Ensuring we go through local networking for our VIPs

2022-05-23 21:30:24 -05:00 · 2022-05-23 21:30:24 -05:00 · 8b2b0be95b
commit 8b2b0be95b
parent 9758b23193
2 changed files with 6 additions and 1 deletions
--- a/bin/generate-pihole-dns-dhcp.py
+++ b/bin/generate-pihole-dns-dhcp.py
@ -9,6 +9,7 @@
 # Author: DarkFeather <darkfeather@aninix.net>
 import os
 import subprocess
 import sys
 import yaml
@ -38,6 +39,8 @@ def WriteDNSEntry(content,hosttype,hostclass):
    global dnsfile
    with open(dnsfilepath,'a') as dnsfile: 
        # Write host entries
        for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
            try:
                dnsfile.write(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['ip'] + ' ' + host + '.' + content['all']['vars']['replica_domain'] + ' ' + host + '\n')
@ -62,7 +65,8 @@ def GenerateFiles(file):
            dhcpfile.write('dhcp-option=option:dns-server,'+content['all']['vars']['dns']+'\n\n')
            dhcpfile.write('dhcp-range='+content['all']['vars']['staticrange']+'\n')
        with open(dnsfilepath,'w') as dnsfile:
-            dnsfile.write('')
+            vips=subprocess.run(["/bin/bash", "-c", "echo | openssl s_client -connect "+content['all']['vars']['external_domain']+":443 | openssl x509 -text -noout | grep DNS: | tr ',' '\n'  | sed 's/\s\+DNS://' | egrep -iv ^"+content['all']['vars']['external_domain']+" | tr '\n' ' '"], capture_output=True).stdout.decode("utf-8")
            dnsfile.write(content['all']['vars']['webfront']+' '+content['all']['vars']['external_domain']+' '+vips+"\n")
        # Add DNS entries for each host
        hosttype = 'managed'
--- a/examples/msn0.yml
+++ b/examples/msn0.yml
@ -12,6 +12,7 @@ all:
        dns: "10.0.1.2"
        logserver: "10.0.1.16"
        ldapserver: "10.0.1.3"
        webfront: "10.0.1.3"
        # Standards
        daemon_shell: /sbin/nologin
        user_shell: /bin/bash