From e3ee8003598d8088969bec44433d552054962d84 Mon Sep 17 00:00:00 2001 From: KiekerJan Date: Tue, 8 Jul 2025 20:12:09 +0200 Subject: [PATCH] fix SOA record check against secondary dns (#2507) --- management/status_checks.py | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/management/status_checks.py b/management/status_checks.py index 910bbe30..e4996542 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -584,8 +584,12 @@ def check_dns_zone(domain, env, output, dns_zonefiles): continue # Choose the first IP if nameserver returns multiple ns_ip = ns_ips.split('; ')[0] - - checkSOA = True + + # No need to check if we could not obtain the SOA record + if SOARecord == '[timeout]': + checkSOA = False + else: + checkSOA = True # Now query it to see what it says about this domain. ip = query_dns(domain, "A", at=ns_ip, nxdomain=None) @@ -607,10 +611,10 @@ def check_dns_zone(domain, env, output, dns_zonefiles): if SOARecord == SOASecondary: output.print_ok(f"Secondary nameserver {ns} has consistent SOA record.") - elif SOARecord == '[Not Set]': + elif SOASecondary == '[Not Set]': output.print_error(f"Secondary nameserver {ns} has no SOA record configured.") - elif SOARecord == '[timeout]': - output.print_error(f"Secondary nameserver {ns} timed out on checking SOA record.") + elif SOASecondary == '[timeout]': + output.print_warning(f"Secondary nameserver {ns} timed out on checking SOA record.") else: output.print_error(f"""Secondary nameserver {ns} has inconsistent SOA record (primary: {SOARecord} versus secondary: {SOASecondary}). Check that synchronization between secondary and primary DNS servers is properly set-up.""")