palletjack-tools 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/exe/palletjack2unbound +120 -59
- metadata +6 -29
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- metadata.gz.sig +0 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 443662d2e6f9f483d2de9d2305340e50656ae500
|
4
|
+
data.tar.gz: ffa79a21b570f12fdbb1f5ff4ff4c494f44cde4e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 97879673f71ef8f1f2ec8f643988a7145e0ec508675aa72d62c77b2756ad0cc1204355d88492d90c451034fe6209db1a6b6be890aab18e22788e2bbe707c0173
|
7
|
+
data.tar.gz: ad68602d2ff0ba2cc16ed4c319db333e01abbb7003df90d313d20022618c8930ca536a51b0a55dcef670b1559124616b8299180687eaa78542ba11b7379ecc7d
|
data/exe/palletjack2unbound
CHANGED
@@ -15,8 +15,76 @@
|
|
15
15
|
|
16
16
|
require 'palletjack/tool'
|
17
17
|
require 'ip'
|
18
|
+
require 'resolv'
|
18
19
|
|
19
20
|
class PalletJack2Unbound < PalletJack::Tool
|
21
|
+
|
22
|
+
# Representation of a stub zone configuration for Unbound
|
23
|
+
|
24
|
+
class StubZone
|
25
|
+
|
26
|
+
# :call-seq:
|
27
|
+
# new(TOOL, ZONE, AUTH-NS, ...)
|
28
|
+
# new(TOOL, ZONE, AUTH-NS, ..., transparent: true)
|
29
|
+
#
|
30
|
+
# If the +transparent+ option is true, it represents
|
31
|
+
# a <tt>local-zone ... transparent</tt>, declaration to
|
32
|
+
# override the builtin RFC1918 blocking in unbound.
|
33
|
+
|
34
|
+
def initialize(zone, *stub_addrs, transparent: false)
|
35
|
+
raise ArgumentError.new if stub_addrs.empty?
|
36
|
+
|
37
|
+
@tool = PalletJack2Unbound.instance
|
38
|
+
@zone = zone
|
39
|
+
@stub_addrs = stub_addrs
|
40
|
+
@transparent = transparent
|
41
|
+
end
|
42
|
+
|
43
|
+
# Write a stub-zone declaration to a file in conf.d/
|
44
|
+
|
45
|
+
def output
|
46
|
+
@tool.config_file :conf_dir, "#{@zone}.conf" do |stubfile|
|
47
|
+
stubfile << @tool.git_header('palletjack2unbound')
|
48
|
+
stubfile << "
|
49
|
+
stub-zone:
|
50
|
+
name: #{@zone}\n"
|
51
|
+
|
52
|
+
@stub_addrs.each do |addr|
|
53
|
+
stubfile << " stub-addr: #{addr}\n"
|
54
|
+
end
|
55
|
+
|
56
|
+
if @transparent then
|
57
|
+
stubfile << "\nserver:\n local-zone: \"#{@zone}\" transparent\n"
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
# Representation of a service wide configuration for Unbound
|
64
|
+
|
65
|
+
class UnboundConfig
|
66
|
+
def initialize(service_name)
|
67
|
+
@tool = PalletJack2Unbound.instance
|
68
|
+
@service_name = service_name
|
69
|
+
@service_config = @tool.jack.fetch(kind:'service', name: @service_name)
|
70
|
+
end
|
71
|
+
|
72
|
+
# Generate unbound service configuration
|
73
|
+
|
74
|
+
def output
|
75
|
+
@tool.config_file :local_dir, "#{@service_name}.conf" do |configfile|
|
76
|
+
configfile << @tool.git_header('palletjack2unbound')
|
77
|
+
@service_config["service.unbound.server"].each do |config|
|
78
|
+
config.each do |key, value|
|
79
|
+
configfile << "#{key}: #{value}\n"
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
# Setup command line options parser
|
87
|
+
|
20
88
|
def parse_options(opts)
|
21
89
|
opts.banner =
|
22
90
|
"Usage: #{$PROGRAM_NAME} -w <warehouse> -s <service> -o <output directory>
|
@@ -42,30 +110,6 @@ E.g.
|
|
42
110
|
required_option :service
|
43
111
|
end
|
44
112
|
|
45
|
-
# Write a stub-zone declaration to a file in conf.d/
|
46
|
-
# If the +transparent+ option is true, also write
|
47
|
-
# a local-zone ... transparent, declaration e.g. to
|
48
|
-
# override the builtin RFC1918 blocking in unbound.
|
49
|
-
|
50
|
-
def stub_zone(zone, stub_addrs, transparent: false)
|
51
|
-
return if stub_addrs.empty?
|
52
|
-
|
53
|
-
config_file :conf_dir, "#{zone}.conf" do |stubfile|
|
54
|
-
stubfile << git_header('palletjack2unbound')
|
55
|
-
stubfile << "
|
56
|
-
stub-zone:
|
57
|
-
name: #{zone}\n"
|
58
|
-
|
59
|
-
stub_addrs.each do |addr|
|
60
|
-
stubfile << " stub-addr: #{addr}\n"
|
61
|
-
end
|
62
|
-
|
63
|
-
if transparent then
|
64
|
-
stubfile << "\nserver:\n local-zone: \"#{zone}\" transparent\n"
|
65
|
-
end
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
113
|
# Check if +ip+ belongs to some RFC1918 network
|
70
114
|
|
71
115
|
def rfc1918?(ip)
|
@@ -75,55 +119,72 @@ stub-zone:
|
|
75
119
|
rfc1918_nets.any? {|net| ip.is_in?(net)}
|
76
120
|
end
|
77
121
|
|
78
|
-
#
|
122
|
+
# Processing stage for stub zones
|
123
|
+
|
124
|
+
def process_stub_zones
|
125
|
+
@stub_zones = []
|
126
|
+
|
127
|
+
jack.each(kind:'domain') do |domain|
|
128
|
+
zone = domain['net.dns.domain']
|
129
|
+
stub_addrs = []
|
79
130
|
|
80
|
-
|
81
|
-
|
131
|
+
domain['net.dns.ns'].each do |ns|
|
132
|
+
nsname = Resolv::DNS::Name.create(ns)
|
133
|
+
nsname =
|
134
|
+
Resolv::DNS::Name.create("#{ns}.#{zone}.") unless nsname.absolute?
|
82
135
|
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
config.each do |key, value|
|
87
|
-
configfile << "#{key}: #{value}\n"
|
136
|
+
jack.each(kind:'ipv4_interface',
|
137
|
+
all?:{'net.dns.fqdn' => nsname.to_s}) do |ipv4|
|
138
|
+
stub_addrs << ipv4['net.ipv4.address']
|
88
139
|
end
|
89
140
|
end
|
90
|
-
end
|
91
|
-
end
|
92
|
-
end
|
93
141
|
|
94
|
-
|
95
|
-
config_dir :conf_dir
|
96
|
-
config_dir :local_dir
|
142
|
+
@stub_zones << StubZone.new(zone, *stub_addrs)
|
97
143
|
|
98
|
-
|
99
|
-
zone = domain['net.dns.domain']
|
100
|
-
stub_addrs = []
|
144
|
+
next unless domain['net.ipv4.cidr']
|
101
145
|
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
146
|
+
# Assume all delegations happen on octet boundaries for now.
|
147
|
+
# TODO: RFC 2317 classless in-addr.arpa delegation
|
148
|
+
|
149
|
+
ip_net = IP.new(domain['net.ipv4.cidr'])
|
150
|
+
reverse_zone = ip_net.to_arpa
|
151
|
+
prefix_octets, _ = domain['net.ipv4.prefixlen'].to_i.divmod(8)
|
152
|
+
reverse_zone =
|
153
|
+
ip_net.to_arpa.split('.')[-(2 + prefix_octets) .. 5].join('.')
|
154
|
+
|
155
|
+
# Make the same assumption that palletjack2knot does;
|
156
|
+
# reverse delegations are made to the same nameserver
|
157
|
+
# as forward delegations.
|
158
|
+
|
159
|
+
@stub_zones << StubZone.new(reverse_zone, *stub_addrs,
|
160
|
+
transparent: rfc1918?(ip_net))
|
106
161
|
end
|
162
|
+
end
|
163
|
+
|
164
|
+
# Processing stage for global service configuration
|
107
165
|
|
108
|
-
|
166
|
+
def process_service_config
|
167
|
+
@unbound_config = UnboundConfig.new(options[:service])
|
168
|
+
end
|
109
169
|
|
110
|
-
|
170
|
+
# Main processing stage
|
111
171
|
|
112
|
-
|
113
|
-
|
172
|
+
def process
|
173
|
+
process_stub_zones
|
174
|
+
process_service_config
|
175
|
+
end
|
114
176
|
|
115
|
-
|
116
|
-
reverse_zone = ip_net.to_arpa
|
117
|
-
prefix_octets, _ = domain['net.ipv4.prefixlen'].to_i.divmod(8)
|
118
|
-
reverse_zone =
|
119
|
-
ip_net.to_arpa.split('.')[-(2 + prefix_octets) .. 5].join('.')
|
177
|
+
# Config file output stage
|
120
178
|
|
121
|
-
|
122
|
-
|
123
|
-
|
179
|
+
def output
|
180
|
+
config_dir :conf_dir
|
181
|
+
config_dir :local_dir
|
124
182
|
|
125
|
-
stub_zone
|
183
|
+
@stub_zones.each {|stub_zone| stub_zone.output }
|
184
|
+
@unbound_config.output
|
126
185
|
end
|
186
|
+
end
|
127
187
|
|
128
|
-
|
188
|
+
if PalletJack2Unbound.standalone?(__FILE__)
|
189
|
+
PalletJack2Unbound.run
|
129
190
|
end
|
metadata
CHANGED
@@ -1,37 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: palletjack-tools
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Karl-Johan Karlsson
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
|
-
cert_chain:
|
11
|
-
-
|
12
|
-
-----BEGIN CERTIFICATE-----
|
13
|
-
MIIDljCCAn6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBIMRYwFAYDVQQDDA1jYWxs
|
14
|
-
ZS5lbmdsdW5kMRkwFwYKCZImiZPyLGQBGRYJc2FhYmdyb3VwMRMwEQYKCZImiZPy
|
15
|
-
LGQBGRYDY29tMB4XDTE2MTEwMjA5MjYyN1oXDTE3MTEwMjA5MjYyN1owSDEWMBQG
|
16
|
-
A1UEAwwNY2FsbGUuZW5nbHVuZDEZMBcGCgmSJomT8ixkARkWCXNhYWJncm91cDET
|
17
|
-
MBEGCgmSJomT8ixkARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
|
18
|
-
ggEBAM7OxaztzD0LyOwK1mPcg3BhioX1EDVbD/qAFOAzBSGGlAhtmHMqAkyvJMvs
|
19
|
-
iiG7xvBidWUapxiEiBwamXiOTSrp2eW+XSXW9omdWHXjBZcwHqwb1VmAlYRDkSHf
|
20
|
-
dzcM/z4xlV+DJw/pFyMRWzqNdVBtWTbVXAFGjJSqQ6q21ACYJldV9U71AIpXo+oF
|
21
|
-
VEMf6PZS2uhB1G+FgAtnX/xmy7OM1Cy3qc/CaJbWSddpegxWJMUn2HNQxFwIe40g
|
22
|
-
WoEoiFA7qQg9DnR/5i3lW6QyfIaA5k9cv2su1VyjqKLbkFTTTjYw0P1BJmvfXjtc
|
23
|
-
rMl+3HCWYj6UunZwfZi2wDGsBkkCAwEAAaOBijCBhzAJBgNVHRMEAjAAMAsGA1Ud
|
24
|
-
DwQEAwIEsDAdBgNVHQ4EFgQUwHCMEKgrIMaiTkTVLKZn6yOD1SIwJgYDVR0RBB8w
|
25
|
-
HYEbY2FsbGUuZW5nbHVuZEBzYWFiZ3JvdXAuY29tMCYGA1UdEgQfMB2BG2NhbGxl
|
26
|
-
LmVuZ2x1bmRAc2FhYmdyb3VwLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAP9OnE0jP
|
27
|
-
2vRHI/vnOkgCvLFNoOqK/YB4yDVVW69Pza+xIXcmUBvl7DQ+bBdF5AK0B1A7U0rp
|
28
|
-
Pbdj0bpQtWxmUmMIbnE1w6iuVCXAabsyUfHY4mlztToWXMVOXc1SPlJ/S2XXaRd5
|
29
|
-
fiNj/nBTb0YTQA0E4pZ0Aud80qZ2WLdc6FfzHUEMW91BL3bhLeDL40noHK5Lvk52
|
30
|
-
phzVHIrDjCowUMTnGiPZCXEo4KZW76KwYYV6oQ6LzcrYBw5mJ4XpdgQKZgnTnRBP
|
31
|
-
f8wtQllq82VF0AXUYeLtTh1f+DW3WW5BO1e2OCu5eOV7dbyaVPaNK/+rHjCN8kM/
|
32
|
-
DGZSwUoNADmVkQ==
|
33
|
-
-----END CERTIFICATE-----
|
34
|
-
date: 2016-11-02 00:00:00.000000000 Z
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-11-10 00:00:00.000000000 Z
|
35
12
|
dependencies:
|
36
13
|
- !ruby/object:Gem::Dependency
|
37
14
|
name: palletjack
|
@@ -39,14 +16,14 @@ dependencies:
|
|
39
16
|
requirements:
|
40
17
|
- - '='
|
41
18
|
- !ruby/object:Gem::Version
|
42
|
-
version: 0.1.
|
19
|
+
version: 0.1.3
|
43
20
|
type: :runtime
|
44
21
|
prerelease: false
|
45
22
|
version_requirements: !ruby/object:Gem::Requirement
|
46
23
|
requirements:
|
47
24
|
- - '='
|
48
25
|
- !ruby/object:Gem::Version
|
49
|
-
version: 0.1.
|
26
|
+
version: 0.1.3
|
50
27
|
- !ruby/object:Gem::Dependency
|
51
28
|
name: dns-zone
|
52
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -193,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
193
170
|
version: '0'
|
194
171
|
requirements: []
|
195
172
|
rubyforge_project:
|
196
|
-
rubygems_version: 2.
|
173
|
+
rubygems_version: 2.4.8
|
197
174
|
signing_key:
|
198
175
|
specification_version: 4
|
199
176
|
summary: Tools for the Pallet Jack Lightweight Configuration Management Database
|
checksums.yaml.gz.sig
DELETED
Binary file
|
data.tar.gz.sig
DELETED
Binary file
|
metadata.gz.sig
DELETED