diff --git a/actions/bind b/actions/bind index 14244bda1..a90cba208 100755 --- a/actions/bind +++ b/actions/bind @@ -27,12 +27,41 @@ from plinth import action_utils CONFIG_FILE = '/etc/bind/named.conf.options' - -value1 = 'acl goodclients { \n localnets;\n};\n' -value2 = ' recursion yes;\n allow-query { goodclients; };\n\n' -value3 = ' // 8.8.8.8; 8.8.4.4;\n' -value4 = ' //forward first;\n' -value5 = ' //dnssec-enable yes;\n' +default_file = '\n'+\ +'acl goodclients {\n'+\ +' localnets;\n'+\ +'};\n'+\ +'options {\n'+\ +'directory "/var/cache/bind";\n'+\ +'\n'+\ +'recursion yes;\n'+\ +'allow-query { goodclients; };\n'+\ +'\n'+\ +'// If there is a firewall between you and nameservers you want\n'+\ +'// to talk to, you may need to fix the firewall to allow multiple\n'+\ +'// ports to talk. See http://www.kb.cert.org/vuls/id/800113\n'+\ +'\n'+\ +'// If your ISP provided one or more IP addresses for stable\n'+\ +'// nameservers, you probably want to use them as forwarders.\n'+\ +'// Uncomment the following block, and insert the addresses replacing\n'+\ +"// the all-0's placeholder.\n"+\ +'\n'+\ +'forwarders {\n'+\ +'8.8.8.8; 8.8.4.4;\n'+\ +'};\n'+\ +'forward first;\n'+\ +'\n'+\ +'dnssec-enable yes;\n'+\ +'//========================================================================\n'+\ +'// If BIND logs error messages about the root key being expired,\n'+\ +'// you will need to update your keys. See https://www.isc.org/bind-keys\n'+\ +'//========================================================================\n'+\ +'dnssec-validation auto;\n'+\ +'\n'+\ +'auth-nxdomain no; # conform to RFC1035\n'+\ +'listen-on-v6 { any; };\n'+\ +'};\n'+\ +'\n' def parse_arguments(): """Return parsed command line arguments as dictionary""" @@ -54,22 +83,9 @@ def parse_arguments(): def subcommand_setup(_): """Setup BIND configuration.""" - f = open(CONFIG_FILE, "r") - contents = f.readlines() - f.close() - - contents.insert(0, value1) - contents.insert(4, value2) - contents.insert(15, value3) - contents.insert(18, value4) - contents.insert(20, value5) - f = open(CONFIG_FILE, "w") - contents = "".join(contents) - f.write(contents) + f.write(default_file) f.close() - set_forwarding(True) - enable_dnssec(True) action_utils.service_restart('bind9') def subcommand_dns(arguments): diff --git a/plinth/modules/bind/__init__.py b/plinth/modules/bind/__init__.py index 769697fc4..f15834ce0 100644 --- a/plinth/modules/bind/__init__.py +++ b/plinth/modules/bind/__init__.py @@ -136,9 +136,9 @@ def get_default(): if flag == 1: if '//' in line: - dns_set = '' + forwarders = '' else: - dns_set = re.sub('[;]', '', line) + forwarders = re.sub('[;]', '', line) flag = 0 if 'forwarders {' in line: flag = 1 @@ -146,7 +146,7 @@ def get_default(): conf = { 'set_forwarding': set_forwarding, 'enable_dnssec': enable_dnssec, - 'dns_set': dns_set + 'forwarders': forwarders } return conf diff --git a/plinth/modules/bind/forms.py b/plinth/modules/bind/forms.py index ed4764d51..02d483bfa 100644 --- a/plinth/modules/bind/forms.py +++ b/plinth/modules/bind/forms.py @@ -39,7 +39,6 @@ class BindForm(ServiceForm): required=False, help_text=_('Enable Domain Name System Security Extensions')) - dns_set = forms.CharField( - label=_('Set DNS server'), + forwarders = forms.CharField( required=False, help_text=_('Set new DNS server')) diff --git a/plinth/modules/bind/views.py b/plinth/modules/bind/views.py index 503293510..c39836f21 100644 --- a/plinth/modules/bind/views.py +++ b/plinth/modules/bind/views.py @@ -67,17 +67,17 @@ class BindServiceView(ServiceView): # pylint: disable=too-many-ancestors - if old_config['dns_set'] != data['dns_set'] and old_config['dns_set'] is not '': - if validate(data['dns_set']) is True: + if old_config['forwarders'] != data['forwarders'] and old_config['forwarders'] is not '': + if validate(data['forwarders']) is True: actions.superuser_run( 'bind', - ['dns', '--set', data['dns_set']]) + ['dns', '--set', data['forwarders']]) messages.success(self.request, _('DNS server configuration updated')) else: messages.error(self.request, _('Enter a valid IPv4 or IPv6 address.')) - elif old_config['dns_set'] is '' and old_config['dns_set'] != data['dns_set']: + elif old_config['forwarders'] is '' and old_config['forwarders'] != data['forwarders']: messages.error(self.request, _('Enable forwarding to set forwarding DNS servers'))