T12537: Migrate to BIND

https://issue-tracker.miraheze.org/T12537
miraheze · Sep 6, 2024 · 38feae3 · 38feae3
1 parent 631c19c
commit 38feae3
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 24 deletions.
diff --git a/modules/dns/files/check-dns-zones.py b/modules/dns/files/check-dns-zones.py
@@ -0,0 +1,13 @@
+#! /usr/bin/python3
+
+# Loops over all zonefiles and passes them through named-checkzone
+# Exits with error if named-checkzone does
+# Checks are in local mode
+
+import os
+import subprocess
+
+dir = os.fsencode('/etc/bind/zones/')
+for file in os.listdir(dir):
+    filename = os.fsdecode(file)
+    subprocess.run(['/usr/bin/named-checkzone', '-i local', filename, f'/etc/bind/zones/{filename}'], check=True)
diff --git a/modules/dns/manifests/init.pp b/modules/dns/manifests/init.pp
@@ -1,45 +1,43 @@
 # dns
 class dns {
-    include prometheus::exporter::gdnsd
+    # include prometheus::exporter::gdnsd
 
-    package { 'gdnsd':
+    package { 'bind9':
+        ensure  => installed,
+    }
+    package { 'bind9-utils':
         ensure  => installed,
     }
 
     git::clone { 'dns':
         ensure    => latest,
-        directory => '/etc/gdnsd',
+        directory => '/etc/bind',
         origin    => 'https://github.com/miraheze/dns',
         owner     => 'root',
         group     => 'root',
-        before    => Package['gdnsd'],
-        notify    => Exec['gdnsd-syntax'],
+        before    => Package['bind9'],
+        notify    => Exec['bind-syntax'],
     }
 
-    file { '/usr/share/GeoIP/GeoLite2-Country.mmdb':
+    file { '/usr/local/bin/check-dns-zones':
         ensure => present,
-        source => 'puppet:///private/geoip/GeoLite2-Country.mmdb',
-        mode   => '0444',
-        notify => Exec['gdnsd-syntax'],
+        owner  => 'root',
+        group  => 'root',
+        source => 'puppet:///modules/dns/check-dns-zones.py',
+        mode   => '0555',
     }
 
-    exec { 'gdnsd-syntax':
-        command     => '/usr/sbin/gdnsd checkconf',
-        notify      => Service['gdnsd'],
+    exec { 'bind-syntax':
+        command     => '/usr/local/bin/check-dns-zones',
+        notify      => Service['named'],
         refreshonly => true,
     }
 
-    service { 'gdnsd':
+    service { 'named':
         ensure     => running,
         hasrestart => true,
         hasstatus  => true,
-        require    => [ Package['gdnsd'], Exec['gdnsd-syntax'] ],
-    }
-
-    file { '/usr/lib/nagios/plugins/check_gdnsd_datacenters':
-        ensure => present,
-        source => 'puppet:///modules/dns/check_gdnsd_datacenters.py',
-        mode   => '0755',
+        require    => [ Package['bind9'], Exec['bind-syntax'] ],
     }
 
     if ( $facts['networking']['interfaces']['ens19'] and $facts['networking']['interfaces']['ens18'] ) {
@@ -57,8 +55,4 @@
             host     => 'wikitide.net',
         },
     }
-
-    monitoring::nrpe { 'GDNSD Datacenters':
-        command => '/usr/bin/sudo /usr/lib/nagios/plugins/check_gdnsd_datacenters'
-    }
 }