pmcf 2.63.2 → 2.64.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/network-address.mjs +12 -1
- package/src/services/bind.mjs +70 -60
- package/types/host.d.mts +1 -1
- package/types/network-address.d.mts +13 -1
- package/types/services/bind.d.mts +7 -8
package/package.json
CHANGED
package/src/network-address.mjs
CHANGED
|
@@ -33,11 +33,22 @@ export class NetworkAddress {
|
|
|
33
33
|
}
|
|
34
34
|
}
|
|
35
35
|
|
|
36
|
+
/**
|
|
37
|
+
*
|
|
38
|
+
* @param {Iterable<Owner|string>} sources
|
|
39
|
+
* @param {Object} options
|
|
40
|
+
* @param {boolean} options.aggregate
|
|
41
|
+
* @param {Object} options.filter
|
|
42
|
+
* @returns {Iterable<string>} addresses
|
|
43
|
+
*/
|
|
36
44
|
export function addresses(sources, options) {
|
|
37
45
|
return [
|
|
38
46
|
...new Set(
|
|
39
47
|
[...sources]
|
|
40
48
|
.map(s => {
|
|
49
|
+
if(typeof s === "string") {
|
|
50
|
+
return s;
|
|
51
|
+
}
|
|
41
52
|
if (options?.aggregate && s instanceof Owner && s.subnets) {
|
|
42
53
|
return [...s.subnets()];
|
|
43
54
|
}
|
|
@@ -47,7 +58,7 @@ export function addresses(sources, options) {
|
|
|
47
58
|
: s;
|
|
48
59
|
})
|
|
49
60
|
.flat()
|
|
50
|
-
.map(object => decodeIP(object.address))
|
|
61
|
+
.map(object => typeof object === "string" ? object : decodeIP(object.address))
|
|
51
62
|
)
|
|
52
63
|
];
|
|
53
64
|
}
|
package/src/services/bind.mjs
CHANGED
|
@@ -41,7 +41,7 @@ const BindServiceTypeDefinition = {
|
|
|
41
41
|
writeable: true
|
|
42
42
|
},
|
|
43
43
|
protected: { type: address_types, collection: true, writeable: true },
|
|
44
|
-
|
|
44
|
+
internal: { type: address_types, collection: true, writeable: true },
|
|
45
45
|
hasSVRRecords: {
|
|
46
46
|
type: "boolean",
|
|
47
47
|
collection: false,
|
|
@@ -123,8 +123,6 @@ export class BindService extends ExtraSourceService {
|
|
|
123
123
|
notify = true;
|
|
124
124
|
_addresses = [];
|
|
125
125
|
_trusted = [];
|
|
126
|
-
_protected = [];
|
|
127
|
-
_open = [];
|
|
128
126
|
_exclude = new Set([]);
|
|
129
127
|
_excludeInterfaceKinds = new Set();
|
|
130
128
|
|
|
@@ -144,11 +142,24 @@ export class BindService extends ExtraSourceService {
|
|
|
144
142
|
|
|
145
143
|
constructor(owner, data) {
|
|
146
144
|
super(owner, data);
|
|
145
|
+
|
|
146
|
+
this.views = {};
|
|
147
|
+
|
|
148
|
+
for (const name of ["internal", "protected"]) {
|
|
149
|
+
this.views[name] = {
|
|
150
|
+
name,
|
|
151
|
+
access: []
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
|
|
155
|
+
this.views.protected.inView = this.views.internal;
|
|
156
|
+
this.views.protected.access = ["!internal"];
|
|
157
|
+
|
|
147
158
|
this.read(data, BindServiceTypeDefinition);
|
|
148
159
|
}
|
|
149
160
|
|
|
150
161
|
get type() {
|
|
151
|
-
return "dns";
|
|
162
|
+
return "dns";
|
|
152
163
|
}
|
|
153
164
|
|
|
154
165
|
endpoints(filter) {
|
|
@@ -179,27 +190,27 @@ export class BindService extends ExtraSourceService {
|
|
|
179
190
|
}
|
|
180
191
|
|
|
181
192
|
set protected(value) {
|
|
182
|
-
this.
|
|
193
|
+
this.views.protected.access.push(value);
|
|
183
194
|
}
|
|
184
195
|
|
|
185
196
|
get protected() {
|
|
186
|
-
return this.
|
|
197
|
+
return this.views.protected.access;
|
|
187
198
|
}
|
|
188
199
|
|
|
189
|
-
set
|
|
190
|
-
this.
|
|
200
|
+
set internal(value) {
|
|
201
|
+
this.views.internal.access.push(value);
|
|
191
202
|
}
|
|
192
203
|
|
|
193
|
-
get
|
|
194
|
-
return this.
|
|
204
|
+
get internal() {
|
|
205
|
+
return this.views.internal.access;
|
|
195
206
|
}
|
|
196
207
|
|
|
197
|
-
set
|
|
198
|
-
this.
|
|
208
|
+
set trusted(value) {
|
|
209
|
+
this._trusted.push(value);
|
|
199
210
|
}
|
|
200
211
|
|
|
201
|
-
get
|
|
202
|
-
return this.
|
|
212
|
+
get trusted() {
|
|
213
|
+
return this._trusted;
|
|
203
214
|
}
|
|
204
215
|
|
|
205
216
|
set exclude(value) {
|
|
@@ -249,21 +260,20 @@ export class BindService extends ExtraSourceService {
|
|
|
249
260
|
);
|
|
250
261
|
}
|
|
251
262
|
|
|
252
|
-
const acls =
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
].flat();
|
|
263
|
+
const acls = addressesStatement(
|
|
264
|
+
"acl trusted",
|
|
265
|
+
addresses(this.trusted, { aggregate: true })
|
|
266
|
+
);
|
|
267
|
+
|
|
268
|
+
for (const view of Object.values(this.views)) {
|
|
269
|
+
acls.push(
|
|
270
|
+
...addressesStatement(
|
|
271
|
+
`acl ${view.name}`,
|
|
272
|
+
addresses(view.access, { aggregate: true }),
|
|
273
|
+
true
|
|
274
|
+
)
|
|
275
|
+
);
|
|
276
|
+
}
|
|
267
277
|
|
|
268
278
|
if (acls.length) {
|
|
269
279
|
await writeLines(
|
|
@@ -283,7 +293,6 @@ export class BindService extends ExtraSourceService {
|
|
|
283
293
|
name: `named-zones-${name}`,
|
|
284
294
|
description: `zone definitions for ${names}`,
|
|
285
295
|
dependencies: ["mf-named"],
|
|
286
|
-
replaces: ["mf-named-zones"],
|
|
287
296
|
access: "private",
|
|
288
297
|
hooks: {}
|
|
289
298
|
};
|
|
@@ -312,7 +321,6 @@ export class BindService extends ExtraSourceService {
|
|
|
312
321
|
packageData.properties = {
|
|
313
322
|
name: `named-zones-${name}-OUTFACING`,
|
|
314
323
|
description: `outfacing zone definitions for ${names}`,
|
|
315
|
-
replaces: [`named-foreign-zones-${name}`, `named-zones-${name}-FOREIGN`],
|
|
316
324
|
access: "private",
|
|
317
325
|
hooks: {}
|
|
318
326
|
};
|
|
@@ -341,7 +349,9 @@ export class BindService extends ExtraSourceService {
|
|
|
341
349
|
|
|
342
350
|
for (const source of sources) {
|
|
343
351
|
for (const host of source.hosts()) {
|
|
344
|
-
configs.push(
|
|
352
|
+
configs.push(
|
|
353
|
+
...this.outfacingZones(host, this.views.internal, this.defaultRecords)
|
|
354
|
+
);
|
|
345
355
|
}
|
|
346
356
|
}
|
|
347
357
|
|
|
@@ -378,7 +388,9 @@ export class BindService extends ExtraSourceService {
|
|
|
378
388
|
const reverseZones = new Map();
|
|
379
389
|
|
|
380
390
|
const config = {
|
|
391
|
+
view: this.views.internal,
|
|
381
392
|
name: `${domain}.zone.conf`,
|
|
393
|
+
type: "master",
|
|
382
394
|
zones: []
|
|
383
395
|
};
|
|
384
396
|
configs.push(config);
|
|
@@ -394,7 +406,9 @@ export class BindService extends ExtraSourceService {
|
|
|
394
406
|
|
|
395
407
|
if (this.hasCatalog) {
|
|
396
408
|
const catalogConfig = {
|
|
409
|
+
view: this.views.internal,
|
|
397
410
|
name: `catalog.${domain}.zone.conf`,
|
|
411
|
+
type: "master",
|
|
398
412
|
zones: []
|
|
399
413
|
};
|
|
400
414
|
configs.push(catalogConfig);
|
|
@@ -500,6 +514,12 @@ export class BindService extends ExtraSourceService {
|
|
|
500
514
|
}
|
|
501
515
|
}
|
|
502
516
|
}
|
|
517
|
+
configs.push({
|
|
518
|
+
view: this.views.protected,
|
|
519
|
+
inView: this.views.protected.inView,
|
|
520
|
+
name: config.name,
|
|
521
|
+
zones: config.zones
|
|
522
|
+
});
|
|
503
523
|
}
|
|
504
524
|
}
|
|
505
525
|
|
|
@@ -508,7 +528,7 @@ export class BindService extends ExtraSourceService {
|
|
|
508
528
|
return packageData;
|
|
509
529
|
}
|
|
510
530
|
|
|
511
|
-
outfacingZones(host, records) {
|
|
531
|
+
outfacingZones(host, view, records) {
|
|
512
532
|
return host.foreignDomainNames.map(domain => {
|
|
513
533
|
const zone = {
|
|
514
534
|
id: domain,
|
|
@@ -516,7 +536,9 @@ export class BindService extends ExtraSourceService {
|
|
|
516
536
|
records: new Set(records)
|
|
517
537
|
};
|
|
518
538
|
const config = {
|
|
539
|
+
view,
|
|
519
540
|
name: `${domain}.zone.conf`,
|
|
541
|
+
type: "master",
|
|
520
542
|
zones: [zone]
|
|
521
543
|
};
|
|
522
544
|
|
|
@@ -553,10 +575,9 @@ export class BindService extends ExtraSourceService {
|
|
|
553
575
|
|
|
554
576
|
async writeZones(packageData, configs) {
|
|
555
577
|
for (const config of configs) {
|
|
556
|
-
console.log(`config: ${config.name}`);
|
|
578
|
+
console.log(`config: ${config.view.name}/${config.name}`);
|
|
557
579
|
|
|
558
580
|
const content = [];
|
|
559
|
-
const openContent = [];
|
|
560
581
|
|
|
561
582
|
for (const zone of config.zones) {
|
|
562
583
|
console.log(` file: ${zone.file}`);
|
|
@@ -573,25 +594,22 @@ export class BindService extends ExtraSourceService {
|
|
|
573
594
|
}
|
|
574
595
|
|
|
575
596
|
content.push(`zone \"${zone.id}\" {`);
|
|
576
|
-
content.push(` type master;`);
|
|
577
|
-
content.push(` file \"${zone.file}\";`);
|
|
578
597
|
|
|
579
|
-
|
|
580
|
-
`
|
|
581
|
-
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
`zone \"${zone.id}\" {`,
|
|
591
|
-
` in-view protected;`,
|
|
592
|
-
"};"
|
|
598
|
+
if (config.inView) {
|
|
599
|
+
content.push(` in-view ${config.inView.name};`);
|
|
600
|
+
} else {
|
|
601
|
+
content.push(` type ${config.type};`);
|
|
602
|
+
content.push(` file \"${zone.file}\";`);
|
|
603
|
+
content.push(
|
|
604
|
+
` allow-update { ${
|
|
605
|
+
this.allowedUpdates.length
|
|
606
|
+
? this.allowedUpdates.join(";")
|
|
607
|
+
: "none"
|
|
608
|
+
}; };`
|
|
593
609
|
);
|
|
610
|
+
content.push(` notify ${this.notify ? "yes" : "no"};`);
|
|
594
611
|
}
|
|
612
|
+
content.push(`};`, "");
|
|
595
613
|
|
|
596
614
|
let maxKeyLength = 0;
|
|
597
615
|
for (const r of zone.records) {
|
|
@@ -610,18 +628,10 @@ export class BindService extends ExtraSourceService {
|
|
|
610
628
|
}
|
|
611
629
|
|
|
612
630
|
await writeLines(
|
|
613
|
-
join(packageData.dir,
|
|
631
|
+
join(packageData.dir, `etc/named/${config.view.name}`),
|
|
614
632
|
config.name,
|
|
615
633
|
content
|
|
616
634
|
);
|
|
617
|
-
|
|
618
|
-
if (openContent.length) {
|
|
619
|
-
await writeLines(
|
|
620
|
-
join(packageData.dir, "etc/named/open"),
|
|
621
|
-
config.name,
|
|
622
|
-
openContent
|
|
623
|
-
);
|
|
624
|
-
}
|
|
625
635
|
}
|
|
626
636
|
}
|
|
627
637
|
}
|
package/types/host.d.mts
CHANGED
|
@@ -241,7 +241,7 @@ export class Host extends ServiceOwner {
|
|
|
241
241
|
get networkInterfaces(): Map<any, any>;
|
|
242
242
|
networkAddresses(filter: any): Generator<any, void, any>;
|
|
243
243
|
get address(): any;
|
|
244
|
-
get addresses():
|
|
244
|
+
get addresses(): Iterable<string>;
|
|
245
245
|
get subnets(): Set<any>;
|
|
246
246
|
publicKey(type?: string): Promise<string>;
|
|
247
247
|
preparePackages(dir: any): AsyncGenerator<{
|
|
@@ -1,4 +1,15 @@
|
|
|
1
|
-
|
|
1
|
+
/**
|
|
2
|
+
*
|
|
3
|
+
* @param {Iterable<Owner|string>} sources
|
|
4
|
+
* @param {Object} options
|
|
5
|
+
* @param {boolean} options.aggregate
|
|
6
|
+
* @param {Object} options.filter
|
|
7
|
+
* @returns {Iterable<string>} addresses
|
|
8
|
+
*/
|
|
9
|
+
export function addresses(sources: Iterable<Owner | string>, options: {
|
|
10
|
+
aggregate: boolean;
|
|
11
|
+
filter: any;
|
|
12
|
+
}): Iterable<string>;
|
|
2
13
|
export function cidrAddresses(networkAddresses: any): any[];
|
|
3
14
|
/**
|
|
4
15
|
*
|
|
@@ -13,4 +24,5 @@ export class NetworkAddress {
|
|
|
13
24
|
get cidrAddress(): any;
|
|
14
25
|
toString(): string;
|
|
15
26
|
}
|
|
27
|
+
import { Owner } from "pmcf";
|
|
16
28
|
import { Subnet } from "./subnet.mjs";
|
|
@@ -269,7 +269,7 @@ export class BindService extends ExtraSourceService {
|
|
|
269
269
|
collection: boolean;
|
|
270
270
|
writeable: boolean;
|
|
271
271
|
};
|
|
272
|
-
|
|
272
|
+
internal: {
|
|
273
273
|
type: string[];
|
|
274
274
|
collection: boolean;
|
|
275
275
|
writeable: boolean;
|
|
@@ -360,8 +360,6 @@ export class BindService extends ExtraSourceService {
|
|
|
360
360
|
notify: boolean;
|
|
361
361
|
_addresses: any[];
|
|
362
362
|
_trusted: any[];
|
|
363
|
-
_protected: any[];
|
|
364
|
-
_open: any[];
|
|
365
363
|
_exclude: Set<any>;
|
|
366
364
|
_excludeInterfaceKinds: Set<any>;
|
|
367
365
|
serial: number;
|
|
@@ -369,15 +367,16 @@ export class BindService extends ExtraSourceService {
|
|
|
369
367
|
retry: number;
|
|
370
368
|
expire: number;
|
|
371
369
|
minimum: number;
|
|
370
|
+
views: {};
|
|
372
371
|
get soaUpdates(): number[];
|
|
373
372
|
set addresses(value: any[]);
|
|
374
373
|
get addresses(): any[];
|
|
375
|
-
set protected(value: any
|
|
376
|
-
get protected(): any
|
|
374
|
+
set protected(value: any);
|
|
375
|
+
get protected(): any;
|
|
376
|
+
set internal(value: any);
|
|
377
|
+
get internal(): any;
|
|
377
378
|
set trusted(value: any[]);
|
|
378
379
|
get trusted(): any[];
|
|
379
|
-
set open(value: any[]);
|
|
380
|
-
get open(): any[];
|
|
381
380
|
set exclude(value: Set<any>);
|
|
382
381
|
get exclude(): Set<any>;
|
|
383
382
|
set excludeInterfaceKinds(value: Set<any>);
|
|
@@ -385,7 +384,7 @@ export class BindService extends ExtraSourceService {
|
|
|
385
384
|
preparePackages(dir: any): AsyncGenerator<any, void, unknown>;
|
|
386
385
|
generateOutfacingDefs(sources: any, packageData: any): Promise<any>;
|
|
387
386
|
generateZoneDefs(sources: any, packageData: any): Promise<any>;
|
|
388
|
-
outfacingZones(host: any, records: any): any;
|
|
387
|
+
outfacingZones(host: any, view: any, records: any): any;
|
|
389
388
|
get defaultRecords(): {
|
|
390
389
|
type: any;
|
|
391
390
|
key: any;
|