chore: add current provisioning state before migration

2025-09-22 23:11:41 +01:00 · 2025-09-22 23:11:41 +01:00 · 50745b0f22
commit 50745b0f22
parent a9703b4748
660 changed files with 88126 additions and 0 deletions
--- a/taskservs/coredns/default/Corefile.j2
+++ b/taskservs/coredns/default/Corefile.j2
@ -0,0 +1,29 @@
+{% for entry in taskserv.entries -%}
+{{entry.domain}}:{{entry.port}} {
+  {% if entry.file and entry.file != "" -%}
+    file {{entry.file}}
+    {% endif -%}
+    {% if entry.forward and entry.forward.source != "" -%}
+        {%- if entry.forward.forward_ip -%}
+        {% set forward_ip=entry.forward.forward_ip %}
+        {%- elif server.primary_dns -%}
+        {% set forward_ip=server.primary_dns ~ " " ~ server.secondary_dns %}
+        {%- else -%}
+        {% set forward_ip="" %}
+        {%- endif -%}
+    {%- if forward_ip -%}
+    forward {{entry.forward.source}} {{forward_ip}} {
+    }
+    {% endif -%}
+    {% endif -%}
+    {% if entry.use_log or entry.use_log == "true" -%}
+        log
+    {% endif -%}
+    {% if entry.use_errors or entry.use_errors == "true" -%}
+        errors
+    {% endif -%}
+    {% if entry.use_cache or entry.use_cache == "true" -%}
+        cache
+  {% endif -%}
+}
+{% endfor -%}
--- a/taskservs/coredns/default/coredns.service.j2
+++ b/taskservs/coredns/default/coredns.service.j2
@ -0,0 +1,20 @@
+[Unit]
+Description=CoreDNS DNS server
+Documentation=https://coredns.io
+After=network.target
+
+[Service]
+PermissionsStartOnly=true
+LimitNOFILE=1048576
+LimitNPROC=512
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
+User=coredns
+WorkingDirectory=~
+ExecStart=/usr/local/bin/coredns -conf={{taskserv.etc_corefile}}
+ExecReload=/bin/kill -SIGUSR1 $MAINPID
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
--- a/taskservs/coredns/default/dns.tpl
+++ b/taskservs/coredns/default/dns.tpl
@ -0,0 +1,62 @@
+{% if taskserv.entries[DOMAIN_POS].domain == "$defaults" -%}
+    {% set dns_domain=defaults.main_domain %}
+{%- elif taskserv.entries[DOMAIN_POS].domain == "$server" %}
+    {%- if server.main_domain == "$defaults"or server.main_domain == ""-%}
+        {% set dns_domain=defaults.main_domain %}
+    {%- else -%}
+        {% set dns_domain=server.main_domain %}
+    {%- endif %}
+{%- else -%}
+    {% set dns_domain=taskserv.entries[DOMAIN_POS].domain %}
+{%- endif %}
+$ORIGIN {{dns_domain}}.
+@       3600 IN SOA sns.dns.icann.org. noc.dns.icann.org. (
+            2017042745 ; serial
+            7200       ; refresh (2 hours)
+            3600       ; retry (1 hour)
+            1209600    ; expire (2 weeks)
+            3600       ; minimum (1 hour)
+            )
+        3600 IN NS a.iana-servers.net.
+        3600 IN NS b.iana-servers.net.
+;
+{% if taskserv.entries[DOMAIN_POS] %}
+{%- for record in taskserv.entries[DOMAIN_POS].records %}
+    {%- if defs.servers[record.server_pos] and defs.servers[record.server_pos].hostname -%}
+        {% set hostname = defs.servers[record.server_pos].hostname %}
+    {%- else -%}
+        {% set hostname = "" %}
+    {%- endif -%}
+    {%- if record.source == "$hostname" -%}
+        {% set source = hostname %}
+    {%- else -%}
+        {% set source = record.source %}
+    {%- endif -%}
+    {%- if record.target_ip == "$network_private_ip" and defs.servers[record.server_pos] and defs.servers[record.server_pos].network_private_ip -%}
+        {% set target = defs.servers[record.server_pos].network_private_ip %}
+    {%- elif record.target_ip == "$network_public_ip" and defs.servers[record.server_pos].ip_addresses.pub -%}
+        {% set target = defs.servers[record.server_pos].ip_addresses.pub %}
+    {%- else -%}
+        {% set target = record.target_ip %}
+    {%- endif -%}
+ {% if hostname != "" -%}
+; {{hostname}}
+{%- endif %}
+{% if record.rectype == "A" and source and target -%}
+{{ source }}.{{dns_domain}}. {{record.ttl}} IN A {{target}} 
+{% elif record.rectype == "CNAME" and source and record.value -%}
+{{ source }}.{{dns_domain}}. {{record.ttl}} IN CNAME {{record.value}}
+{% endif -%}
+{%- if hostname != "" and taskserv.entries[DOMAIN_POS].etcd_cluster_name and taskserv.entries[DOMAIN_POS].etcd_cluster_name != "" -%}
+{%- for taskserv in defs.servers[record.server_pos].taskservs -%}
+{%- if taskserv.name != "etcd" -%}{% continue %}{%- endif -%}
+{{ taskserv.entries[DOMAIN_POS].etcd_cluster_name }}.{{dns_domain}}. {{record.ttl}} IN A {{target}} ; {{ hostname }}
+{% break %}
+{%- endfor -%}
+_etcd-server-ssl._tcp.{{dns_domain}}. {{record.etcd_dns_ttl}} IN SRV 0 0 {{record.etcd_peer_port}} {{hostname}}.{{dns_domain}}.
+_etcd-server._tcp.{{dns_domain}}. {{record.etcd_dns_ttl}} IN SRV 0 0 {{record.etcd_peer_port}} {{hostname}}.{{dns_domain}}.
+_etcd-client-ssl._tcp.{{dns_domain}}. {{record.etcd_dns_ttl}} IN SRV 0 0 {{record.etcd_cli_port}} {{hostname}}.{{dns_domain}}.
+_etcd-client._tcp.{{dns_domain}}. {{record.etcd_dns_ttl}} IN SRV  0 0 {{record.etcd_cli_port}} {{hostname}}.{{dns_domain}}.
+{% endif %}
+{%- endfor -%}
+{% endif %}
--- a/taskservs/coredns/default/env-coredns.j2
+++ b/taskservs/coredns/default/env-coredns.j2
@ -0,0 +1,31 @@
+COREDNS_VERSION="{{taskserv.version}}"
+COREDNS_NAME="{{taskserv.name}}"
+COREDNS_FILE="{{taskserv.etc_corefile}}"
+
+NAMESERVERS="{%- for item in taskserv.nameservers -%} 
+{%- if item.ns_ip is starting_with("$servers") -%}
+{% set arr_ns = item.ns_ip | split(pat=".") %}
+{% set pos = arr_ns[1] %}
+{% set ip = arr_ns[2] %}
+{%- if servers[pos] and ip == "$network_private_ip" and servers[pos].network_private_ip -%}
+{{servers[pos].network_private_ip}}
+{%- elif servers[pos] and ip == "$network_public_ip" and settings[pos] and settings[pos].ip_addresses.pub -%} 
+{{settings[pos].ip_addresses.pub}} 
+{%- endif -%}
+{%- else -%}
+{{item.ns_ip}}
+{%- endif -%}
+{%- endfor -%}
+"
+{% if server.main_domain == "$defaults" or server.main_domain == "" %}
+MAIN_DOMAIN_NAME={{server.main_domain}}
+{%- else %}
+MAIN_DOMAIN_NAME={{server.main_domain}}
+{%- endif %}
+{% if taskserv.domains_search == "$defaults" %}
+DOMAINS_SEARCH={{server.domains_search}}
+{%- elif taskserv.domains_search == "$server" %}
+DOMAINS_SEARCH={{server.domains_search}}
+{%- else %}
+DOMAINS_SEARCH={{taskserv.domains_search}}
+{%- endif %}
--- a/taskservs/coredns/default/install-coredns.sh
+++ b/taskservs/coredns/default/install-coredns.sh
@ -0,0 +1,106 @@
+#!/bin/bash
+# Info: Script to install/create/delete/update coredns from file settings 
+# Author: JesusPerezLorenzo  
+# Release: 1.0 
+# Date: 12-11-2024
+
+USAGE="install-coredns.sh install | update | remvoe"
+[ "$1" == "-h"  ] && echo "$USAGE"  && exit 1
+
+[ -r "env-coredns" ] && . ./env-coredns
+
+OS=$(uname | tr '[:upper:]' '[:lower:]')
+ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')"
+CMD_TSKSRVC=${1:-install}
+
+HOSTNAME=$(hostname)
+export LC_CTYPE=C.UTF-8 
+export LANG=C.UTF-8
+
+[ ! -d "/etc/coredns" ] && sudo mkdir  /etc/coredns
+ROOT=$(dirname "$0")
+
+_init() {
+  [ -z "$COREDNS_VERSION" ] || [ -z "$ARCH" ] && exit 1
+  local has_coredns
+  local curr_vers
+  has_coredns=$(type -P coredns)
+  [ -n "$has_coredns" ] && curr_vers=$(coredns -version 2>/dev/null | grep CoreDNS | cut -f2 -d"-" | sed  's/ //g')
+  [ "$curr_vers" == "$COREDNS_VERSION" ] && return
+  [ -n "$has_coredns" ] && sudo timeout -k 10 20 systemctl stop coredns
+  [ ! -d "tmp" ] && mkdir tmp
+  rm -f "tmp/coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz"
+  if ! curl -fsSL https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz -o "tmp/coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz" ; then 
+    echo "Error downloading coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz"
+    exit 1
+  fi
+  if ! tar xzf "tmp/coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz" -C tmp ; then
+    echo "Error extracting coredns_${COREDNS_VERSION}-${ARCH}.tar.gz"
+    exit 1
+  fi
+  rm -f "tmp/coredns_${COREDNS_VERSION}_${OS}_${ARCH}.tgz"
+  [ ! -r "tmp/coredns" ] && echo "Error extracting coredns" && exit 1
+  chmod +x tmp/coredns
+  sudo mv tmp/coredns /usr/local/bin
+  rm -r "tmp"
+}
+_config_coredns() {
+  [ ! -d "/etc/coredns" ] && sudo mkdir /etc/coredns
+
+  has_user=$(sudo grep coredns /etc/passwd)
+  [ -z "$has_user" ] && sudo useradd -d /var/lib/coredns -m coredns
+
+  # [ ! -d "/etc/ssl/coredns" ] && sudo mkdir -p /etc/ssl/coredns
+  sudo cp "$ROOT"/Corefile  /etc/coredns 2>/dev/null
+  sudo cp "$ROOT"/resources/*  /etc/coredns 2>/dev/null
+  sudo rm -f /etc/coredns/*.j2
+  sudo chown -R coredns:coredns /etc/coredns
+
+  if  [ ! -L "/etc/systemd/system/coredns.service" ] ; then 
+    sudo cp coredns.service /lib/systemd/system/coredns.service
+    sudo timeout -k 10 20 systemctl daemon-reload >/dev/null 2>&1
+    #[ ! -L "/etc/systemd/system/coredns.service" ] && sudo ln -s /lib/systemd/system/coredns.service /etc/systemd/system
+  fi
+  sudo timeout -k 10 20 systemctl enable --now coredns >/dev/null 2>&1
+  sudo timeout -k 10 20 systemctl restart coredns >/dev/null 2>&1
+}
+_stop_resolved() {
+  sudo timeout -k 10 20 systemctl stop coredns >/dev/null 2>&1
+  sudo timeout -k 10 20 systemctl disable coredns >/dev/null 2>&1
+  }
+_remove_coredns() {
+  sudo timeout -k 10 20 systemctl stop coredns >/dev/null 2>&1
+  sudo timeout -k 10 20 systemctl disable coredns >/dev/null 2>&1
+}
+_start_coredns() {
+  sudo timeout -k 10 20 systemctl enable coredns >/dev/null 2>&1
+  sudo timeout -k 10 20 systemctl start coredns >/dev/null 2>&1
+}
+_restart_coredns() {
+  sudo timeout -k 10 20 systemctl restart coredns >/dev/null 2>&1
+}
+if [ "$CMD_TSKSRVC" == "config" ] ; then
+  _config_coredns
+  exit
+fi
+if [ "$CMD_TSKSRVC" == "remove" ] ; then
+  _remove_coredns
+  exit
+fi
+if ! _init ; then
+  echo "error coredns init"
+  exit 1
+fi
+if ! _config_coredns ; then
+  echo "error coredns config"
+  exit 1
+fi
+[ "$CMD_TSKSRVC"  == "update" ] &&  _restart_coredns && exit 0
+if ! _stop_resolved ; then 
+  echo "error coredns stop"
+  exit 1
+fi
+if ! _start_coredns ; then 
+  echo "error coredns start"
+  exit 1
+fi
--- a/taskservs/coredns/default/prepare
+++ b/taskservs/coredns/default/prepare
@ -0,0 +1,56 @@
+#!/usr/bin/env nu 
+# Info: Prepare for coredns installation
+# Author: JesusPerezLorenzo 
+# Release: 1.0.2
+# Date: 26-02-2024
+
+use lib_provisioning/cmd/env.nu * 
+use lib_provisioning/cmd/lib.nu *
+
+use lib_provisioning/utils/ui.nu *
+
+print $"(_ansi green_bold)CoreDNS(_ansi reset) with ($env.PROVISIONING_VARS) " 
+
+let run_root = $env.PROVISIONING_WK_ENV_PATH
+
+if $env.PROVISIONING_RESOURCES == null { 
+  print $"🛑 PROVISIONING_RESOURCES not found"  
+  exit 1
+}
+
+#let resources_path = ($env.PROVISIONING_SETTINGS_SRC_PATH | path join "resources")
+let resources_path = ($run_root | path join "resources")
+
+if not ($resources_path | path exists) {  ^mkdir -p $resources_path  }
+
+if not ($resources_path | path exists) {
+  print $"🛑 Path ($resources_path | path dirname) not found"  
+  exit 1
+}
+
+let dns_tpl = ($run_root | path join "dns.tpl")
+if not ($dns_tpl | path exists) {
+  print $"🛑 dns.tpl not found in ($run_root)"  
+  exit 1
+}
+
+let defs = load_defs
+
+$defs.taskserv.entries | enumerate | each {|it| 
+  let filename = ($it.item | get -i file | default "")
+  let domain = ($it.item |  get -i domain | default "")
+  if $filename != "" and $domain != "" {
+    let resources_filename_path = ($resources_path | path join $"($filename | path basename).j2")
+    cp $dns_tpl $resources_filename_path
+    if not ($resources_filename_path | path exists) {
+      print $"🛑 Path ($resources_filename_path) not found for ($it.index)"  
+      exit 1
+    }
+   (open -r $resources_filename_path | str replace --all "DOMAIN_NAME" $domain | str replace --all "DOMAIN_POS" $"($it.index)" 
+     | save --force $resources_filename_path )
+    #^sed -i $"\"s/DOMAIN_NAME/($domain)/g\"" $resources_filename_path
+    #^sed -i $"\"s/DOMAIN_POS/($it.index)/g\"" $resources_filename_path
+    # Clean up and compact lines
+    #^sed -i -e '/\S/!d' $resources_filename_path  #2>/dev/null
+  }
+}