diff options
| author | Paul Buetow <paul@buetow.org> | 2024-03-23 16:26:13 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2024-03-23 16:26:13 +0200 |
| commit | 0bc6c85eac08999d95623ea80ac54942b5a956cb (patch) | |
| tree | f3db7ac7bb286890873aa78b34af69dc85fa2cbf /frontends | |
| parent | 617003106fa8cc7caf6d7e3971a74da0ff12eb97 (diff) | |
add master and standby
Diffstat (limited to 'frontends')
| -rw-r--r-- | frontends/etc/acme-client.conf.tpl | 2 | ||||
| -rw-r--r-- | frontends/etc/gogios.json.tpl | 19 | ||||
| -rw-r--r-- | frontends/etc/httpd.conf.tpl | 2 | ||||
| -rw-r--r-- | frontends/etc/relayd.conf.tpl | 6 | ||||
| -rw-r--r-- | frontends/scripts/acme.sh.tpl | 2 | ||||
| -rw-r--r-- | frontends/scripts/dns-failover.ksh | 8 | ||||
| -rw-r--r-- | frontends/scripts/gemtexter.sh.tpl | 8 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/buetow.org.zone.tpl | 30 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/dtail.dev.zone.tpl | 4 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/foo.zone.zone.tpl | 4 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/irregular.ninja.zone.tpl | 4 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/snonux.foo.zone.tpl | 4 |
12 files changed, 53 insertions, 40 deletions
diff --git a/frontends/etc/acme-client.conf.tpl b/frontends/etc/acme-client.conf.tpl index 8e00119..b52f5b0 100644 --- a/frontends/etc/acme-client.conf.tpl +++ b/frontends/etc/acme-client.conf.tpl @@ -24,7 +24,7 @@ authority buypass-test { } <% for my $host (@$acme_hosts) { -%> -<% for my $prefix ('', 'www.', 'mirror.') { -%> +<% for my $prefix ('', 'www.', 'standby.') { -%> domain <%= $prefix.$host %> { domain key "/etc/ssl/private/<%= $prefix.$host %>.key" domain full chain certificate "/etc/ssl/<%= $prefix.$host %>.fullchain.pem" diff --git a/frontends/etc/gogios.json.tpl b/frontends/etc/gogios.json.tpl index 5160da2..84a4bec 100644 --- a/frontends/etc/gogios.json.tpl +++ b/frontends/etc/gogios.json.tpl @@ -6,6 +6,16 @@ "CheckConcurrency": 3, "StateDir": "/var/run/gogios", "Checks": { + <% for my $host (qw(master standby)) { -%> + <% for my $proto (4, 6) { -%> + "Check Ping<%= $proto %> <%= $host %>.buetow.org": { + "Plugin": "<%= $plugin_dir %>/check_ping", + "Args": ["-H", "<%= $host %>.buetow.org", "-<%= $proto %>", "-w", "100,10%", "-c", "200,15%"], + "Retries": 3, + "RetryInterval": 3 + }, + <% } -%> + <% } -%> <% for my $host (qw(fishfinger blowfish)) { -%> "Check DTail <%= $host %>.buetow.org": { "Plugin": "/usr/local/bin/dtailhealth", @@ -29,15 +39,18 @@ }, <% } -%> <% for my $host (@$acme_hosts) { -%> - <% for my $prefix ('', 'mirror.', 'www.') { -%> + <% for my $prefix ('', 'standby.', 'www.') { -%> + <% my $depends_on = $prefix eq 'standby.' ? 'standby.buetow.org' : 'master.buetow.org'; -%> "Check TLS Certificate <%= $prefix . $host %>": { "Plugin": "<%= $plugin_dir %>/check_http", - "Args": ["--sni", "-H", "<%= $prefix . $host %>", "-C", "20" ] + "Args": ["--sni", "-H", "<%= $prefix . $host %>", "-C", "20" ], + "DependsOn": ["Check Ping4 <%= $depends_on %>", "Check Ping6 <%= $depends_on %>"] }, <% for my $proto (4, 6) { -%> "Check HTTP IPv<%= $proto %> <%= $prefix . $host %>": { "Plugin": "<%= $plugin_dir %>/check_http", - "Args": ["<%= $prefix . $host %>", "-<%= $proto %>"] + "Args": ["<%= $prefix . $host %>", "-<%= $proto %>"], + "DependsOn": ["Check Ping<%= $proto %> <%= $depends_on %>"] }, <% } -%> <% } -%> diff --git a/frontends/etc/httpd.conf.tpl b/frontends/etc/httpd.conf.tpl index c636b80..bca42d8 100644 --- a/frontends/etc/httpd.conf.tpl +++ b/frontends/etc/httpd.conf.tpl @@ -1,5 +1,5 @@ <% - our @prefixes = ('', 'www.', 'mirror.'); + our @prefixes = ('', 'www.', 'standby.'); %> # Plain HTTP for ACME and HTTPS redirect diff --git a/frontends/etc/relayd.conf.tpl b/frontends/etc/relayd.conf.tpl index 968b4f8..f2edf43 100644 --- a/frontends/etc/relayd.conf.tpl +++ b/frontends/etc/relayd.conf.tpl @@ -4,9 +4,9 @@ tcp protocol "gemini" { tls keypair foo.zone tls keypair snonux.foo tls keypair paul.buetow.org - tls keypair mirror.foo.zone - tls keypair mirror.snonux.foo - tls keypair mirror.paul.buetow.org + tls keypair standby.foo.zone + tls keypair standby.snonux.foo + tls keypair standby.paul.buetow.org } relay "gemini4" { diff --git a/frontends/scripts/acme.sh.tpl b/frontends/scripts/acme.sh.tpl index 546bb55..0cf8b98 100644 --- a/frontends/scripts/acme.sh.tpl +++ b/frontends/scripts/acme.sh.tpl @@ -27,7 +27,7 @@ function handle_cert { has_update=no <% for my $host (@$acme_hosts) { -%> -<% for my $prefix ('', 'www.', 'mirror.') { -%> +<% for my $prefix ('', 'www.', 'standby.') { -%> handle_cert <%= $prefix.$host %> if [ $? -eq 0 ]; then has_update=yes diff --git a/frontends/scripts/dns-failover.ksh b/frontends/scripts/dns-failover.ksh index 0cb0b0b..dfc24ee 100644 --- a/frontends/scripts/dns-failover.ksh +++ b/frontends/scripts/dns-failover.ksh @@ -42,18 +42,18 @@ determine_master_and_standby () { transform () { sed -E ' /IN A .*; Enable failover/ { - /^mirror/! { + /^standby/! { s/^(.*) 300 IN A (.*) ; (.*)/\1 300 IN A '$(cat /var/nsd/run/master_a)' ; \3/; } - /^mirror/ { + /^standby/ { s/^(.*) 300 IN A (.*) ; (.*)/\1 300 IN A '$(cat /var/nsd/run/standby_a)' ; \3/; } } /IN AAAA .*; Enable failover/ { - /^mirror/! { + /^standby/! { s/^(.*) 300 IN AAAA (.*) ; (.*)/\1 300 IN AAAA '$(cat /var/nsd/run/master_aaaa)' ; \3/; } - /^mirror/ { + /^standby/ { s/^(.*) 300 IN AAAA (.*) ; (.*)/\1 300 IN AAAA '$(cat /var/nsd/run/standby_aaaa)' ; \3/; } } diff --git a/frontends/scripts/gemtexter.sh.tpl b/frontends/scripts/gemtexter.sh.tpl index ebd25d8..4d0c6e1 100644 --- a/frontends/scripts/gemtexter.sh.tpl +++ b/frontends/scripts/gemtexter.sh.tpl @@ -19,8 +19,8 @@ function ensure_site { ln -s $basename www.$basename fi - if [ ! -e mirror.$basename ]; then - ln -s $basename mirror.$basename + if [ ! -e standby.$basename ]; then + ln -s $basename standby.$basename fi if [ ! -d $basename ]; then @@ -48,8 +48,8 @@ function ensure_links { ln -s $basename www.$target fi - if [ ! -e mirror.$target ]; then - ln -s $basename mirror.$target + if [ ! -e standby.$target ]; then + ln -s $basename standby.$target fi } diff --git a/frontends/var/nsd/zones/master/buetow.org.zone.tpl b/frontends/var/nsd/zones/master/buetow.org.zone.tpl index 784fcac..fa50844 100644 --- a/frontends/var/nsd/zones/master/buetow.org.zone.tpl +++ b/frontends/var/nsd/zones/master/buetow.org.zone.tpl @@ -13,8 +13,10 @@ $TTL 4h IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +master IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover +master IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover IN MX 10 fishfinger.buetow.org. IN MX 20 blowfish.buetow.org. @@ -24,42 +26,40 @@ cool IN NS ns-707.awsdns-24.net. cool IN NS ns-1081.awsdns-07.org. cool IN NS ns-1818.awsdns-35.co.uk. -master.ha IN CNAME fishfinger.buetow.org. ; Delete this line - no longer required - paul 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover paul 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www.paul 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www.paul 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror.paul 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror.paul 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby.paul 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby.paul 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover tmp 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover tmp 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www.tmp 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www.tmp 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror.tmp 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror.tmp 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby.tmp 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby.tmp 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover dory 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover dory 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www.dory 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www.dory 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror.dory 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror.dory 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby.dory 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby.dory 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover solarcat 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover solarcat 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www.solarcat 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www.solarcat 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror.solarcat 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror.solarcat 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby.solarcat 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby.solarcat 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover fotos 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover fotos 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www.fotos 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www.fotos 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror.fotos 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror.fotos 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby.fotos 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby.fotos 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover blowfish 14400 IN A 23.88.35.144 blowfish 14400 IN AAAA 2a01:4f8:c17:20f1::42 @@ -77,7 +77,7 @@ zapad.sofia 14400 IN CNAME 79-100-3-54.ip.btc-net.bg. www2 14400 IN CNAME snonux.codeberg.page. znc 1800 IN CNAME fishfinger.buetow.org. www.znc 1800 IN CNAME fishfinger.buetow.org. -mirror.znc 1800 IN CNAME fishfinger.buetow.org. +standby.znc 1800 IN CNAME fishfinger.buetow.org. bnc 1800 IN CNAME fishfinger.buetow.org. www.bnc 1800 IN CNAME fishfinger.buetow.org. diff --git a/frontends/var/nsd/zones/master/dtail.dev.zone.tpl b/frontends/var/nsd/zones/master/dtail.dev.zone.tpl index 6a03749..d5196e0 100644 --- a/frontends/var/nsd/zones/master/dtail.dev.zone.tpl +++ b/frontends/var/nsd/zones/master/dtail.dev.zone.tpl @@ -16,6 +16,6 @@ $TTL 4h 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover github 86400 IN CNAME mimecast.github.io. diff --git a/frontends/var/nsd/zones/master/foo.zone.zone.tpl b/frontends/var/nsd/zones/master/foo.zone.zone.tpl index e59fb2f..1e898b3 100644 --- a/frontends/var/nsd/zones/master/foo.zone.zone.tpl +++ b/frontends/var/nsd/zones/master/foo.zone.zone.tpl @@ -16,5 +16,5 @@ $TTL 4h 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover diff --git a/frontends/var/nsd/zones/master/irregular.ninja.zone.tpl b/frontends/var/nsd/zones/master/irregular.ninja.zone.tpl index 8bb7701..85c0090 100644 --- a/frontends/var/nsd/zones/master/irregular.ninja.zone.tpl +++ b/frontends/var/nsd/zones/master/irregular.ninja.zone.tpl @@ -13,5 +13,5 @@ $TTL 4h 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover www 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover www 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover -mirror 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover -mirror 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover +standby 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +standby 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover diff --git a/frontends/var/nsd/zones/master/snonux.foo.zone.tpl b/frontends/var/nsd/zones/master/snonux.foo.zone.tpl index 77941bc..dc1a6a3 100644 --- a/frontends/var/nsd/zones/master/snonux.foo.zone.tpl +++ b/frontends/var/nsd/zones/master/snonux.foo.zone.tpl @@ -16,5 +16,5 @@ $TTL 4h 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover www 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover www 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover -mirror 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover -mirror 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover +standby 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover +standby 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover |