tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

generate bind configs from LDAP

Browse source
This commit is contained in:
Paavo Pokkinen 2012-04-02 11:41:56 +03:00
parent f400a5817c
commit ec3c4244ad
2 changed files with 134 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

95
dns/files/dnsdump.py Executable file
View file

@ -0,0 +1,95 @@
#!/usr/bin/env python
import re
import sys
import time
import os
import glob
import difflib
from subprocess import Popen, PIPE
# Example templates:
#
# --(A#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(!(cn=*.*.panoulu.local)))--
# --(PTR#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(ipHostNumber=10.40.*.*)(!(cn=*.*.panoulu.local)))--
# --(serial)--
def main():
if len(sys.argv) != 4:
print >>sys.stderr, 'Usage: %s --test/--notest <template_dir> <target_dir>' % sys.argv[0]
sys.exit(1)
for template in glob.glob( os.path.join(sys.argv[2], '*.in')):
infile = open(template, 'r')
input = infile.readlines()
input_string = ""
output = ""
for line in input:
input_string += line
m = re.match('([ \t]*)--(.+)--[ \t]*$', line)
if m is not None:
indent = m.group(1)
if (m.group(2) == "(serial)"):
serial = time.localtime(time.time())
output += '\t\t\t%s\t; serial\n' % (time.strftime("%Y%m%d%H"))
else:
for entry in ldapsearch(m.group(2)):
output += '%s%s\n' % (indent, entry)
else:
output += line
if sys.argv[1] == "--test":
o = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'r')
str = ""
for line in o.readlines():
str += line
o.close()
for a, b in zip(str.splitlines(), output.splitlines()):
if a != b:
if not "serial" in a:
print a,b
sys.exit(1)
else:
outfile = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'w')
outfile.write(output)
outfile.close()
infile.close()
def ldapsearch(f):
filter_list = f.split("#")
type = filter_list[0][1:]
filter = filter_list[1]
p = Popen(['ldapsearch', '-x', '-z', '0', '-LLL', filter, 'cn', 'macAddress', 'ipHostNumber'],
bufsize=1024, stdout=PIPE, close_fds=True)
ret = []
cur = {}
for l in p.stdout.readlines():
l = l.strip()
if l == '':
try:
if (type == "A"):
ret.append('%s.\tA\t%s' % (
cur["cn"], cur["ipHostNumber"]))
elif type == "PTR":
ip_list = cur["ipHostNumber"].split(".")
ret.append('%s.%s.%s.%s.in-addr.arpa.\tPTR\t%s.' % (
ip_list[-1], ip_list[-2], ip_list[-3], ip_list[-4], cur["cn"]))
else:
raise "missing record type"
except KeyError:
print >>sys.stderr, "skipping: %s" % repr(cur)
cur = {}
continue
l = l.split()
if l[0] in ('cn:', 'macAddress:', 'ipHostNumber:'):
cur[l[0][0:-1]] = l[1]
return ret
if __name__ == '__main__':
try:
main()
except KeyboardInterrupt:
sys.exit()

39
dns/manifests/init.pp
View file

@ -173,6 +173,45 @@ class dns::server {
}
}
# Generate named config from LDAP
#
# Usage:
#
# Put templates you want to generate to master.in directory.
# See dnsdump.py for example template tags.
class dns::server::ldap inherits dns::server {
include ldap::client::python
file { "/usr/local/sbin/dnsdump.py":
ensure => present,
source => "puppet:///modules/dns/dnsdump.py",
mode => 0755,
owner => root,
group => $operatingsystem ? {
OpenBSD => wheel,
default => root,
},
}
file { "/var/named/master.in":
ensure => directory,
source => "puppet:///files/dns/master.in",
recurse => true,
mode => 0755,
owner => root,
purge => true,
}
exec { "generate-dns-conf":
path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
command => "dnsdump.py --notest /var/named/master.in /var/named/master",
require => File["/usr/local/sbin/dnsdump.py"],
unless => "dnsdump.py --test /var/named/master.in /var/named/master",
notify => Service["named"]
}
}
# Configure DNS zone.
#