def install_rsyslog(args):
'''
Install rsyslog client the server
and set upp configfiles to use rsyslog server and collect server tls cert
'''
hostname = socket.gethostname()
x("yum install rsyslog rsyslog-gnutls -y")
x("chkconfig --add rsyslog")
x("chkconfig rsyslog on")
#Getting ossec server
loggserver =config.general.get_logg_server()
loggserver2 =config.general.get_logg_server2()
x("\cp -f /opt/syco/var/rsyslog/rsyslog.conf /tmp/rsyslog.conf" )
x("sed -i 's/SERVERNAME/"+socket.gethostname()+"/g' /tmp/rsyslog.conf")
x("sed -i 's/MASTER/"+loggserver+"/g' /tmp/rsyslog.conf")
x("sed -i 's/SLAVE/"+loggserver2+"/g' /tmp/rsyslog.conf")
x("\cp -f /tmp/rsyslog.conf /etc/rsyslog.conf" )
#coping certs for tls from rsyslog server
x("mkdir /etc/pki/rsyslog")
scp_from(loggserver,"/etc/pki/rsyslog/"+socket.gethostname()+"*","/etc/pki/rsyslog")
scp_from(loggserver,"/etc/pki/rsyslog/ca.pem","/etc/pki/rsyslog")
#Restaring rsyslog
x("/etc/init.d/rsyslog restart")
def _setup_keys():
'''
Download client keys from server.
Needed for client to be allowed to communicate with server.
'''
ossecserver = config.general.get_ossec_server_ip()
hostname = socket.gethostname()
fqdn = '{0}.{1}'.format(hostname, config.general.get_resolv_domain())
# Wait until ssh is responsive on server. However this doesn't mean that
# the server is fully installed.
general.wait_for_server_to_start(ossecserver, 22)
# Loop until ossec server has created client keys and made it possible
# to copy them.
while True:
scp_from(
ossecserver,
"/var/ossec/etc/{0}_client.keys".format(fqdn),
"/var/ossec/etc/client.keys"
)
# Loop until the keys are downloaded.
if os.path.exists('/var/ossec/etc/client.keys'):
break
# Wait awhile and then try to download the files again.
time.sleep(40)
x('chown root:ossec /var/ossec/etc/client.keys')
x('chmod 640 /var/ossec/etc/client.keys')
def install_rsyslog(args):
'''
Install rsyslog client the server
and set upp configfiles to use rsyslog server and collect server tls cert
'''
hostname = socket.gethostname()
x("yum install rsyslog rsyslog-gnutls -y")
x("chkconfig --add rsyslog")
x("chkconfig rsyslog on")
#Getting ossec server
loggserver = config.general.get_logg_server()
loggserver2 = config.general.get_logg_server2()
x("\cp -f /opt/syco/var/rsyslog/rsyslog.conf /tmp/rsyslog.conf")
x("sed -i 's/SERVERNAME/" + socket.gethostname() + "/g' /tmp/rsyslog.conf")
x("sed -i 's/MASTER/" + loggserver + "/g' /tmp/rsyslog.conf")
x("sed -i 's/SLAVE/" + loggserver2 + "/g' /tmp/rsyslog.conf")
x("\cp -f /tmp/rsyslog.conf /etc/rsyslog.conf")
#coping certs for tls from rsyslog server
x("mkdir /etc/pki/rsyslog")
scp_from(loggserver, "/etc/pki/rsyslog/" + socket.gethostname() + "*",
"/etc/pki/rsyslog")
scp_from(loggserver, "/etc/pki/rsyslog/ca.pem", "/etc/pki/rsyslog")
#Restaring rsyslog
x("/etc/init.d/rsyslog restart")
def _copy_cert():
'''
Coping certs for tls from rsyslog server
'''
crt_dir = "/etc/pki/rsyslog"
x("mkdir -p {0}".format(crt_dir))
srv = config.general.get_log_server_hostname1()
scp_from(srv, "/etc/pki/rsyslog/{0}*".format(net.get_hostname()), crt_dir)
scp_from(srv, "/etc/pki/rsyslog/ca.crt", crt_dir)
x("restorecon -r /etc/pki/rsyslog")
x("chmod 600 /etc/pki/rsyslog/*")
x("chown root:root /etc/pki/rsyslog/*")
def _copy_cert():
'''
Coping certs for tls from rsyslog server
'''
crt_dir ="/etc/pki/rsyslog"
x("mkdir -p {0}".format(crt_dir))
srv = config.general.get_log_server_hostname1()
scp_from(srv, "/etc/pki/rsyslog/{0}*".format(net.get_hostname()), crt_dir)
scp_from(srv, "/etc/pki/rsyslog/ca.crt", crt_dir)
x("restorecon -r /etc/pki/rsyslog")
x("chmod 600 /etc/pki/rsyslog/*")
x("chown root:root /etc/pki/rsyslog/*")
def install_ossecc(args):
'''
Install OSSEC Client in the server
'''
#OSSEC DOWNLOAD URL
ossec_download = "http://www.ossec.net/files/ossec-hids-2.6.tar.gz"
#Getting ossec server
ossecserver = config.general.get_ossec_server_ip()
hostname = socket.gethostname()
x('yum install gcc make')
x("wget -P /tmp/ " + ossec_download)
x("tar -C /tmp -zxf /tmp/ossec-hids* ")
x("rm -rf /tmp/ossec-hids*.tar.gz")
x("mv /tmp/ossec-hids* /tmp/ossecbuild")
x('\cp -f /opt/syco/var/ossec/osseconf/preloaded-vars-agent.conf /tmp/ossecbuild/etc/preloaded-vars.conf'
)
#Setting ossec server ip
x("sed -i 's/OSSECSERVER/" + ossecserver +
"/g' /tmp/ossecbuild/etc/preloaded-vars.conf")
#Start installation
x('/tmp/ossecbuild/install.sh')
#Getting OOSEC clinet key from OSSEC server.
scp_from(ossecserver, "/var/ossec/etc/" + hostname + "_client.keys",
"/var/ossec/etc/client.keys")
x('chown root:ossec /var/ossec/etc/client.keys')
#Setting upp client config from syco
x('\cp -f /opt/syco/var/ossec/osseconf/ossec_agent.conf /var/ossec/etc/ossec.conf'
)
x("sed -i 's/OSSECSERVER/" + ossecserver + "/g' /var/ossec/etc/ossec.conf")
x('chown root:ossec /var/ossec/etc/ossec.conf')
#Restaring OSSEC client
x('/var/ossec/bin/ossec-control restart')
def install_ossecc(args):
'''
Install OSSEC Client in the server
'''
#OSSEC DOWNLOAD URL
ossec_download = "http://www.ossec.net/files/ossec-hids-2.6.tar.gz"
#Getting ossec server
ossecserver =config.general.get_ossec_server_ip()
hostname = socket.gethostname()
x('yum install gcc make')
x("wget -P /tmp/ "+ossec_download)
x("tar -C /tmp -zxf /tmp/ossec-hids* ")
x("rm -rf /tmp/ossec-hids*.tar.gz")
x("mv /tmp/ossec-hids* /tmp/ossecbuild")
x('\cp -f /opt/syco/var/ossec/osseconf/preloaded-vars-agent.conf /tmp/ossecbuild/etc/preloaded-vars.conf')
#Setting ossec server ip
x("sed -i 's/OSSECSERVER/"+ossecserver+"/g' /tmp/ossecbuild/etc/preloaded-vars.conf")
#Start installation
x('/tmp/ossecbuild/install.sh')
#Getting OOSEC clinet key from OSSEC server.
scp_from(ossecserver,"/var/ossec/etc/"+hostname+"_client.keys","/var/ossec/etc/client.keys")
x('chown root:ossec /var/ossec/etc/client.keys')
#Setting upp client config from syco
x('\cp -f /opt/syco/var/ossec/osseconf/ossec_agent.conf /var/ossec/etc/ossec.conf')
x("sed -i 's/OSSECSERVER/"+ossecserver+"/g' /var/ossec/etc/ossec.conf")
x('chown root:ossec /var/ossec/etc/ossec.conf')
#Restaring OSSEC client
x('/var/ossec/bin/ossec-control restart')
def _install_httpd_certificates():
'''
Install syco wildcard certificate to be used by VCS server.
Both https cert used to browse the VCS httpd server and the client certs
used to authenticate to the LDAP-server.
'''
srv = "root@" + config.general.get_cert_server_ip()
x("mkdir -p /etc/httpd/ssl/")
ssh.scp_from(srv, config.general.get_cert_wild_ca(), "/etc/httpd/ssl/vcs-ca.pem")
ssh.scp_from(srv, config.general.get_cert_wild_crt(), "/etc/httpd/ssl/vcs.crt")
ssh.scp_from(srv, config.general.get_cert_wild_key(), "/etc/httpd/ssl/vcs.key")
installSssd.install_certs()
def _install_httpd_certificates():
'''
Install syco wildcard certificate to be used by VCS server.
Both https cert used to browse the VCS httpd server and the client certs
used to authenticate to the LDAP-server.
'''
srv = "root@" + config.general.get_cert_server_ip()
x("mkdir -p /etc/httpd/ssl/")
ssh.scp_from(srv, config.general.get_cert_wild_ca(),
"/etc/httpd/ssl/vcs-ca.pem")
ssh.scp_from(srv, config.general.get_cert_wild_crt(),
"/etc/httpd/ssl/vcs.crt")
ssh.scp_from(srv, config.general.get_cert_wild_key(),
"/etc/httpd/ssl/vcs.key")
installSssd.install_certs()
def install_dns(args):
'''
DNS Bind 9 Chrooted installation
This will install the dns server on the host chrooted.
This command is used only for Centos servers.
'''
if os.path.exists('/opt/syco/lock/dns'):
'''
If dns server is locked from this script
'''
app.print_verbose("This server has an lock stopping you from installing the DNS server ")
else:
'''
Installinb server package needed for dns
'''
general.shell_exec("yum install bind bind-chroot bind-libs bind-utils caching-nameserver -y")
os.chdir("/tmp/")
'''
Getting argument from command line
master = setting upp master server
slave = setting upp slave server
'''
if len(args) == 2:
role = args[1]
if (role != "master" and role !="slave"):
sys.exit("use choose master ore slave server 'syco install-dns master'")
#raise Exception("You can only enter master or slave, you entered " + args[1])
else:
sys.exit("use choose master ore slave server 'syco install-dns master'")
role =str(args[1])
'''
Reading zone.cfg file conting
In zone.cfg is all config options neede for setting upp DNS Server
This file is readed and the the options are saved and used when generating new config files
'''
config_f = ConfigParser.SafeConfigParser()
config_zone = ConfigParser.SafeConfigParser()
config_f.read(app.SYCO_PATH + 'var/dns/zone.cfg')
dnsrange = config_f.get('config', 'range')
forward1 = config_f.get('config', 'forward1')
forward2 = config_f.get('config', 'forward2')
ipmaster = config_f.get('config', 'ipmaster')
ipslave = config_f.get('config', 'ipslave')
localnet = config_f.get('config', 'localnet')
data_center = config_f.get('config', 'data_center')
#Creating data dir
x("mkdir /var/named/chroot/var/named/data")
'''
Depending if the server is an master then new rndc keys are genertaed if now old are done.
If the server is slave the keys have to bee fetch from the master server.
'''
if os.path.exists('/var/named/chroot/etc/rndc_new.key'):
_copy_rndc()
else:
if role =="master":
os.chdir("/tmp")
os.system("/usr/sbin/rndc-confgen > /var/named/chroot/etc/rndc_new.key")
general.shell_exec("chown root:named rndc.key")
_copy_rndc()
else:
os.chdir("/var/named/chroot/etc")
scp_from(ipmaster,"/var/named/chroot/etc/rndc_new.key","/var/named/chroot/etc/")
def _generate_zone(location):
p = re.compile('[\s]*([\d]*)[\s]*[;][\s]*Serial')
if location == "internal":
o = open("/var/named/chroot/etc/named.conf","a") #open for append
o.write("view 'internt' {\n")
o.write("match-clients { " + localnet + "; };\n")
o.close()
else:
o = open("/var/named/chroot/etc/named.conf","a") #open for append
o.write("view 'external' {\n")
o.write("match-clients { any; };\n")
o.close()
'''
Getting records from zone files
and creating zone file for records
'''
for zone in config_f.options('zone'):
rzone = config_f.get('zone',zone)
config_zone.read(app.SYCO_PATH + 'var/dns/'+zone)
print zone
'''
Crating zone file and setting right settings form zone.cfg file
'''
o = open("/var/named/chroot/var/named/data/" + location + "." + zone + ".zone","w") #open for write
for line in open(app.SYCO_PATH + "var/dns/template.zone"):
line = line.replace("$IPMASTER$",ipmaster)
line = line.replace("$IPSLAVE$",ipslave)
line = line.replace("$NAMEZONE$",zone)
serial = p.findall (line)
print line
if len(serial) > 0:
line = str(int(serial[0]) + 1) + " ; Serial\n"
o.write(line + "\n")
#Wrinting out arecord to zone file
if location == "internal":
'''
Getting internal network address if thy are any else go back to use external address
Generating A record from domain file and adding them to zone file.
'''
try:
config_zone.options("internal_" + zone + "_arecords")
except ConfigParser.NoSectionError:
for option in config_zone.options(zone + "_arecords"):
o.write (option + "." + zone + "."+ " IN A " + config_zone.get(zone + "_arecords",option) + " \n")
print option + "." + zone+"." + "A" + config_zone.get(zone + "_arecords",option)+"."
if zone == config.general.get_resolv_domain():
servers = config.get_servers()
for hostname in servers:
o.write (hostname + "." + zone + "." + " IN A " + config.host(hostname).get_back_ip() + " \n")
print "INTERNAL"+hostname + config.host(hostname).get_back_ip()
else:
for option in config_zone.options("internal_" + zone + "_arecords"):
o.write (option + "." + zone + "."+ " IN A " + config_zone.get("internal_" + zone + "_arecords",option) + " \n")
print option + "." + zone + "." + "A" + config_zone.get("internal_" + zone+"_arecords",option) + "."
'''
If domain is the same as local domain
Gett all ip from local servers and add them to records.
'''
if zone == config.general.get_resolv_domain():
servers = config.get_servers()
for hostname in servers:
o.write (hostname + "." + zone + "."+ " IN A " + config.host(hostname).get_back_ip() + " \n")
print hostname + config.host(hostname).get_back_ip()
'''
Getting all Cnames from domain file
If there exist any names for internal network then they are used for inernal viem
Else external names are used.
Cnames are the added to file
'''
try:
config_zone.options("internal_" + zone + "_cname")
except ConfigParser.NoSectionError:
for option in config_zone.options(zone + "_cname"):
out = str(option) + " IN CNAME " + config_zone.get(zone + "_cname",option) + "\n"
out2 =out.replace('$DATA_CENTER$',data_center)
o.write(out2)
print out2
else:
for option in config_zone.options("internal_" + zone + "_cname"):
out= str(option) + " IN CNAME "+ str(config_zone.get("internal_" + zone + "_cname",option)) + "\n"
out2 = out.replace('$DATA_CENTER$',data_center)
o.write(out2)
print out2
else:
for option in config_zone.options(zone + "_arecords"):
o.write (option + "." + zone + "." + " IN A " + config_zone.get(zone + "_arecords",option) + " \n")
print option+"." + zone + "." + "A" + config_zone.get(zone + "_arecords",option) + "."
for option in config_zone.options(zone+"_cname"):
out= str(option) + " IN CNAME " + str(config_zone.get(zone + "_cname",option)) + "\n"
out2 = out.replace('$DATA_CENTER$',data_center)
o.write(out2)
print out2
o.close()
'''
Creating zone revers file for recursive getting if domain names.
'''
o = open("/var/named/chroot/var/named/data/" + location + "." + rzone + ".zone","w") #open for append
for line in open(app.SYCO_PATH + "var/dns/recursiv-template.zone"):
line = line.replace("$IPMASTER$",ipmaster[::-1])
line = line.replace("$IPSLAVE$",ipslave[::-1])
line = line.replace("$NAMEZONE$", zone)
line = line.replace("$RZONE$" ,rzone)
serial = p.findall (line)
if len(serial) > 0:
line = str(int(serial[0]) + 1) + " ; Serial\n"
o.write(line + "\n")
o.close()
'''
Adding the new zreated zone files to named.com to be used
'''
o = open("/var/named/chroot/etc/named.conf","a") #open for append
for line in open(app.SYCO_PATH + "var/dns/" + role + "-zone.conf"):
line = line.replace("$IPMASTER$",ipmaster)
line = line.replace("$IPSLAVE$",ipslave)
line = line.replace("$NAMEZONE$",zone)
line = line.replace("$RZONE$" ,rzone)
line = line.replace("$LOCATION$" ,location)
o.write(line + "\n")
o.close()
'''
Adding differin view to the config file
'''
if location == "internal":
o = open("/var/named/chroot/etc/named.conf","a") #open for append
o.write("}; \n")
o.close()
else:
o = open("/var/named/chroot/etc/named.conf","a") #open for append
o.write("};\n")
o.close()
'''
Getting namd.conf tamplate and generting new file with right config.
'''
'''
Setting upp named.conf with right settings
'''
o = open("/var/named/chroot/etc/named.conf","a") #open for append
for line in open(app.SYCO_PATH + "var/dns/" + role + "-named.conf"):
line = line.replace("$IPSLAVE$",ipslave)
line = line.replace("$IPMASTER$",ipmaster)
line = line.replace("$RANGE$",dnsrange)
line = line.replace("$FORWARD1$",forward1)
line = line.replace("$FORWARD2$",forward2)
line = line.replace("$LOCALNET$",localnet)
line = line.replace("$DOMAIN$",config.general.get_resolv_domain())
o.write(line)
o.close()
'''
Chnagin order if ip to match recusrsive lookup
'''
'''
Generating the zone files
IMPORTAND that internal is first
'''
_generate_zone("internal")
_generate_zone("external")
'''
Adding serial number to template
'''
_add_serial("recursiv-template")
_add_serial("template")
'''
Restaring DNS server for action to be loaded
'''
general.shell_exec("/etc/init.d/named restart")
def _copy_certificate_files():
copyfrom = "root@{0}".format(CERT_SERVER)
copyremotefile = "{0}/{1}.pem".format(CERT_SERVER_PATH, haproxy_env())
copylocalfile = "{0}/{1}.pem".format(CERT_COPY_TO_PATH, haproxy_env())
ssh.scp_from(copyfrom, copyremotefile, copylocalfile)
def _copy_certificate_files():
copyfrom = "root@{0}".format(CERT_SERVER)
copyremotefile = "{0}/{1}.pem".format(CERT_SERVER_PATH, haproxy_env())
copylocalfile = "{0}/{1}.pem".format(CERT_COPY_TO_PATH, haproxy_env())
ssh.scp_from(copyfrom, copyremotefile, copylocalfile)
def install_dns(args):
'''
DNS Bind 9 Chrooted installation
This will install the dns server on the host chrooted.
This command is used only for Centos servers.
'''
if os.path.exists('/opt/syco/lock/dns'):
'''
If dns server is locked from this script
'''
app.print_verbose(
"This server has an lock stopping you from installing the DNS server "
)
else:
'''
Installinb server package needed for dns
'''
general.shell_exec(
"yum install bind bind-chroot bind-libs bind-utils caching-nameserver -y"
)
os.chdir("/tmp/")
'''
Getting argument from command line
master = setting upp master server
slave = setting upp slave server
'''
if len(args) == 2:
role = args[1]
if (role != "master" and role != "slave"):
sys.exit(
"use choose master ore slave server 'syco install-dns master'")
#raise Exception("You can only enter master or slave, you entered " + args[1])
else:
sys.exit(
"use choose master ore slave server 'syco install-dns master'")
role = str(args[1])
'''
Reading zone.cfg file conting
In zone.cfg is all config options neede for setting upp DNS Server
This file is readed and the the options are saved and used when generating new config files
'''
config_f = ConfigParser.SafeConfigParser()
config_zone = ConfigParser.SafeConfigParser()
config_f.read(app.SYCO_PATH + 'var/dns/zone.cfg')
dnsrange = config_f.get('config', 'range')
forward1 = config_f.get('config', 'forward1')
forward2 = config_f.get('config', 'forward2')
ipmaster = config_f.get('config', 'ipmaster')
ipslave = config_f.get('config', 'ipslave')
localnet = config_f.get('config', 'localnet')
data_center = config_f.get('config', 'data_center')
#Creating data dir
x("mkdir /var/named/chroot/var/named/data")
'''
Depending if the server is an master then new rndc keys are genertaed if now old are done.
If the server is slave the keys have to bee fetch from the master server.
'''
if os.path.exists('/var/named/chroot/etc/rndc_new.key'):
_copy_rndc()
else:
if role == "master":
os.chdir("/tmp")
os.system(
"/usr/sbin/rndc-confgen > /var/named/chroot/etc/rndc_new.key")
general.shell_exec("chown root:named rndc.key")
_copy_rndc()
else:
os.chdir("/var/named/chroot/etc")
scp_from(ipmaster, "/var/named/chroot/etc/rndc_new.key",
"/var/named/chroot/etc/")
def _generate_zone(location):
p = re.compile('[\s]*([\d]*)[\s]*[;][\s]*Serial')
if location == "internal":
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
o.write("view 'internt' {\n")
o.write("match-clients { " + localnet + "; };\n")
o.close()
else:
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
o.write("view 'external' {\n")
o.write("match-clients { any; };\n")
o.close()
'''
Getting records from zone files
and creating zone file for records
'''
for zone in config_f.options('zone'):
rzone = config_f.get('zone', zone)
config_zone.read(app.SYCO_PATH + 'var/dns/' + zone)
print zone
'''
Crating zone file and setting right settings form zone.cfg file
'''
o = open("/var/named/chroot/var/named/data/" + location + "." +
zone + ".zone", "w") #open for write
for line in open(app.SYCO_PATH + "var/dns/template.zone"):
line = line.replace("$IPMASTER$", ipmaster)
line = line.replace("$IPSLAVE$", ipslave)
line = line.replace("$NAMEZONE$", zone)
serial = p.findall(line)
print line
if len(serial) > 0:
line = str(int(serial[0]) + 1) + " ; Serial\n"
o.write(line + "\n")
#Wrinting out arecord to zone file
if location == "internal":
'''
Getting internal network address if thy are any else go back to use external address
Generating A record from domain file and adding them to zone file.
'''
try:
config_zone.options("internal_" + zone + "_arecords")
except ConfigParser.NoSectionError:
for option in config_zone.options(zone + "_arecords"):
o.write(option + "." + zone + "." +
" IN A " +
config_zone.get(zone + "_arecords", option) +
" \n")
print option + "." + zone + "." + "A" + config_zone.get(
zone + "_arecords", option) + "."
if zone == config.general.get_resolv_domain():
servers = config.get_servers()
for hostname in servers:
o.write(hostname + "." + zone + "." +
" IN A " +
config.host(hostname).get_back_ip() +
" \n")
print "INTERNAL" + hostname + config.host(
hostname).get_back_ip()
else:
for option in config_zone.options("internal_" + zone +
"_arecords"):
o.write(option + "." + zone + "." +
" IN A " + config_zone.get(
"internal_" + zone + "_arecords", option) +
" \n")
print option + "." + zone + "." + "A" + config_zone.get(
"internal_" + zone + "_arecords", option) + "."
'''
If domain is the same as local domain
Gett all ip from local servers and add them to records.
'''
if zone == config.general.get_resolv_domain():
servers = config.get_servers()
for hostname in servers:
o.write(hostname + "." + zone + "." +
" IN A " +
config.host(hostname).get_back_ip() +
" \n")
print hostname + config.host(
hostname).get_back_ip()
'''
Getting all Cnames from domain file
If there exist any names for internal network then they are used for inernal viem
Else external names are used.
Cnames are the added to file
'''
try:
config_zone.options("internal_" + zone + "_cname")
except ConfigParser.NoSectionError:
for option in config_zone.options(zone + "_cname"):
out = str(
option) + " IN CNAME " + config_zone.get(
zone + "_cname", option) + "\n"
out2 = out.replace('$DATA_CENTER$', data_center)
o.write(out2)
print out2
else:
for option in config_zone.options("internal_" + zone +
"_cname"):
out = str(option) + " IN CNAME " + str(
config_zone.get("internal_" + zone + "_cname",
option)) + "\n"
out2 = out.replace('$DATA_CENTER$', data_center)
o.write(out2)
print out2
else:
for option in config_zone.options(zone + "_arecords"):
o.write(option + "." + zone + "." + " IN A " +
config_zone.get(zone + "_arecords", option) +
" \n")
print option + "." + zone + "." + "A" + config_zone.get(
zone + "_arecords", option) + "."
for option in config_zone.options(zone + "_cname"):
out = str(option) + " IN CNAME " + str(
config_zone.get(zone + "_cname", option)) + "\n"
out2 = out.replace('$DATA_CENTER$', data_center)
o.write(out2)
print out2
o.close()
'''
Creating zone revers file for recursive getting if domain names.
'''
o = open("/var/named/chroot/var/named/data/" + location + "." +
rzone + ".zone", "w") #open for append
for line in open(app.SYCO_PATH + "var/dns/recursiv-template.zone"):
line = line.replace("$IPMASTER$", ipmaster[::-1])
line = line.replace("$IPSLAVE$", ipslave[::-1])
line = line.replace("$NAMEZONE$", zone)
line = line.replace("$RZONE$", rzone)
serial = p.findall(line)
if len(serial) > 0:
line = str(int(serial[0]) + 1) + " ; Serial\n"
o.write(line + "\n")
o.close()
'''
Adding the new zreated zone files to named.com to be used
'''
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
for line in open(app.SYCO_PATH + "var/dns/" + role + "-zone.conf"):
line = line.replace("$IPMASTER$", ipmaster)
line = line.replace("$IPSLAVE$", ipslave)
line = line.replace("$NAMEZONE$", zone)
line = line.replace("$RZONE$", rzone)
line = line.replace("$LOCATION$", location)
o.write(line + "\n")
o.close()
'''
Adding differin view to the config file
'''
if location == "internal":
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
o.write("}; \n")
o.close()
else:
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
o.write("};\n")
o.close()
'''
Getting namd.conf tamplate and generting new file with right config.
'''
'''
Setting upp named.conf with right settings
'''
o = open("/var/named/chroot/etc/named.conf", "a") #open for append
for line in open(app.SYCO_PATH + "var/dns/" + role + "-named.conf"):
line = line.replace("$IPSLAVE$", ipslave)
line = line.replace("$IPMASTER$", ipmaster)
line = line.replace("$RANGE$", dnsrange)
line = line.replace("$FORWARD1$", forward1)
line = line.replace("$FORWARD2$", forward2)
line = line.replace("$LOCALNET$", localnet)
line = line.replace("$DOMAIN$", config.general.get_resolv_domain())
o.write(line)
o.close()
'''
Chnagin order if ip to match recusrsive lookup
'''
'''
Generating the zone files
IMPORTAND that internal is first
'''
_generate_zone("internal")
_generate_zone("external")
'''
Adding serial number to template
'''
_add_serial("recursiv-template")
_add_serial("template")
'''
Restaring DNS server for action to be loaded
'''
general.shell_exec("/etc/init.d/named restart")
