From 570bcde9eddf8f4c6639a8c27dbe869f3bc31f4a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 19:32:15 -0400 Subject: [PATCH] propellor spin --- src/Propellor/Property/Dns.hs | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index b85c715..6375259 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -39,6 +39,9 @@ import Data.List -- Will cause that hostmame and its alias to appear in the zone file, -- with the configured IP address. -- +-- Also, if a host has a ssh public key configured, a SSHFP record will +-- be automatically generated for it. +-- -- The [(BindDomain, Record)] list can be used for additional records -- that cannot be configured elsewhere. This often includes NS records, -- TXT records and perhaps CNAMEs pointing at hosts that propellor does @@ -77,8 +80,7 @@ setupPrimary zonefile mknamedconffile hosts domain soa rs = baseprop = Property ("dns primary for " ++ domain) satisfy (addNamedConf conf) satisfy = do - sshfps <- zip (repeat (AbsDomain domain)) . concat - <$> mapM genSSHFP indomain + sshfps <- concat <$> mapM genSSHFP indomain let zone = partialzone { zHosts = zHosts partialzone ++ rs ++ sshfps } ifM (liftIO $ needupdate zone) @@ -419,10 +421,11 @@ type WarningMessage = String -- ssh public keys. -- -- This is done using ssh-keygen, so sadly needs IO. -genSSHFP :: Host -> Propellor [Record] -genSSHFP h = concat <$> (gen =<< get) +genSSHFP :: Host -> Propellor [(BindDomain, Record)] +genSSHFP h = map (\r -> (AbsDomain hostname, r)) . concat <$> (gen =<< get) where - get = fromHost [h] (hostName h) Ssh.getPubKey + hostname = hostName h + get = fromHost [h] hostname Ssh.getPubKey gen = liftIO . mapM go . M.elems . fromMaybe M.empty go pubkey = withTmpFile "sshfp" $ \tmp tmph -> do hPutStrLn tmph pubkey