Ensuring we go through local networking for our VIPs

This commit is contained in:
DarkFeather 2022-05-23 21:30:24 -05:00
parent 9758b23193
commit 8b2b0be95b
Signed by: DarkFeather
GPG Key ID: 1CC1E3F4ED06F296
2 changed files with 6 additions and 1 deletions

View File

@ -9,6 +9,7 @@
# Author: DarkFeather <darkfeather@aninix.net>
import os
import subprocess
import sys
import yaml
@ -38,6 +39,8 @@ def WriteDNSEntry(content,hosttype,hostclass):
global dnsfile
with open(dnsfilepath,'a') as dnsfile:
# Write host entries
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
try:
dnsfile.write(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['ip'] + ' ' + host + '.' + content['all']['vars']['replica_domain'] + ' ' + host + '\n')
@ -62,7 +65,8 @@ def GenerateFiles(file):
dhcpfile.write('dhcp-option=option:dns-server,'+content['all']['vars']['dns']+'\n\n')
dhcpfile.write('dhcp-range='+content['all']['vars']['staticrange']+'\n')
with open(dnsfilepath,'w') as dnsfile:
dnsfile.write('')
vips=subprocess.run(["/bin/bash", "-c", "echo | openssl s_client -connect "+content['all']['vars']['external_domain']+":443 | openssl x509 -text -noout | grep DNS: | tr ',' '\n' | sed 's/\s\+DNS://' | egrep -iv ^"+content['all']['vars']['external_domain']+" | tr '\n' ' '"], capture_output=True).stdout.decode("utf-8")
dnsfile.write(content['all']['vars']['webfront']+' '+content['all']['vars']['external_domain']+' '+vips+"\n")
# Add DNS entries for each host
hosttype = 'managed'

View File

@ -12,6 +12,7 @@ all:
dns: "10.0.1.2"
logserver: "10.0.1.16"
ldapserver: "10.0.1.3"
webfront: "10.0.1.3"
# Standards
daemon_shell: /sbin/nologin
user_shell: /bin/bash