timproved zone configuration: load zones from BIND config files - gitzone - git-based zone management tool for static and dynamic domains HTML git clone https://git.parazyd.org/gitzone DIR Log DIR Files DIR Refs --- DIR commit 3614b92c53ccb4955eaa665a9c264b50bb8ce1ae DIR parent 9eb39b4a8ee29351ffb4f56ffb5fe23e553098a2 HTML Author: tg(x) <*@tg-x.net> Date: Sun, 13 Feb 2011 11:27:16 +0100 improved zone configuration: load zones from BIND config files Diffstat: M bin/gitzone | 22 ++++++++++++++++++++++ M etc/gitzone.conf | 37 +++++++++++++++++++++++-------- 2 files changed, 50 insertions(+), 9 deletions(-) --- DIR diff --git a/bin/gitzone b/bin/gitzone t@@ -58,6 +58,26 @@ sub git { return $_; } +# Load BIND config files specified in the $zones config variable. +# First load the -default key, then the $user key. +sub load_zones_config { + my $u = shift || '-default'; + + for my $f (keys %{$zones->{$u}}) { + next unless $f =~ m,^/, && -f $f; + open FILE, '<', $f or die $!; + while (<FILE>) { + if (/^\s*zone\s+"([^"]+)"/) { + $zones->{$user}->{$1} = $zones->{$u}->{$f}; + } + } + close FILE; + delete $zones->{$u}->{$f} if $u ne '-default'; + } + + load_zones_config($user) if $u eq '-default'; +} + sub process_files { $files{$_} = 0 for (@_); $files{$_} += process_file($_) for keys %files; t@@ -202,6 +222,7 @@ sub pre_receive { $_ = git "diff --raw $old..$new"; $files{$1} = 0 while m,^:(?:[\w.]+\s+){5}([\w./-]+)$,gm; + load_zones_config; process_files; if (@zones) { t@@ -227,6 +248,7 @@ sub post_receive { push @zones, split /[\s\n\r]+/ while <FILE>; close FILE; + load_zones_config; install_zones; print "Done. Don't forget to pull if you use auto increment.\n"; } DIR diff --git a/etc/gitzone.conf b/etc/gitzone.conf t@@ -1,3 +1,10 @@ +# -*- perl -*- +# +# gitzone configuration file +# +# this file is parsed as Perl code and you can use the following variables: +# $user - name of the user gitzone is invoked by + # directory where the zone files are copied to (no trailing slash) # there should be one directory for each user here chowned to the users $zone_dir = "/var/bind"; t@@ -7,11 +14,6 @@ $git = '/usr/bin/git'; $named_checkzone = '/usr/sbin/named-checkzone'; $rndc = '/usr/sbin/rndc'; -# parameters for rndc reload: class & view -$class = 'IN'; -# default view of the zones -$default_view = ''; - # update-record command: 1 = enabled, 0 = disabled $update_record = 1; t@@ -19,10 +21,27 @@ $update_record = 1; $max_depth = 256; # output verbosity (0..3) $verbosity = 0; +#$verbosity = $user eq 'admin' ? 3 : 0; + +# parameters for rndc reload: class & view +$class = 'IN'; +# default view of the zones (optional) +$default_view = ''; -# defines which files in a user's repo can be loaded as zone files, -# you can also define which view a zone belongs to (1 means $default_view) -# basename of the files listed must be identical to the zone name +# Defines which files in a user's repo can be loaded as zone files, +# this is merged with $zones_conf above, values specified here overwrite +# you can also define which view a zone belongs to (1 means $default_view). +# The basename of the files listed must be identical to the zone name. +# If a file name starts with a / it's treated as a BIND config file +# and every zone listed there is allowed for the user. +# The -default key is tried first for every user, then it's merged with the user-specific config. $zones = { -# user1 => { 'example.com' => 1, 'local/example.net' => 'local', }, +# -default => { +# "/etc/bind/users/$user.conf" => 1, # allow every zone from this file, use the default view +# }, +# user1 => { +# '/etc/bind/users/user1-local.conf' => 'local', # allow every zone from this file, use the local view +# 'example.com' => 1, # allow example.com, use the default view +# 'local/example.net' => 'local', # allow example.net, use the local view +# }, }