fix sync-slave
This commit is contained in:
@@ -4,19 +4,32 @@ use strict;
|
|||||||
use warnings;
|
use warnings;
|
||||||
use Martnet::DDNS;
|
use Martnet::DDNS;
|
||||||
use File::Temp qw/tempfile/;
|
use File::Temp qw/tempfile/;
|
||||||
use Data::Dumper;
|
|
||||||
|
|
||||||
my $force = shift; # a "force" flag, if the update is big
|
# Optional positional "force" flag (legacy behavior):
|
||||||
|
# sync-slave [force]
|
||||||
|
# If more than 10 changes would be made, the script will refuse unless force is set.
|
||||||
|
my $force = shift;
|
||||||
|
|
||||||
my $ddns = Martnet::DDNS->new();
|
my $ddns = Martnet::DDNS->new();
|
||||||
|
|
||||||
my @vh = $ddns->get('_pureslave');
|
# Pull all control-plane entries, then filter out datasets that are not zones.
|
||||||
|
# In the new model, _config is metadata and must never appear in slave zone stanzas.
|
||||||
|
# Also guard against any malformed 'master' that could result in invalid BIND config.
|
||||||
|
my @vh_all = $ddns->get();
|
||||||
|
|
||||||
|
my @vh = grep {
|
||||||
|
$_->{type} ne '_config' &&
|
||||||
|
defined($_->{zone}) && $_->{zone} ne '' &&
|
||||||
|
defined($_->{master}) && $_->{master} ne '' &&
|
||||||
|
$_->{master} !~ /^\s*[\{\[]/ # never allow JSON into masters { ... }
|
||||||
|
} @vh_all;
|
||||||
|
|
||||||
my %vhh = map { $_->{zone} => 1 } @vh;
|
my %vhh = map { $_->{zone} => 1 } @vh;
|
||||||
|
|
||||||
my @all = parse_slavefile("/etc/bind/martnet.slave.zones.9");
|
my @all = parse_slavefile("/etc/bind/martnet.slave.zones.9");
|
||||||
my %allh = all_zones_hash(@all);
|
my %allh = all_zones_hash(@all);
|
||||||
|
|
||||||
# For each virtual host, see if we've got it already
|
# For each managed zone, see if it's already present with the same masters list.
|
||||||
my $changecount = 0;
|
my $changecount = 0;
|
||||||
foreach my $i (@vh) {
|
foreach my $i (@vh) {
|
||||||
unless (contains_zone($i, @all)) {
|
unless (contains_zone($i, @all)) {
|
||||||
@@ -25,9 +38,9 @@ foreach my $i (@vh) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach my $i (keys %allh) {
|
# For each zone currently in the file, see if it's still managed.
|
||||||
$changecount++
|
foreach my $z (keys %allh) {
|
||||||
unless ($vhh{$i});
|
$changecount++ unless ($vhh{$z});
|
||||||
}
|
}
|
||||||
|
|
||||||
die "Cowardly refusing to make a big update automatically [$changecount]"
|
die "Cowardly refusing to make a big update automatically [$changecount]"
|
||||||
@@ -46,12 +59,13 @@ sub parse_slavefile {
|
|||||||
|
|
||||||
open(my $fh, $f) || die "Can't open $f: $!";
|
open(my $fh, $f) || die "Can't open $f: $!";
|
||||||
while (<$fh>) {
|
while (<$fh>) {
|
||||||
|
# Example generated line:
|
||||||
|
# zone "example.com" { type slave; file "..."; masters { 1.2.3.4;5.6.7.8; }; allow-notify {...}; };
|
||||||
if (/^zone\s+\"([^\"]+)\"\s+\{.+masters\s?\{\s?([^\}]+);\s?\};/) {
|
if (/^zone\s+\"([^\"]+)\"\s+\{.+masters\s?\{\s?([^\}]+);\s?\};/) {
|
||||||
push ( @ret, { zone => $1,
|
push(@ret, { zone => $1, master => $2 });
|
||||||
master => $2
|
|
||||||
} );
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
close $fh;
|
||||||
return @ret;
|
return @ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -63,16 +77,28 @@ sub do_rewrite {
|
|||||||
|
|
||||||
foreach my $i (sort { $a->{zone} cmp $b->{zone} } @vh) {
|
foreach my $i (sort { $a->{zone} cmp $b->{zone} } @vh) {
|
||||||
die "No master(s) found for slave zone $i->{zone}"
|
die "No master(s) found for slave zone $i->{zone}"
|
||||||
unless defined($i->{master}) && $i->{master} ne '';
|
unless defined($i->{master}) && $i->{master} ne '' && $i->{master} !~ /^\s*[\{\[]/;
|
||||||
|
|
||||||
print $fh "zone \"$i->{zone}\" { type slave; file \"/var/cache/bind/db.$i->{zone}\"; masters { $i->{master}; }; allow-notify {key \"notify-key\";}; };\n";
|
print $fh "zone \"$i->{zone}\" { type slave; file \"/var/cache/bind/db.$i->{zone}\"; masters { $i->{master}; }; allow-notify {key \"notify-key\";}; };\n";
|
||||||
}
|
}
|
||||||
close $fh;
|
close $fh;
|
||||||
|
|
||||||
print "Installing new slave host list\n";
|
print "Installing new slave host list\n";
|
||||||
my $old_uid = (lstat "/etc/bind/martnet.slave.zones.9")[4];
|
|
||||||
my $old_gid = (lstat "/etc/bind/martnet.slave.zones.9")[5];
|
my $dest = "/etc/bind/martnet.slave.zones.9";
|
||||||
system("install -o $old_uid -g $old_gid $path /etc/bind/martnet.slave.zones.9");
|
my ($old_uid, $old_gid) = (0, 0);
|
||||||
|
|
||||||
|
if (-e $dest) {
|
||||||
|
$old_uid = (lstat $dest)[4];
|
||||||
|
$old_gid = (lstat $dest)[5];
|
||||||
|
}
|
||||||
|
|
||||||
|
system("install -o $old_uid -g $old_gid $path $dest") == 0
|
||||||
|
or die "install failed: $?";
|
||||||
|
|
||||||
print "Reloading DNS files\n";
|
print "Reloading DNS files\n";
|
||||||
system("/usr/sbin/rndc reload");
|
system("/usr/sbin/rndc reload") == 0
|
||||||
|
or die "rndc reload failed: $?";
|
||||||
}
|
}
|
||||||
|
|
||||||
sub all_zones_hash {
|
sub all_zones_hash {
|
||||||
@@ -92,8 +118,7 @@ sub contains_zone {
|
|||||||
if ($i->{zone} eq $zone->{zone}) {
|
if ($i->{zone} eq $zone->{zone}) {
|
||||||
print "m: '$i->{master}' ne '$zone->{master}'\n"
|
print "m: '$i->{master}' ne '$zone->{master}'\n"
|
||||||
unless ($i->{master} eq $zone->{master});
|
unless ($i->{master} eq $zone->{master});
|
||||||
return 1
|
return 1 if ($i->{master} eq $zone->{master});
|
||||||
if ($i->{master} eq $zone->{master});
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
|||||||
Reference in New Issue
Block a user