summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortg(x) <*@tg-x.net>2011-02-13 10:27:16 (GMT)
committer tg(x) <*@tg-x.net>2013-06-05 15:58:40 (GMT)
commit3614b92c53ccb4955eaa665a9c264b50bb8ce1ae (patch)
treeedb07abaad9dffa963b28f133afbe4d7c165cab8
parent9eb39b4a8ee29351ffb4f56ffb5fe23e553098a2 (diff)
improved zone configuration: load zones from BIND config files
-rwxr-xr-xbin/gitzone22
-rw-r--r--etc/gitzone.conf37
2 files changed, 50 insertions, 9 deletions
diff --git a/bin/gitzone b/bin/gitzone
index 05c7f7d..c987248 100755
--- a/bin/gitzone
+++ b/bin/gitzone
@@ -58,6 +58,26 @@ sub git {
return $_;
}
+# Load BIND config files specified in the $zones config variable.
+# First load the -default key, then the $user key.
+sub load_zones_config {
+ my $u = shift || '-default';
+
+ for my $f (keys %{$zones->{$u}}) {
+ next unless $f =~ m,^/, && -f $f;
+ open FILE, '<', $f or die $!;
+ while (<FILE>) {
+ if (/^\s*zone\s+"([^"]+)"/) {
+ $zones->{$user}->{$1} = $zones->{$u}->{$f};
+ }
+ }
+ close FILE;
+ delete $zones->{$u}->{$f} if $u ne '-default';
+ }
+
+ load_zones_config($user) if $u eq '-default';
+}
+
sub process_files {
$files{$_} = 0 for (@_);
$files{$_} += process_file($_) for keys %files;
@@ -202,6 +222,7 @@ sub pre_receive {
$_ = git "diff --raw $old..$new";
$files{$1} = 0 while m,^:(?:[\w.]+\s+){5}([\w./-]+)$,gm;
+ load_zones_config;
process_files;
if (@zones) {
@@ -227,6 +248,7 @@ sub post_receive {
push @zones, split /[\s\n\r]+/ while <FILE>;
close FILE;
+ load_zones_config;
install_zones;
print "Done. Don't forget to pull if you use auto increment.\n";
}
diff --git a/etc/gitzone.conf b/etc/gitzone.conf
index 3c101a1..e8556d1 100644
--- a/etc/gitzone.conf
+++ b/etc/gitzone.conf
@@ -1,3 +1,10 @@
+# -*- perl -*-
+#
+# gitzone configuration file
+#
+# this file is parsed as Perl code and you can use the following variables:
+# $user - name of the user gitzone is invoked by
+
# directory where the zone files are copied to (no trailing slash)
# there should be one directory for each user here chowned to the users
$zone_dir = "/var/bind";
@@ -7,11 +14,6 @@ $git = '/usr/bin/git';
$named_checkzone = '/usr/sbin/named-checkzone';
$rndc = '/usr/sbin/rndc';
-# parameters for rndc reload: class & view
-$class = 'IN';
-# default view of the zones
-$default_view = '';
-
# update-record command: 1 = enabled, 0 = disabled
$update_record = 1;
@@ -19,10 +21,27 @@ $update_record = 1;
$max_depth = 256;
# output verbosity (0..3)
$verbosity = 0;
+#$verbosity = $user eq 'admin' ? 3 : 0;
+
+# parameters for rndc reload: class & view
+$class = 'IN';
+# default view of the zones (optional)
+$default_view = '';
-# defines which files in a user's repo can be loaded as zone files,
-# you can also define which view a zone belongs to (1 means $default_view)
-# basename of the files listed must be identical to the zone name
+# Defines which files in a user's repo can be loaded as zone files,
+# this is merged with $zones_conf above, values specified here overwrite
+# you can also define which view a zone belongs to (1 means $default_view).
+# The basename of the files listed must be identical to the zone name.
+# If a file name starts with a / it's treated as a BIND config file
+# and every zone listed there is allowed for the user.
+# The -default key is tried first for every user, then it's merged with the user-specific config.
$zones = {
-# user1 => { 'example.com' => 1, 'local/example.net' => 'local', },
+# -default => {
+# "/etc/bind/users/$user.conf" => 1, # allow every zone from this file, use the default view
+# },
+# user1 => {
+# '/etc/bind/users/user1-local.conf' => 'local', # allow every zone from this file, use the local view
+# 'example.com' => 1, # allow example.com, use the default view
+# 'local/example.net' => 'local', # allow example.net, use the local view
+# },
}