From 2793b4be94890f4b64f37c695495ff9e4ba0d5d2 Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Sun, 1 Apr 2018 22:24:17 +0200 Subject: Unbound: handle SRV record --- src/Propellor/Property/Unbound.hs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index 470aad7e..e6b6ca88 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -120,7 +120,15 @@ genRecord dom (PTR revip) = Just $ genPTR dom revip genRecord _ (CNAME _) = Nothing genRecord _ (NS _) = Nothing genRecord _ (TXT _) = Nothing -genRecord _ (SRV _ _ _ _) = Nothing +genRecord dom (SRV priority weight port target) = Just $ unwords + [ dValue dom + , "IN" + , "SRV" + , val priority + , val weight + , val port + , dValue target + ] genRecord _ (SSHFP _ _ _) = Nothing genRecord _ (INCLUDE _) = Nothing -- cgit v1.2.3 From 02dcc859457e48686f0d5159375cbe8ef249d4c0 Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Sun, 1 Apr 2018 22:29:14 +0200 Subject: Unbound: simplify existing records --- src/Propellor/Property/Unbound.hs | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index e6b6ca88..0d057924 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -115,8 +115,17 @@ genRecord' dom r = " local-data: \"" ++ fromMaybe "" (genRecord dom r) ++ "\" genRecord :: BindDomain -> Record -> Maybe String genRecord dom (Address addr) = Just $ genAddressNoTtl dom addr -genRecord dom (MX priority dest) = Just $ genMX dom priority dest -genRecord dom (PTR revip) = Just $ genPTR dom revip +genRecord dom (MX priority dest) = Just $ unwords + [ dValue dom + , "MX" + , val priority + , dValue dest + ] +genRecord dom (PTR revip) = Just $ unwords + [ revip ++ "." + , "PTR" + , dValue dom + ] genRecord _ (CNAME _) = Nothing genRecord _ (NS _) = Nothing genRecord _ (TXT _) = Nothing @@ -141,10 +150,10 @@ genAddress dom ttl addr = case addr of IPv6 _ -> genAddress' "AAAA" dom ttl addr genAddress' :: String -> BindDomain -> Maybe Int -> IPAddr -> String -genAddress' recordtype dom ttl addr = dValue dom ++ " " ++ maybe "" (\ttl' -> val ttl' ++ " ") ttl ++ "IN " ++ recordtype ++ " " ++ val addr - -genMX :: BindDomain -> Int -> BindDomain -> String -genMX dom priority dest = dValue dom ++ " " ++ "MX" ++ " " ++ val priority ++ " " ++ dValue dest - -genPTR :: BindDomain -> ReverseIP -> String -genPTR dom revip = revip ++ ". " ++ "PTR" ++ " " ++ dValue dom +genAddress' recordtype dom ttl addr = unwords $ + [ dValue dom ] + ++ maybe [] (\ttl' -> [val ttl']) ttl ++ + [ "IN" + , recordtype + , val addr + ] -- cgit v1.2.3 From 0f022f07523a2221d527c705caff2a2d8cc83a03 Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Sun, 1 Apr 2018 22:43:20 +0200 Subject: Unbound: handle missing records --- src/Propellor/Property/Unbound.hs | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index 0d057924..a17e5dd4 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -126,19 +126,36 @@ genRecord dom (PTR revip) = Just $ unwords , "PTR" , dValue dom ] -genRecord _ (CNAME _) = Nothing -genRecord _ (NS _) = Nothing -genRecord _ (TXT _) = Nothing +genRecord dom (CNAME dest) = Just $ unwords + [ dValue dom + , "CNAME" + , dValue dest + ] +genRecord dom (NS serv) = Just $ unwords + [ dValue dom + , "NS" + , dValue serv + ] +genRecord dom (TXT txt) = Just $ unwords + [ dValue dom + , "TXT" + , txt + ] genRecord dom (SRV priority weight port target) = Just $ unwords [ dValue dom - , "IN" , "SRV" , val priority , val weight , val port , dValue target ] -genRecord _ (SSHFP _ _ _) = Nothing +genRecord dom (SSHFP algo hash fingerprint) = Just $ unwords + [ dValue dom + , "SSHFP" + , val algo + , val hash + , fingerprint + ] genRecord _ (INCLUDE _) = Nothing genAddressNoTtl :: BindDomain -> IPAddr -> String -- cgit v1.2.3 From 6bcb3b886ca50fc5d1cf248db3c06da8988c839c Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Fri, 4 May 2018 15:18:29 +0200 Subject: Unbound: add a warning note for CNAME --- src/Propellor/Property/Unbound.hs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index a17e5dd4..2949b8e0 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -126,6 +126,9 @@ genRecord dom (PTR revip) = Just $ unwords , "PTR" , dValue dom ] +-- | Be carefull with CNAMEs, unbound is not a primary DNS server, so it will +-- resolve these by itself. For a locally served zone, you probably want A/AAAA +-- records instead. genRecord dom (CNAME dest) = Just $ unwords [ dValue dom , "CNAME" -- cgit v1.2.3 From 7e67310cf3c9f5cb1ac1fd51582960883e9b1c34 Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Sat, 5 May 2018 21:45:08 +0200 Subject: Unbound: move haddock comment to cachingDnsServer --- src/Propellor/Property/Unbound.hs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index 2949b8e0..ec8b6d83 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -64,6 +64,10 @@ config = "/etc/unbound/unbound.conf.d/propellor.conf" -- | Provided a [UnboundSection], a [UnboundZone] and a [UnboundHost], -- cachingDnsServer ensure unbound is configured accordingly. -- +-- Be carefull with CNAMEs, unbound is not a primary DNS server, so it will +-- resolve these by itself. For a locally served zone, you probably want A/AAAA +-- records instead. +-- -- Example property: -- -- > cachingDnsServer @@ -126,9 +130,6 @@ genRecord dom (PTR revip) = Just $ unwords , "PTR" , dValue dom ] --- | Be carefull with CNAMEs, unbound is not a primary DNS server, so it will --- resolve these by itself. For a locally served zone, you probably want A/AAAA --- records instead. genRecord dom (CNAME dest) = Just $ unwords [ dValue dom , "CNAME" -- cgit v1.2.3