From 763a0ad3038883468e9211331d70a13008da6125 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 21:26:21 -0400 Subject: SSHFP records are also generated for CNAMES of hosts. --- src/Propellor/Property/Dns.hs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index f3f9cc40..e19d82c5 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -80,7 +80,7 @@ setupPrimary zonefile mknamedconffile hosts domain soa rs = baseprop = Property ("dns primary for " ++ domain) satisfy (addNamedConf conf) satisfy = do - sshfps <- concat <$> mapM genSSHFP indomain + sshfps <- concat <$> mapM (genSSHFP domain) indomain let zone = partialzone { zHosts = zHosts partialzone ++ rs ++ sshfps } ifM (liftIO $ needupdate zone) @@ -514,12 +514,16 @@ getNamedConf = asks $ fromNamedConfMap . _namedconf . hostInfo -- ssh public keys. -- -- This is done using ssh-keygen, so sadly needs IO. -genSSHFP :: Host -> Propellor [(BindDomain, Record)] -genSSHFP h = map (\r -> (AbsDomain hostname, r)) . concat <$> (gen =<< get) +genSSHFP :: Domain -> Host -> Propellor [(BindDomain, Record)] +genSSHFP domain h = concatMap mk . concat <$> (gen =<< get) where - hostname = hostName h get = fromHost [h] hostname Ssh.getPubKey gen = liftIO . mapM genSSHFP' . M.elems . fromMaybe M.empty + mk r = map (\d -> (d, r)) (AbsDomain hostname : cnames) + cnames = filter (inDomain domain) $ + mapMaybe getCNAME $ S.toList $ _dns info + hostname = hostName h + info = hostInfo h genSSHFP' :: String -> IO [Record] genSSHFP' pubkey = withTmpFile "sshfp" $ \tmp tmph -> do -- cgit v1.2.3