summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2015-01-04 21:26:21 -0400
committerJoey Hess2015-01-04 21:26:21 -0400
commit763a0ad3038883468e9211331d70a13008da6125 (patch)
treebfd9c902187e56ddcb66f683c622978c4c2c5493 /src
parent04f2fe947e72802c06e8463a1c3986927560237e (diff)
SSHFP records are also generated for CNAMES of hosts.
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Dns.hs12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs
index f3f9cc40..e19d82c5 100644
--- a/src/Propellor/Property/Dns.hs
+++ b/src/Propellor/Property/Dns.hs
@@ -80,7 +80,7 @@ setupPrimary zonefile mknamedconffile hosts domain soa rs =
baseprop = Property ("dns primary for " ++ domain) satisfy
(addNamedConf conf)
satisfy = do
- sshfps <- concat <$> mapM genSSHFP indomain
+ sshfps <- concat <$> mapM (genSSHFP domain) indomain
let zone = partialzone
{ zHosts = zHosts partialzone ++ rs ++ sshfps }
ifM (liftIO $ needupdate zone)
@@ -514,12 +514,16 @@ getNamedConf = asks $ fromNamedConfMap . _namedconf . hostInfo
-- ssh public keys.
--
-- This is done using ssh-keygen, so sadly needs IO.
-genSSHFP :: Host -> Propellor [(BindDomain, Record)]
-genSSHFP h = map (\r -> (AbsDomain hostname, r)) . concat <$> (gen =<< get)
+genSSHFP :: Domain -> Host -> Propellor [(BindDomain, Record)]
+genSSHFP domain h = concatMap mk . concat <$> (gen =<< get)
where
- hostname = hostName h
get = fromHost [h] hostname Ssh.getPubKey
gen = liftIO . mapM genSSHFP' . M.elems . fromMaybe M.empty
+ mk r = map (\d -> (d, r)) (AbsDomain hostname : cnames)
+ cnames = filter (inDomain domain) $
+ mapMaybe getCNAME $ S.toList $ _dns info
+ hostname = hostName h
+ info = hostInfo h
genSSHFP' :: String -> IO [Record]
genSSHFP' pubkey = withTmpFile "sshfp" $ \tmp tmph -> do