Mercurial > code > home > repos > infra

diff dns/dns.py @ 326:5b88b38f2471

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
huge reorg, reog toplevel functions in preparation of a ui with nice task lists
author drewp@bigasterisk.com
date Mon, 20 Jan 2025 21:55:08 -0800
parents dns.py@4d1b6a6e65d2
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dns/dns.py	Mon Jan 20 21:55:08 2025 -0800
@@ -0,0 +1,116 @@
+from operator import le
+import subprocess
+from io import StringIO
+
+from pyinfra.context import host
+from pyinfra.operations import files, systemd
+
+
+def dnsmasq_instance(
+    net_name,
+    house_iface,
+    dhcp_range='10.2.0.10,10.2.0.11',
+    listen_address='reqd',
+):
+    files.directory(path=f'/opt/dnsmasq/{net_name}')
+    files.template(
+        src='dns/templates/dnsmasq/dnsmasq.conf.j2',
+        dest=f'/opt/dnsmasq/{net_name}/dnsmasq.conf',
+        net=net_name,
+        house_iface=house_iface,
+        dhcp_range=dhcp_range,
+        listen_address=listen_address,
+        dhcp_enabled=net_name == '10.2' and host.name == 'pipe',
+        dns_server=listen_address,
+        router=listen_address,
+    )
+    files.template(src='dns/templates/dnsmasq/hosts.j2', dest=f'/opt/dnsmasq/{net_name}/hosts', net=net_name)
+
+    dhcp_hosts = subprocess.check_output(['python3', '/my/serv/lanscape/src/public/make_dhcp_hosts.py'], encoding='utf8')
+    files.put(src=StringIO(dhcp_hosts), dest=f'/opt/dnsmasq/{net_name}/dhcp_hosts')
+
+    files.template(src='dns/templates/dnsmasq/dnsmasq.service.j2',
+                   dest=f'/etc/systemd/system/dnsmasq_{net_name}.service',
+                   net=net_name)
+    if net_name in ['10.2', '10.2-filtered']:
+        systemd.service(service=f'dnsmasq_{net_name}', enabled=True, restarted=True, daemon_reload=True)
+
+
+def standard_host_dns():
+    files.template(src='dns/templates/hosts.j2', dest='/etc/hosts')
+    if 'pi' in host.groups:
+        files.put(dest='/etc/resolv.conf', src='dns/files/resolv.conf')
+    else:
+        files.link(path='/etc/resolv.conf', target='/run/systemd/resolve/resolv.conf', force=True)
+        files.template(src='dns/templates/resolved.conf.j2', dest='/etc/systemd/resolved.conf')
+        systemd.service(service='systemd-resolved.service', running=True, restarted=True)
+
+
+def rpi_net_boot():
+    files.directory(path='/opt/dnsmasq/tftp')
+
+
+def no_default_dnsmasq_instance():
+    # no default instance; i'll add some specific ones below
+    systemd.service(service='dnsmasq', enabled=False, running=False)
+
+
+def watchLeasesFile():
+    """summary:
+    1. dnsmasq_10.2 leases an address and writes to /opt/dnsmasq/10.2/leases
+    2. dhcp_graph_watch.path notices that change
+    3. dhcp_graph_update.service posts /opt/dnsmasq/10.2/leases to dhcp_graph (k8s deploy)
+    4. dhcp_graph serves the data as rdf
+    """
+    dhcp_graph_url = "http://10.5.0.7:8005"
+    leases = "/opt/dnsmasq/10.2/leases"
+    files.template(
+        src='dns/templates/dhcp_graph_watch.path.j2',
+        dest='/etc/systemd/system/dhcp_graph_watch.path',
+        leases=leases,
+    )
+
+    files.template(
+        src='dns/templates/dhcp_graph_update.service.j2',
+        dest='/etc/systemd/system/dhcp_graph_update.service',
+        leases=leases,
+        dhcp_graph_url=dhcp_graph_url,
+    )
+    systemd.service(service='dhcp_graph_watch.path', enabled=True, restarted=True, daemon_reload=True)
+    systemd.service(service='dhcp_graph_update.service', enabled=True, restarted=True, daemon_reload=True)
+
+
+def dnsmasq_on_pipe():
+    if host.name != 'pipe':
+        return
+    rpi_net_boot()
+    files.directory(path='/opt/dnsmasq')
+    dnsmasq_instance(
+        '10.2',
+        house_iface='eth1',
+        dhcp_range='10.2.0.110,10.2.0.240',
+        listen_address='10.2.0.3',
+    )
+    out = '/opt/dnsmasq/10.2'
+    # This mtail is for dhcp command counts and errors.
+    files.put(src='dns/files/metrics.mtail', dest=f'{out}/metrics.mtail')
+    files.put(src='dns/files/run_mtail.sh', dest=f'{out}/run_mtail.sh')
+
+    watchLeasesFile()
+
+    files.put(src='dns/files/dnsmasq-mtail.service', dest='/etc/systemd/system/dnsmasq-mtail.service')
+    systemd.service(service='dnsmasq-mtail', enabled=True, restarted=True, daemon_reload=True)
+
+    # Serve another dns, no dhcp, and include the dynamic-blocking file written by net_routes.
+    dnsmasq_instance(
+        net_name='10.2-filtered',
+        house_iface='eth1',
+        listen_address='10.2.0.4',
+    )
+
+
+operations = [
+    standard_host_dns,
+    no_default_dnsmasq_instance,
+    dnsmasq_on_pipe,
+]