Mercurial > code > home > repos > infra

comparison dns.py @ 213:33db4d39e554

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
filtered dns adjustments
author drewp@bigasterisk.com
date Sat, 12 Aug 2023 14:27:14 -0700
parents b63ed77141fd
children 075ceead3673
comparison
equal deleted inserted replaced
212:160b29338911 213:33db4d39e554
1 from pyinfra import host 1 from pyinfra import host
2 from pyinfra.operations import apt, files, systemd 2 from pyinfra.operations import apt, files, systemd
3 3
4 4
5 def dnsmasq_instance(net_name, house_iface, dhcp_range, router, dhcp_hosts_filename='/dev/null'): 5 def dnsmasq_instance(net_name,
6 house_iface,
7 dhcp_range='10.2.0.10,10.2.0.11',
8 listen_address='reqd',
9 dhcp_hosts_filename='/dev/null'):
6 files.directory(path=f'/opt/dnsmasq/{net_name}') 10 files.directory(path=f'/opt/dnsmasq/{net_name}')
7 files.template(src='templates/dnsmasq/dnsmasq.conf.j2', 11 files.template(
8 dest=f'/opt/dnsmasq/{net_name}/dnsmasq.conf', 12 src='templates/dnsmasq/dnsmasq.conf.j2',
9 net=net_name, 13 dest=f'/opt/dnsmasq/{net_name}/dnsmasq.conf',
10 house_iface=house_iface, 14 net=net_name,
11 dhcp_range=dhcp_range, 15 house_iface=house_iface,
12 router=router, 16 dhcp_range=dhcp_range,
13 dhcp_enabled=net_name == '10.2' and host.name == 'pipe') 17 listen_address=listen_address,
18 dhcp_enabled=net_name == '10.2' and host.name == 'pipe',
19 dns_server=listen_address,
20 router=listen_address,
21 )
14 files.template(src='templates/dnsmasq/hosts.j2', dest=f'/opt/dnsmasq/{net_name}/hosts', net=net_name) 22 files.template(src='templates/dnsmasq/hosts.j2', dest=f'/opt/dnsmasq/{net_name}/hosts', net=net_name)
15 files.template(src=dhcp_hosts_filename, dest=f'/opt/dnsmasq/{net_name}/dhcp_hosts', net=net_name) 23 files.template(src=dhcp_hosts_filename, dest=f'/opt/dnsmasq/{net_name}/dhcp_hosts', net=net_name)
16 24
17 files.template(src='templates/dnsmasq/dnsmasq.service.j2', 25 files.template(src='templates/dnsmasq/dnsmasq.service.j2',
18 dest=f'/etc/systemd/system/dnsmasq_{net_name}.service', 26 dest=f'/etc/systemd/system/dnsmasq_{net_name}.service',
19 net=net_name) 27 net=net_name)
20 if net_name == '10.2': 28 if net_name in ['10.2', '10.2-filtered']:
21 systemd.service(service=f'dnsmasq_{net_name}', enabled=True, restarted=True, daemon_reload=True) 29 systemd.service(service=f'dnsmasq_{net_name}', enabled=True, restarted=True, daemon_reload=True)
30
22 31
23 def standard_host_dns(): 32 def standard_host_dns():
24 files.template(src='templates/hosts.j2', dest='/etc/hosts') 33 files.template(src='templates/hosts.j2', dest='/etc/hosts')
25 files.link(path='/etc/resolv.conf', target='/run/systemd/resolve/resolv.conf', force=True) 34 files.link(path='/etc/resolv.conf', target='/run/systemd/resolve/resolv.conf', force=True)
26 files.template(src='templates/resolved.conf.j2', dest='/etc/systemd/resolved.conf') 35 files.template(src='templates/resolved.conf.j2', dest='/etc/systemd/resolved.conf')
27 systemd.service(service='systemd-resolved.service', running=True, restarted=True) 36 systemd.service(service='systemd-resolved.service', running=True, restarted=True)
28 37
38
29 standard_host_dns() 39 standard_host_dns()
30 40
31 if host.name == 'bang': 41 if host.name == 'bang':
32 systemd.service(service='dnsmasq', enabled=False, running=False) 42 systemd.service(service='dnsmasq', enabled=False, running=False)
33 files.directory(path='/opt/dnsmasq') 43 files.directory(path='/opt/dnsmasq')
34 44
35 dnsmasq_instance('10.5', house_iface='unused', dhcp_range='unused', router='unused') # only works after wireguard is up 45 dnsmasq_instance('10.5', house_iface='unused', dhcp_range='unused',
46 listen_address='unused') # only works after wireguard is up
36 47
37 elif host.name == 'ditto': 48 elif host.name == 'ditto':
38 systemd.service(service='dnsmasq', enabled=False, running=False) 49 systemd.service(service='dnsmasq', enabled=False, running=False)
39 50
40 elif host.name == 'pipe': 51 elif host.name == 'pipe':
41 systemd.service(service='dnsmasq', enabled=False, running=False) 52 systemd.service(service='dnsmasq', enabled=False, running=False)
42 files.directory(path='/opt/dnsmasq') 53 files.directory(path='/opt/dnsmasq')
43 dnsmasq_instance('10.2', 54 dnsmasq_instance('10.2',
44 house_iface='eth1', 55 house_iface='eth1',
45 dhcp_range='10.2.0.101,10.2.0.240', 56 dhcp_range='10.2.0.101,10.2.0.240',
46 router='10.2.0.3', 57 listen_address='10.2.0.3',
47 dhcp_hosts_filename='templates/dnsmasq/dhcp_hosts.j2') 58 dhcp_hosts_filename='templates/dnsmasq/dhcp_hosts.j2')
48 out = '/opt/dnsmasq/10.2' 59 out = '/opt/dnsmasq/10.2'
49 # This mtail is for dhcp command counts and errors. Another monitor in lanscape/ reads the leases file. 60 # This mtail is for dhcp command counts and errors. Another monitor in lanscape/ reads the leases file.
50 files.template(src='templates/dnsmasq/metrics.mtail.j2', dest=f'{out}/metrics.mtail') 61 files.template(src='templates/dnsmasq/metrics.mtail.j2', dest=f'{out}/metrics.mtail')
51 files.template(src='templates/dnsmasq/run_mtail.sh', dest=f'{out}/run_mtail.sh') 62 files.template(src='templates/dnsmasq/run_mtail.sh', dest=f'{out}/run_mtail.sh')
52 63
53 files.template(src='templates/dnsmasq/dnsmasq-mtail.service.j2', dest=f'/etc/systemd/system/dnsmasq-mtail.service') 64 files.template(src='templates/dnsmasq/dnsmasq-mtail.service.j2', dest=f'/etc/systemd/system/dnsmasq-mtail.service')
54 systemd.service(service=f'dnsmasq-mtail', enabled=True, restarted=True, daemon_reload=True) 65 systemd.service(service=f'dnsmasq-mtail', enabled=True, restarted=True, daemon_reload=True)
55 66
56 else: 67 # Serve another dns, no dhcp, and include the dynamic-blocking file written by net_routes.
57 pass 68 dnsmasq_instance(
69 net_name='10.2-filtered',
70 house_iface='eth1',
71 listen_address='10.2.0.4',
72 )