = """
|
zone = """
|
||||||
$ORIGIN {domain}.
|
$ORIGIN {domain}.
|
||||||
$TTL {defttl} ; default time to live
|
$TTL {defttl} ; default time to live
|
||||||
|
|
||||||
@ IN SOA ns1.{primary_domain}. hostmaster.{primary_domain}. (
|
@ IN SOA {primary_dns}. hostmaster.{primary_domain}. (
|
||||||
__SERIAL__ ; serial number
|
__SERIAL__ ; serial number
|
||||||
{refresh} ; Refresh (secondary nameserver update interval)
|
{refresh} ; Refresh (secondary nameserver update interval)
|
||||||
{retry} ; Retry (when refresh fails, how often to try again)
|
{retry} ; Retry (when refresh fails, how often to try again)
|
||||||
@ -484,20 +505,28 @@ $TTL {defttl} ; default time to live
|
|||||||
# Default ttl values
|
# Default ttl values
|
||||||
p_defttl = 86400
|
p_defttl = 86400
|
||||||
p_refresh = 7200
|
p_refresh = 7200
|
||||||
p_retry = 3600
|
p_retry = 1800
|
||||||
p_expire = 1209600
|
p_expire = 1209600
|
||||||
p_negttl = 86400
|
p_negttl = 86400
|
||||||
|
|
||||||
|
primary_dns = "ns1" + env["PRIMARY_HOSTNAME"]
|
||||||
|
|
||||||
# Shorten dns ttl if file exists. Use just before moving domains, changin secondary dns servers etc
|
# Shorten dns ttl if file exists. Use just before moving domains, changin secondary dns servers etc
|
||||||
if os.path.exists("/etc/forceshortdnsttl"):
|
if os.path.exists("/etc/forceshortdnsttl"):
|
||||||
p_defttl = 300
|
p_defttl = 300
|
||||||
p_refresh = 3600
|
p_refresh = 3600
|
||||||
p_retry = 1800
|
p_retry = 900
|
||||||
p_expire = 43200
|
p_expire = 43200
|
||||||
p_negttl = 3600
|
p_negttl = 300
|
||||||
|
|
||||||
|
secondary_ns_list = get_secondary_dns(additional_records, mode="NS")
|
||||||
|
useHiddenMaster = os.path.exists("/etc/usehiddenmasterdns") and len(secondary_ns_list) > 1
|
||||||
|
|
||||||
|
if useHiddenMaster:
|
||||||
|
primary_dns = secondary_ns_list[0]
|
||||||
|
|
||||||
# Replace replacement strings.
|
# Replace replacement strings.
|
||||||
zone = zone.format(domain=domain, primary_domain=env["PRIMARY_HOSTNAME"], defttl=p_defttl,
|
zone = zone.format(domain=domain, primary_dns=primary_dns, primary_domain=env["PRIMARY_HOSTNAME"], defttl=p_defttl,
|
||||||
refresh=p_refresh, retry=p_retry, expire=p_expire, negttl=p_negttl)
|
refresh=p_refresh, retry=p_retry, expire=p_expire, negttl=p_negttl)
|
||||||
|
|
||||||
# Add records.
|
# Add records.
|
||||||
@ -1027,7 +1056,7 @@ def get_custom_dns_records(custom_dns, qname, rtype):
|
|||||||
def build_recommended_dns(env):
|
def build_recommended_dns(env):
|
||||||
ret = []
|
ret = []
|
||||||
for (domain, zonefile, records) in build_zones(env):
|
for (domain, zonefile, records) in build_zones(env):
|
||||||
# remove records that we don't dislay
|
# remove records that we don't display
|
||||||
records = [r for r in records if r[3] is not False]
|
records = [r for r in records if r[3] is not False]
|
||||||
|
|
||||||
# put Required at the top, then Recommended, then everythiing else
|
# put Required at the top, then Recommended, then everythiing else
|
||||||
|
Loading…
Reference in New Issue
Block a user