Browse Source

Converted bind

tags/v3.0.0
Robin Thoni 5 years ago
parent
commit
d49f9f4d86

+ 9
- 21
bind/Dockerfile View File

@@ -1,29 +1,17 @@
1
-FROM robinthoni/debian-multiarch:jessie
1
+FROM debian:stretch
2 2
 
3
-MAINTAINER Robin Thoni <robin@rthoni.com>
3
+ADD https://raw.githubusercontent.com/robin-thoni/docker-utils/v1.1.0/setup.sh /tmp/docker-utils-setup.sh
4
+RUN sh /tmp/docker-utils-setup.sh
5
+ENTRYPOINT ["gcf-entrypoint"]
4 6
 
5
-ARG CONFIG_DIR=/etc/default/config-files/
6
-
7
-RUN apt-get update && apt-get -y install\
7
+RUN pkgs-install\
8 8
         bind9\
9 9
         dnsutils\
10
-        bind9utils &&\
11
-        apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
12
-
13
-RUN rm -rf /var/log/*
14
-
15
-COPY ./vars-vars /etc/vars-vars
16
-
17
-COPY ./vars-files /etc/vars-files
18
-
19
-COPY ./common.sh /common.sh
20
-
21
-COPY ./run.sh /run.sh
22
-
23
-RUN mkdir "${CONFIG_DIR}"
10
+        bind9utils
24 11
 
25
-COPY ./config "${CONFIG_DIR}"
12
+COPY ./config /etc/salt/base/
26 13
 
27 14
 EXPOSE 53/udp 53/tcp
28 15
 
29
-CMD ["/run.sh"]
16
+#CMD ["named-checkconf", "-z"]
17
+CMD ["named", "-f", "-d", "10", "-4"]

+ 0
- 41
bind/common.sh View File

@@ -1,41 +0,0 @@
1
-export CONFIG_DIR="/etc/default/config-files/"
2
-
3
-resolv_host()
4
-{
5
-  hostname="${1}"
6
-  ip=$(getent hosts "${hostname}" | cut -d' ' -f1)
7
-  echo "${ip}"
8
-}
9
-
10
-replace_var()
11
-{
12
-  file="${1}"
13
-  var="${2}"
14
-  sed -e "s?${var}?${!var}?g" -i "${file}"
15
-}
16
-
17
-replace_vars()
18
-{
19
-  file="${1}"
20
-  for var in $(cat /etc/vars-vars)
21
-  do
22
-    replace_var "${file}" "${var}"
23
-  done
24
-}
25
-
26
-replace_files()
27
-{
28
-  cat /etc/vars-files | while read line
29
-  do
30
-    filesrc="${CONFIG_DIR}$(echo "${line}" | awk '{print $1}')"
31
-    filedst=$(echo "${line}" | awk '{print $2}')
32
-    if [ -f "${filesrc}" ]
33
-    then
34
-      echo "Expanding file ${filesrc} to ${filedst}"
35
-      cp "${filesrc}" "${filedst}"
36
-      replace_vars "${filedst}"
37
-    else
38
-      echo "File ${filesrc} does not exist. Skipping."
39
-    fi
40
-  done
41
-}

+ 7
- 0
bind/config/states/bind/init.sls View File

@@ -0,0 +1,7 @@
1
+{% for filename in ["named.conf", "named.conf.local", "rndc.conf"] %}
2
+bind9-config-{{ filename }}:
3
+  file.managed:
4
+    - name: /etc/bind/{{ filename }}
5
+    - source: salt://bind/{{ filename }}
6
+    - template: jinja
7
+{% endfor %}

bind/config/named.conf → bind/config/states/bind/named.conf View File

@@ -6,17 +6,17 @@ logging {
6 6
 
7 7
 key "key-internal" {
8 8
     algorithm HMAC-MD5;
9
-    secret "DNS_TSIG_KEY_INTERNAL_SECRET";
9
+    secret "{{ salt['pillar.get']("model:dns:tsig:keys:internal") }}";
10 10
 };
11 11
 
12 12
 key "key-external" {
13 13
     algorithm HMAC-MD5;
14
-    secret "DNS_TSIG_KEY_EXTERNAL_SECRET";
14
+    secret "{{ salt['pillar.get']("model:dns:tsig:keys:external") }}";
15 15
 };
16 16
 
17 17
 key "key-rndc" {
18 18
     algorithm HMAC-MD5;
19
-    secret "DNS_TSIG_KEY_RNDC_SECRET";
19
+    secret "{{ salt['pillar.get']("model:dns:tsig:keys:rndc") }}";
20 20
 };
21 21
 
22 22
 acl "acl-internal" {

bind/config/named.conf.local → bind/config/states/bind/named.conf.local View File

@@ -17,9 +17,15 @@ view "view-internal" {
17 17
   allow-notify {
18 18
     key "key-internal";
19 19
   };
20
+  {% if (salt['pillar.get']("model:dns:forwarders", []) | length) > 0 %}
21
+  forwarders {
22
+  {% for forwarder in salt['pillar.get']("model:dns:forwarders") %}
23
+    {{ forwarder }};
24
+  {% endfor %}
25
+  };
26
+  {% endif %}
20 27
 
21 28
   include "/etc/bind/named.conf.default-zones";
22
-  include "/etc/bind/zones.rfc1918";
23 29
   include "/etc/bind/config/named.conf.local.internal";
24 30
 };
25 31
 

bind/config/rndc.conf → bind/config/states/bind/rndc.conf View File


+ 0
- 8
bind/run.sh View File

@@ -1,8 +0,0 @@
1
-#! /usr/bin/env bash
2
-
3
-. /common.sh
4
-
5
-replace_files
6
-
7
-exec named -f -d 10 -4
8
-#exec cat /etc/bind/named.conf; named-checkconf -z; named -f -d 10 -4

+ 0
- 3
bind/vars-files View File

@@ -1,3 +0,0 @@
1
-named.conf /etc/bind/named.conf
2
-named.conf.local /etc/bind/named.conf.local
3
-rndc.conf /etc/bind/rndc.conf

+ 0
- 22
bind/vars-vars View File

@@ -1,22 +0,0 @@
1
-DHCP_DNS_MASTER
2
-DHCP_DNS_SERVERS
3
-DHCP_TFTP_SERVER
4
-DHCP_ROUTERS
5
-DHCP_UNIFI_CONTROLLER_IP
6
-
7
-DHCP_DOMAIN
8
-DHCP_SITE_DOMAIN
9
-DHCP_DYN_IPS_DOMAIN
10
-DHCP_REV_DOMAIN
11
-
12
-DHCP_SUBNET
13
-DHCP_NETMASK
14
-DHCP_IP_FIRST
15
-DHCP_IP_LAST
16
-DHCP_BROADCAST
17
-
18
-DNS_FORWARDER_IP_1
19
-DNS_FORWARDER_IP_2
20
-DNS_TSIG_KEY_INTERNAL_SECRET
21
-DNS_TSIG_KEY_EXTERNAL_SECRET
22
-DNS_TSIG_KEY_RNDC_SECRET

Loading…
Cancel
Save