Building of named.conf

Lets assume: We have added two domains (for example: zone1.com and zone2.com) to maintains domain-list. Now, if maintains backend receives a build dns config call, it should do four essential things (based on a boolean-based build_dns.cfg-parameter like bind_zonetransfer = true/false so that the admin has the ability to activate/deactivate it) additionally:

1. Build a simple named.conf, that tells every BIND, which zones it manages (example):

server w.x.y.z {

request-ixfr no;

};

zone "zone1.com" IN {

type slave;

file "/var/named/zone1.com";

masters { w.x.y.z; }; //master is tinydns

};

zone "zone2.com" IN {

type slave;

file "/var/named/zone2.com";

masters { w.x.y.z; }; //master is tinydns

};

2. Push named.conf to the bind-nameserver(s)

3. Restart bind-nameserver(s) via SSH

4. Notify the nameservers about changes on the zones zone1.com/zone2.com, so that they request the new zonedata from tinydns (in combination with axfrdns) via AXFR.

Okay that sounds pretty interesting. This would mainly become a build-bind-axfr module or something like that, I assume. It could help people to get their BIND servers going more easily with Maintain and AXFR from tinydns.

We should have a feature request about this on JIRA. Want to make one?

Frédéric Wenzel
Maintain Team
fred -at- osuosl -dot- org

I am currently working on something like that. But I dont know (yet), what can be expected...

At this time, maintain becomes integrated in an test eniviroment (as the main-part of our project at the university) an the scheduled time (for this project) is very short.

So far I have written some code for notifying BIND-nameservers and some methods, that read out the present nameservers and domains (zones...) -> the admin should be able to mark existing nameservers as BIND-nameservers, so that named.conf and the notifications are intended for this NS only.

That sounds very good. If you need help, I suggest you step by the IRC channel, or the mailing list works too.

Also, even if you don't get it done all the way for Maintain to adapt, we would still be glad if you would let us use your changes at the end!

Frédéric Wenzel
Maintain Team
fred -at- osuosl -dot- org

I have dropped a first pre-pre-alpha of the module "maintain_deployment". Currently, there are a lot of things, that should be told in short:

• Code is untested as far as possible
• Code was written using a simple texteditor without any php-stuff..
• Code is not documented end to end
• Multilanguage-support is not implemented
• and so on...

If the module gets activated, it extends the network-tools-widget by a new DNS-link. A click on it shows up a list of all known nameservers. Each nameserver can be set as a BIND-nameserver. Setting a nameserver to a BIND-nameserver means that a named.conf-file is created and pushed to the server (if enabled) henceforth. In addition, the BIND-nameserver becomes notified, that its zonedata has changed (the named performs a zonetransfer then...). To assist the admin in the deployment-process, the module is able to set up automatically a SSH-pubkey-authentication (can be disabled).

What is needed:

• PEAR-extensions: Net_DNS, Net_Ping, Net_IPv4
• SSHPass (to setup pubkey-auth on remote-hosts)

Module: http://www.0xFF.de/files/maintain_deployment.zip

Module-Documentation (german - not finished): http://0xFF.de/files/Modulbeschreibung_maintain_deployment.pdf

Maintain-Installation-Documentation (german - not finished): http://0xFF.de/files/Installationsbeschreibung_Maintain3.pdf