summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAntoine Beaupré2010-09-25 01:10:25 -0400
committerAntoine Beaupre2010-09-25 01:10:53 -0400
commit63d3125a5ce1d64c2c5b53c289119f92e0a5b29a (patch)
tree7681c9c9e73afc9604d8c53e6dfa48a69489b93f
parentea9c25a72366c81d686f7c7818ea033b5e3ad81b (diff)
#922278 - allow slaves to do zone transfers on all zonesdev-dns
we don't make an allow-transfer {} block global because the admin probably has another option {} block somewhere we can't duplicate
-rw-r--r--dns/bind/bind_service.inc18
-rw-r--r--dns/bind/server.tpl.php11
2 files changed, 27 insertions, 2 deletions
diff --git a/dns/bind/bind_service.inc b/dns/bind/bind_service.inc
index b64e534..8372414 100644
--- a/dns/bind/bind_service.inc
+++ b/dns/bind/bind_service.inc
@@ -50,4 +50,20 @@ class provisionConfig_bind_zone extends provisionConfig_dns_zone {
}
class provisionConfig_bind_server extends provisionConfig_dns_server {
-}
+
+ /**
+ * pre-render the slave servers IP addresses
+ *
+ * This is done so we can configure the allow-transfer ACL.
+ */
+ function process() {
+ parent::process();
+ $slaves = array();
+ if (!is_array($this->server->slave_servers)) {
+ $this->server->slave_servers = array($this->server->slave_servers);
+ }
+ foreach ($this->server->slave_servers as $slave) {
+ $slaves = array_merge($slaves, d($slave)->ip_addresses);
+ }
+ $this->data['server']->slave_servers_ips = $slaves;
+ }}
diff --git a/dns/bind/server.tpl.php b/dns/bind/server.tpl.php
index 71d4751..f266915 100644
--- a/dns/bind/server.tpl.php
+++ b/dns/bind/server.tpl.php
@@ -1,5 +1,14 @@
<?php
+
+$slave_acl = "";
+if (is_array($server->slave_servers_ips)) {
+ $slaves = implode(";", $server->slave_servers_ips);
+ if (!empty($slaves)) {
+ $slave_acl = "allow-transfer { $slaves; };\n";
+ }
+}
+
foreach ($records as $key => $name) {
- printf('zone "%s" { type master; file "%s/%s.zone"; allow-query { any; }; };' . "\n", $name, $dns_zoned_path, $name);
+ printf('zone "%s" { type master; file "%s/%s.zone"; allow-query { any; }; %s };' . "\n", $name, $dns_zoned_path, $name, $slave_acl);
}
?>