main.py 3.04 KB
Newer Older
ale's avatar
ale committed
1 2 3 4 5 6 7 8 9
import optparse
import os
import sys
import yaml
from zonetool import zone


def main():
    parser = optparse.OptionParser(
10
        usage='%prog [<OPTIONS>] <PATH>...')
ale's avatar
ale committed
11 12 13
    parser.add_option(
        '-c', '--config', dest='config', metavar='FILE',
        help='Load global configuration from FILE (in YAML format)')
ale's avatar
ale committed
14 15 16 17
    parser.add_option(
        '--named-conf', dest='named_conf', metavar='FILE',
        help='Location of the autogenerated named.conf snippet '
        '(the file will not be created if the option is unset)')
ale's avatar
ale committed
18 19 20 21
    parser.add_option(
        '-o', '--output-dir', dest='output_dir',
        default='.', metavar='DIR',
        help='Output directory (default: current dir)')
ale's avatar
ale committed
22 23 24
    parser.add_option(
        '--delete', dest='delete', action='store_true',
        help='Delete obsolete zone files in output_dir')
ale's avatar
ale committed
25 26 27
    parser.add_option(
        '-n', '--dry-run', dest='dry_run', action='store_true',
        help='Do not actually write zone files')
28 29 30
    parser.add_option(
        '--update-policy', dest='update_policies', action='append',
        help='Set the update-policy for all zones (specify more than once for multiple policies)')
ale's avatar
ale committed
31

ale's avatar
ale committed
32 33 34 35 36 37 38 39 40 41 42 43 44 45
    dnssec_g = parser.add_option_group('DNSSEC Options')
    dnssec_g.add_option(
        '--key-dir', dest='key_dir', metavar='DIR',
        help='Location of key files')
    dnssec_g.add_option(
        '--ds-dir', dest='ds_dir', metavar='DIR',
        help='Location of DS record files')
    dnssec_g.add_option(
        '--nsec3-salt', dest='nsec3_salt', metavar='HEX',
        help='NSEC3 salt (hex-encoded)')
    dnssec_g.add_option(
        '--dnssec-refresh', dest='dnssec_refresh', action='store_true',
        help='Refresh all DNSSEC signatures')

ale's avatar
ale committed
46
    opts, args = parser.parse_args()
47 48
    if not args:
        parser.error('Not enough arguments')
ale's avatar
ale committed
49

ale's avatar
ale committed
50 51 52 53
    # Create a global config dictionary using the environment and (if
    # specified) a YAML config file. The advantage of the config file
    # is that it lets you define variables which are not just plain
    # strings.
ale's avatar
ale committed
54 55 56 57 58
    config = dict(os.environ)
    if opts.config:
        with open(opts.config, 'r') as fd:
            config.update(yaml.safe_load(fd))

ale's avatar
ale committed
59
    # Parse the DNS configuration and generate zone data.
ale's avatar
ale committed
60
    zp = zone.ZoneParser(config)
61 62
    for arg in args:
        zp.load(zone.readyaml(zone.walk(arg)))
ale's avatar
ale committed
63 64 65 66 67 68 69 70 71

    pproc = None
    if opts.key_dir and opts.ds_dir and opts.nsec3_salt:
        # Enable DNSSEC support.
        pproc = zone.DNSSECSigner(
            opts.key_dir, opts.ds_dir, opts.nsec3_salt, opts.dnssec_refresh)

    # Render the zone data to 'output_dir'.
    zw = zone.ZoneWriter(opts.output_dir,
ale's avatar
ale committed
72
                         opts.named_conf,
ale's avatar
ale committed
73
                         delete=opts.delete,
74 75
                         dry_run=opts.dry_run,
                         update_policies=opts.update_policies)
ale's avatar
ale committed
76
    changed, removed = zw.write(zp.render(), postproc=pproc)
77 78 79 80 81 82

    # Success is defined as having changed bind config
    if not opts.dry_run and (len(changed) + len(removed) > 0):
        sys.exit(0)
    else:
        sys.exit(1)
ale's avatar
ale committed
83 84 85 86


if __name__ == '__main__':
    main()