diff options
| author | Paul Buetow <paul@buetow.org> | 2024-03-17 19:12:44 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2024-03-17 19:12:44 +0200 |
| commit | 9948823497abb1f687ec875adf8b4be677e44ee3 (patch) | |
| tree | 60a620159e90880f25fc2c6e6969a6558abd04bb /frontends | |
| parent | 8f5a0c72b9e5ff76e1271dbecbd47c03a23a91ea (diff) | |
use multi-master nsd setup, for automatic DNS failovers in the future.
Diffstat (limited to 'frontends')
| -rw-r--r-- | frontends/Rexfile | 35 | ||||
| -rw-r--r-- | frontends/var/nsd/etc/nsd.conf.master.tpl | 4 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/foo.zone.zone.tpl | 8 | ||||
| -rw-r--r-- | frontends/var/nsd/zones/master/snonux.foo.zone.tpl | 10 |
4 files changed, 12 insertions, 45 deletions
diff --git a/frontends/Rexfile b/frontends/Rexfile index 95d7bed..0d9d184 100644 --- a/frontends/Rexfile +++ b/frontends/Rexfile @@ -15,12 +15,8 @@ use File::Slurp; # REX CONFIG SECTION group frontends => 'blowfish.buetow.org:2', 'fishfinger.buetow.org:2'; -group dnsmaster => 'blowfish.buetow.org:2'; -group dnsslaves => 'fishfinger.buetow.org:2'; our $ircbouncer_server = 'fishfinger.buetow.org:2'; group ircbouncer => $ircbouncer_server; -group wgserver => 'fishfinger.buetow.org:2'; -group wgclient => 'blowfish.buetow.org:2'; group openbsd_canary => 'blowfish.buetow.org:2'; user 'rex'; @@ -296,8 +292,8 @@ task 'smtpd', group => 'frontends', service 'smtpd', ensure => 'started'; }; -desc 'Setup DNS server'; -task 'nsd_master', group => 'dnsmaster', +desc 'Setup DNS server(s)'; +task 'nsd_master', group => 'frontends', sub { my $restart = FALSE; append_if_no_such_line '/etc/rc.conf.local', 'nsd_flags='; @@ -342,33 +338,6 @@ task 'nsd_master', group => 'dnsmaster', service 'nsd', ensure => 'started'; }; -desc 'Setup DNS slaves'; -task 'nsd_slaves', group => 'dnsslaves', - sub { - my $restart = FALSE; - - Rex::Logger::info('Dealing with slave DNS key'); - file '/var/nsd/etc/key.conf', - content => template('./var/nsd/etc/key.conf.tpl', - nsd_key => $secrets->('/var/nsd/etc/nsd_key.txt')), - owner => 'root', - group => '_nsd', - mode => '640', - on_change => sub { $restart = TRUE }; - - Rex::Logger::info('Dealing with slave DNS config'); - file '/var/nsd/etc/nsd.conf', - content => template('./var/nsd/etc/nsd.conf.slave.tpl', - dns_zones => \@dns_zones), - owner => 'root', - group => '_nsd', - mode => '640', - on_change => sub { $restart = TRUE }; - - service 'nsd' => 'restart' if $restart; - service 'nsd', ensure => 'started'; - }; - desc 'Setup DTail'; task 'dtail', group => 'frontends', sub { diff --git a/frontends/var/nsd/etc/nsd.conf.master.tpl b/frontends/var/nsd/etc/nsd.conf.master.tpl index cf1c311..7f5ba56 100644 --- a/frontends/var/nsd/etc/nsd.conf.master.tpl +++ b/frontends/var/nsd/etc/nsd.conf.master.tpl @@ -14,8 +14,4 @@ remote-control: zone: name: "<%= $zone %>" zonefile: "master/<%= $zone %>.zone" - <% for my $slave_ip (qw/108.160.134.135 46.23.94.99/) { %> - notify: <%= $slave_ip %> blowfish.buetow.org - provide-xfr: <%= $slave_ip %> blowfish.buetow.org - <% } -%> <% } %> diff --git a/frontends/var/nsd/zones/master/foo.zone.zone.tpl b/frontends/var/nsd/zones/master/foo.zone.zone.tpl index 173bbd1..8b32144 100644 --- a/frontends/var/nsd/zones/master/foo.zone.zone.tpl +++ b/frontends/var/nsd/zones/master/foo.zone.zone.tpl @@ -12,7 +12,7 @@ $TTL 4h IN MX 10 fishfinger.buetow.org. IN MX 20 blowfish.buetow.org. - 1800 IN A <%= $ips->{current_master}{ipv4} %> - 1800 IN AAAA <%= $ips->{current_master}{ipv6} %> -* 1800 IN CNAME <%= $ips->{current_master}{fqdn} %>. -mirror 1800 IN CNAME <%= $ips->{current_standby}{fqdn} %>. + 1800 IN A <%= $ips->{current_master}{ipv4} %> ; Enable master failover + 1800 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable master failover +* 1800 IN CNAME <%= $ips->{current_master}{fqdn} %>. ; Enable standby failover +mirror 1800 IN CNAME <%= $ips->{current_standby}{fqdn} %>. ; Enable standby failover diff --git a/frontends/var/nsd/zones/master/snonux.foo.zone.tpl b/frontends/var/nsd/zones/master/snonux.foo.zone.tpl index e765cbe..7a316ac 100644 --- a/frontends/var/nsd/zones/master/snonux.foo.zone.tpl +++ b/frontends/var/nsd/zones/master/snonux.foo.zone.tpl @@ -12,7 +12,9 @@ $TTL 4h IN MX 10 fishfinger.buetow.org. IN MX 20 blowfish.buetow.org. - 1800 IN A <%= $ips->{current_master}{ipv4} %> - 1800 IN AAAA <%= $ips->{current_master}{ipv6} %> -* 1800 IN CNAME <%= $ips->{current_master}{fqdn} %>. -mirror 1800 IN CNAME <%= $ips->{current_standby}{fqdn} %>. + 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover + 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover +www 300 IN A <%= $ips->{current_master}{ipv4} %> ; Enable failover +www 300 IN AAAA <%= $ips->{current_master}{ipv6} %> ; Enable failover +mirror 300 IN A <%= $ips->{current_standby}{ipv4} %> ; Enable failover +mirror 300 IN AAAA <%= $ips->{current_standby}{ipv6} %> ; Enable failover |