bind: Replace config in setup

2026-03-11 09:04:54 +00:00 · 2017-01-05 21:57:24 +05:30 · 2017-01-05 21:57:24 +05:30 · d4b0809db0
commit d4b0809db0
parent e0abdbd0e9
4 changed files with 44 additions and 29 deletions
--- a/actions/bind
+++ b/actions/bind
@ -27,12 +27,41 @@ from plinth import action_utils


 CONFIG_FILE = '/etc/bind/named.conf.options'
-
-value1 = 'acl goodclients { \n   localnets;\n};\n'
-value2 = '        recursion yes;\n           allow-query { goodclients; };\n\n'
-value3 = '	// 	8.8.8.8; 8.8.4.4;\n'
-value4 = '	//forward first;\n'
-value5 = '  //dnssec-enable yes;\n'
+default_file = '\n'+\
+'acl goodclients {\n'+\
+'   localnets;\n'+\
+'};\n'+\
+'options {\n'+\
+'directory "/var/cache/bind";\n'+\
+'\n'+\
+'recursion yes;\n'+\
+'allow-query { goodclients; };\n'+\
+'\n'+\
+'// If there is a firewall between you and nameservers you want\n'+\
+'// to talk to, you may need to fix the firewall to allow multiple\n'+\
+'// ports to talk.  See http://www.kb.cert.org/vuls/id/800113\n'+\
+'\n'+\
+'// If your ISP provided one or more IP addresses for stable\n'+\
+'// nameservers, you probably want to use them as forwarders.\n'+\
+'// Uncomment the following block, and insert the addresses replacing\n'+\
+"// the all-0's placeholder.\n"+\
+'\n'+\
+'forwarders {\n'+\
+'8.8.8.8; 8.8.4.4;\n'+\
+'};\n'+\
+'forward first;\n'+\
+'\n'+\
+'dnssec-enable yes;\n'+\
+'//========================================================================\n'+\
+'// If BIND logs error messages about the root key being expired,\n'+\
+'// you will need to update your keys.  See https://www.isc.org/bind-keys\n'+\
+'//========================================================================\n'+\
+'dnssec-validation auto;\n'+\
+'\n'+\
+'auth-nxdomain no;    # conform to RFC1035\n'+\
+'listen-on-v6 { any; };\n'+\
+'};\n'+\
+'\n'

 def parse_arguments():
    """Return parsed command line arguments as dictionary"""
@ -54,22 +83,9 @@ def parse_arguments():

 def subcommand_setup(_):
    """Setup BIND configuration."""
-    f = open(CONFIG_FILE, "r")
-    contents = f.readlines()
-    f.close()
-
-    contents.insert(0, value1)
-    contents.insert(4, value2)
-    contents.insert(15, value3)
-    contents.insert(18, value4)
-    contents.insert(20, value5)
-
    f = open(CONFIG_FILE, "w")
-    contents = "".join(contents)
-    f.write(contents)
+    f.write(default_file)
    f.close()
-    set_forwarding(True)
-    enable_dnssec(True)
    action_utils.service_restart('bind9')

 def subcommand_dns(arguments):
--- a/plinth/modules/bind/init.py
+++ b/plinth/modules/bind/init.py
@ -136,9 +136,9 @@ def get_default():

        if flag == 1:
            if '//' in line:
-                dns_set = ''
+                forwarders = ''
            else:
-                dns_set = re.sub('[;]', '', line)
+                forwarders = re.sub('[;]', '', line)
            flag = 0
        if 'forwarders {' in line:
            flag = 1
@ -146,7 +146,7 @@ def get_default():
    conf = {
            'set_forwarding': set_forwarding,
            'enable_dnssec': enable_dnssec,
-            'dns_set': dns_set
+            'forwarders': forwarders
            }
    return conf

--- a/plinth/modules/bind/forms.py
+++ b/plinth/modules/bind/forms.py
@ -39,7 +39,6 @@ class BindForm(ServiceForm):
        required=False,
        help_text=_('Enable Domain Name System Security Extensions'))

-    dns_set = forms.CharField(
-        label=_('Set DNS server'),
+    forwarders = forms.CharField(
        required=False,
        help_text=_('Set new DNS server'))
--- a/plinth/modules/bind/views.py
+++ b/plinth/modules/bind/views.py
@ -67,17 +67,17 @@ class BindServiceView(ServiceView): # pylint: disable=too-many-ancestors



-        if old_config['dns_set'] != data['dns_set'] and old_config['dns_set'] is not '':
-            if validate(data['dns_set']) is True:
+        if old_config['forwarders'] != data['forwarders'] and old_config['forwarders'] is not '':
+            if validate(data['forwarders']) is True:
                actions.superuser_run(
                    'bind',
-                    ['dns', '--set', data['dns_set']])
+                    ['dns', '--set', data['forwarders']])
                messages.success(self.request,
                                 _('DNS server configuration updated'))
            else:
                messages.error(self.request,
                                 _('Enter a valid IPv4 or IPv6 address.'))
-        elif old_config['dns_set'] is '' and old_config['dns_set'] != data['dns_set']:
+        elif old_config['forwarders'] is '' and old_config['forwarders'] != data['forwarders']:
            messages.error(self.request,
                             _('Enable forwarding to set forwarding DNS servers'))