summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2015-01-04 13:42:01 -0400
committerJoey Hess2015-01-04 13:42:01 -0400
commitbf34d6f423bd2da76938dfdc1cf4525dc17b97c5 (patch)
treeb69593791ebbc0ec266f236bc4139f0873dda984 /src
parent3d21a2df5433a725b6060d9533da86aacb7a6527 (diff)
propellor spin
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Dns.hs10
-rw-r--r--src/Propellor/Property/DnsSec.hs9
2 files changed, 11 insertions, 8 deletions
diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs
index 47f39718..062b278b 100644
--- a/src/Propellor/Property/Dns.hs
+++ b/src/Propellor/Property/Dns.hs
@@ -56,15 +56,15 @@ import Data.List
primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty
primary hosts domain soa rs = RevertableProperty setup cleanup
where
- setup = setupPrimary zonefile hosts domain soa rs
+ setup = setupPrimary zonefile id hosts domain soa rs
`onChange` Service.reloaded "bind9"
cleanup = cleanupPrimary zonefile domain
`onChange` Service.reloaded "bind9"
zonefile = "/etc/bind/propellor/db." ++ domain
-setupPrimary :: FilePath -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property
-setupPrimary zonefile hosts domain soa rs =
+setupPrimary :: FilePath -> (FilePath -> FilePath) -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property
+setupPrimary zonefile mknamedconffile hosts domain soa rs =
withwarnings (check needupdate baseprop)
`requires` servingZones
where
@@ -79,7 +79,7 @@ setupPrimary zonefile hosts domain soa rs =
conf = NamedConf
{ confDomain = domain
, confDnsServerType = Master
- , confFile = zonefile
+ , confFile = mknamedconffile zonefile
, confMasters = []
, confAllowTransfer = nub $
concatMap (\h -> hostAddresses h hosts) $
@@ -132,7 +132,7 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup
where
-- TODO enable dnssec options.
-- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto;
- setup = setupPrimary zonefile hosts domain soa rs'
+ setup = setupPrimary zonefile signedZoneFile hosts domain soa rs'
`onChange` toProp (zoneSigned domain zonefile)
`onChange` Service.reloaded "bind9"
diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs
index f76a28ff..47fa9b32 100644
--- a/src/Propellor/Property/DnsSec.hs
+++ b/src/Propellor/Property/DnsSec.hs
@@ -44,19 +44,18 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup
`requires` toProp (keysInstalled domain)
cleanup = combineProperties ("removed signed zone for " ++ domain)
- [ File.notPresent signedzonefile
+ [ File.notPresent (signedZoneFile zonefile)
, File.notPresent dssetfile
, toProp (revert (keysInstalled domain))
]
- signedzonefile = dir </> domain ++ ".signed"
dssetfile = dir </> "-" ++ domain ++ "."
dir = takeDirectory zonefile
-- Need to update the signed zone file if the zone file or
-- any of the keys have a newer timestamp.
needupdate = do
- v <- catchMaybeIO $ getModificationTime signedzonefile
+ v <- catchMaybeIO $ getModificationTime (signedZoneFile zonefile)
case v of
Nothing -> return True
Just t1 -> anyM (newerthan t1) $
@@ -110,3 +109,7 @@ isPublic k = k `elem` [PubZSK, PubKSK]
isZoneSigningKey :: DnsSecKey -> Bool
isZoneSigningKey k = k `elem` [PubZSK, PrivZSK]
+
+-- | dnssec-signzone makes a .signed file
+signedZoneFile :: FilePath -> FilePath
+signedZoneFile zonefile = zonefile ++ ".signed"