From d6bce63fe082ab7518d897fdca29d4acc12d77d1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:11:34 -0400 Subject: [PATCH 01/14] typo --- Propellor/Property/Dns.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 0708417..5779396 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -36,7 +36,7 @@ import Data.List -- Will cause that hostmame and its alias to appear in the zone file, -- with the configured IP address. -- --- The [(Domain, Record)] list can be used for additional records +-- The [(BindDomain, Record)] list can be used for additional records -- that cannot be configured elsewhere. For example, it might contain -- CNAMEs pointing at hosts that propellor does not control. primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property From ddd4f6402d4def82307a27cb34c4b1cfd37a0b5a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:12:27 -0400 Subject: [PATCH 02/14] typo --- Propellor/Property/Dns.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 5779396..55b63c5 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -151,7 +151,7 @@ namedConfFile = "/etc/bind/named.conf.local" -- repository to the SerialNumber. -- -- Handy trick: You don't need to list IPAddrs in the [Record], --- just make some Host sets its `alias` to the root of domain. +-- just make some Host set its `alias` to the root of domain. mkSOA :: Domain -> SerialNumber -> [Record] -> SOA mkSOA d sn rs = SOA { sDomain = AbsDomain d From d9706c33484069eb98508d9d73998795e0d742f7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:12:54 -0400 Subject: [PATCH 03/14] unused --- Propellor/Property/Dns.hs | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 55b63c5..5c57fcb 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -4,7 +4,6 @@ module Propellor.Property.Dns ( secondary, secondaryFor, mkSOA, - rootAddressesFrom, writeZoneFile, nextSerialNumber, adjustSerialNumber, @@ -165,9 +164,6 @@ mkSOA d sn rs = SOA where hours n = n * 60 * 60 -rootAddressesFrom :: [Host] -> HostName -> [Record] -rootAddressesFrom hosts hn = map Address (hostAddresses hn hosts) - dValue :: BindDomain -> String dValue (RelDomain d) = d dValue (AbsDomain d) = d ++ "." From 557ed14301741a954985bc5bcf8c4041caefd7b5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:13:42 -0400 Subject: [PATCH 04/14] format --- Propellor/Property/Dns.hs | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 5c57fcb..9e12763 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -194,10 +194,9 @@ rValue (TXT s) = [q] ++ filter (/= q) s ++ [q] where q = '"' --- | Adjusts the serial number of the zone to --- --- * Always be larger than the serial number in the Zone record. --- * Always be larger than the passed SerialNumber +-- | Adjusts the serial number of the zone to always be larger +-- than the serial number in the Zone record, +-- and always be larger than the passed SerialNumber. nextSerialNumber :: Zone -> SerialNumber -> Zone nextSerialNumber z serial = adjustSerialNumber z $ \sn -> succ $ max sn serial From 02900b000e556af18f2d38c2ef4184a2ce27cf46 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:14:26 -0400 Subject: [PATCH 05/14] export --- Propellor/Property/Dns.hs | 1 + 1 file changed, 1 insertion(+) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 9e12763..0813e61 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -8,6 +8,7 @@ module Propellor.Property.Dns ( nextSerialNumber, adjustSerialNumber, serialNumberOffset, + WarningMessage, genZone, ) where From cd10b5e2ed2a5e4053ae733a7c8961303f2dcb35 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 03:32:17 -0400 Subject: [PATCH 06/14] improve docs --- Propellor/Types.hs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Propellor/Types.hs b/Propellor/Types.hs index 0e412e8..22df9dd 100644 --- a/Propellor/Types.hs +++ b/Propellor/Types.hs @@ -5,6 +5,7 @@ module Propellor.Types ( Host(..) , Attr + , SetAttr , Propellor(..) , Property(..) , RevertableProperty(..) @@ -56,7 +57,7 @@ data Property = Property , propertySatisfy :: Propellor Result -- ^ must be idempotent; may run repeatedly , propertyAttr :: SetAttr - -- ^ a property can affect the overall Attr + -- ^ a property can set an Attr on the host that has the property. } -- | A property that can be reverted. From 2279979d32b252d826c23288bb90a723d6a1147d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 10:47:38 -0400 Subject: [PATCH 07/14] Removed root domain records from SOA. Instead, use RootDomain when calling Dns.primary. --- Propellor/Property/Dns.hs | 62 ++++++++++++++++----------------------- Propellor/Types/Dns.hs | 7 ++--- config-joey.hs | 17 +++++------ debian/changelog | 7 +++++ propellor.cabal | 2 +- 5 files changed, 45 insertions(+), 50 deletions(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 0813e61..b9738e4 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -149,18 +149,14 @@ namedConfFile = "/etc/bind/named.conf.local" -- You do not need to increment the SerialNumber when making changes! -- Propellor will automatically add the number of commits in the git -- repository to the SerialNumber. --- --- Handy trick: You don't need to list IPAddrs in the [Record], --- just make some Host set its `alias` to the root of domain. -mkSOA :: Domain -> SerialNumber -> [Record] -> SOA -mkSOA d sn rs = SOA +mkSOA :: Domain -> SerialNumber -> SOA +mkSOA d sn = SOA { sDomain = AbsDomain d , sSerial = sn , sRefresh = hours 4 , sRetry = hours 1 , sExpire = 2419200 -- 4 weeks , sNegativeCacheTTL = hours 8 - , sRecord = rs } where hours n = n * 60 * 60 @@ -168,7 +164,7 @@ mkSOA d sn rs = SOA dValue :: BindDomain -> String dValue (RelDomain d) = d dValue (AbsDomain d) = d ++ "." -dValue (SOADomain) = "@" +dValue (RootDomain) = "@" rField :: Record -> String rField (Address (IPv4 _)) = "A" @@ -246,43 +242,37 @@ readZonePropellorFile f = catchDefaultIO Nothing $ -- | Generating a zone file. genZoneFile :: Zone -> String genZoneFile (Zone zdomain soa rs) = unlines $ - header : genSOA zdomain soa ++ map genr rs + header : genSOA soa ++ map (genRecord zdomain) rs where header = com $ "BIND zone file for " ++ zdomain ++ ". Generated by propellor, do not edit." - genr (d, r) = genRecord zdomain (Just d, r) - -genRecord :: Domain -> (Maybe BindDomain, Record) -> String -genRecord zdomain (mdomain, record) = intercalate "\t" - [ hn +genRecord :: Domain -> (BindDomain, Record) -> String +genRecord zdomain (domain, record) = intercalate "\t" + [ domainHost zdomain domain , "IN" , rField record , rValue record ] - where - hn = maybe "" (domainHost zdomain) mdomain -genSOA :: Domain -> SOA -> [String] -genSOA zdomain soa = - header ++ map (genRecord zdomain) (zip (repeat Nothing) (sRecord soa)) - where - header = - -- "@ IN SOA ns1.example.com. root (" - [ intercalate "\t" - [ dValue SOADomain - , "IN" - , "SOA" - , dValue (sDomain soa) - , "root" - , "(" - ] - , headerline sSerial "Serial" - , headerline sRefresh "Refresh" - , headerline sRetry "Retry" - , headerline sExpire "Expire" - , headerline sNegativeCacheTTL "Negative Cache TTL" - , inheader ")" +genSOA :: SOA -> [String] +genSOA soa = + -- "@ IN SOA ns1.example.com. root (" + [ intercalate "\t" + [ dValue RootDomain + , "IN" + , "SOA" + , dValue (sDomain soa) + , "root" + , "(" ] + , headerline sSerial "Serial" + , headerline sRefresh "Refresh" + , headerline sRetry "Retry" + , headerline sExpire "Expire" + , headerline sNegativeCacheTTL "Negative Cache TTL" + , inheader ")" + ] + where headerline r comment = inheader $ show (r soa) ++ "\t\t" ++ com comment inheader l = "\t\t\t" ++ l @@ -357,7 +347,7 @@ inDomain _ _ = False -- can't tell, so assume not -- suitable for using in a zone file. domainHost :: Domain -> BindDomain -> String domainHost _ (RelDomain d) = d -domainHost _ SOADomain = "@" +domainHost _ RootDomain = "@" domainHost base (AbsDomain d) | dotbase `isSuffixOf` d = take (length d - length dotbase) d | base == d = "@" diff --git a/Propellor/Types/Dns.hs b/Propellor/Types/Dns.hs index e367202..9b2ad1e 100644 --- a/Propellor/Types/Dns.hs +++ b/Propellor/Types/Dns.hs @@ -43,8 +43,6 @@ data SOA = SOA , sRetry :: Integer , sExpire :: Integer , sNegativeCacheTTL :: Integer - , sRecord :: [Record] - -- ^ Records for the root of the domain. Typically NS, A, TXT } deriving (Read, Show, Eq) @@ -76,6 +74,7 @@ type SerialNumber = Word32 -- Let's use a type to keep absolute domains straight from relative -- domains. -- --- The SOADomain refers to the root SOA record. -data BindDomain = RelDomain Domain | AbsDomain Domain | SOADomain +-- The RootDomain refers to the top level of the domain, so can be used +-- to add nameservers, MX's, etc to a domain. +data BindDomain = RelDomain Domain | AbsDomain Domain | RootDomain deriving (Read, Show, Eq, Ord) diff --git a/config-joey.hs b/config-joey.hs index 1bda9dd..e0973f9 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -124,15 +124,14 @@ hosts = -- (o) ` & myDnsSecondary & Dns.primary hosts "olduse.net" - ( Dns.mkSOA "ns1.kitenet.net" 100 - [ NS (AbsDomain "ns1.kitenet.net") - , NS (AbsDomain "ns6.gandi.net") - , NS (AbsDomain "ns2.kitenet.net") - , MX 0 (AbsDomain "kitenet.net") - , TXT "v=spf1 a -all" - ] - ) - [ (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") ] + (Dns.mkSOA "ns1.kitenet.net" 100) + [ (RootDomain, NS $ AbsDomain "ns1.kitenet.net") + , (RootDomain, NS $ AbsDomain "ns6.gandi.net") + , (RootDomain, NS $ AbsDomain "ns2.kitenet.net") + , (RootDomain, MX 0 $ AbsDomain "kitenet.net") + , (RootDomain, TXT "v=spf1 a -all") + , (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") + ] & Apt.installed ["ntop"] diff --git a/debian/changelog b/debian/changelog index beaca78..e84c321 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +propellor (0.5.0) UNRELEASED; urgency=medium + + * Removed root domain records from SOA. Instead, use RootDomain + when calling Dns.primary. + + -- Joey Hess Sat, 19 Apr 2014 10:46:35 -0400 + propellor (0.4.0) unstable; urgency=medium * Propellor can configure primary DNS servers, including generating diff --git a/propellor.cabal b/propellor.cabal index 68d7fb7..bc9f773 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 0.4.0 +Version: 0.5.0 Cabal-Version: >= 1.6 License: GPL Maintainer: Joey Hess From fffa3e003a993f889831a7e897259c20d974ef75 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:00:48 -0400 Subject: [PATCH 08/14] Dns primary and secondary properties are now revertable. --- Propellor/Property/Dns.hs | 46 ++++++++++++++++++++++++++------------- config-joey.hs | 2 +- debian/changelog | 1 + 3 files changed, 33 insertions(+), 16 deletions(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index b9738e4..0cf2e13 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -39,11 +39,18 @@ import Data.List -- The [(BindDomain, Record)] list can be used for additional records -- that cannot be configured elsewhere. For example, it might contain -- CNAMEs pointing at hosts that propellor does not control. -primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property -primary hosts domain soa rs = withwarnings (check needupdate baseprop) - `requires` servingZones - `onChange` Service.reloaded "bind9" +primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty +primary hosts domain soa rs = RevertableProperty setup cleanup where + setup = withwarnings (check needupdate baseprop) + `requires` servingZones + `onChange` Service.reloaded "bind9" + cleanup = check (doesFileExist zonefile) $ + property ("removed dns primary for " ++ domain) + (makeChange $ removeZoneFile zonefile) + `requires` namedConfWritten + `onChange` Service.reloaded "bind9" + (partialzone, warnings) = genZone hosts domain soa zone = partialzone { zHosts = zHosts partialzone ++ rs } zonefile = "/etc/bind/propellor/db." ++ domain @@ -77,7 +84,7 @@ primary hosts domain soa rs = withwarnings (check needupdate baseprop) -- -- Note that if a host is declared to be a primary and a secondary dns -- server for the same domain, the primary server config always wins. -secondary :: [Host] -> Domain -> Property +secondary :: [Host] -> Domain -> RevertableProperty secondary hosts domain = secondaryFor masters hosts domain where masters = M.keys $ M.filter ismaster $ hostAttrMap hosts @@ -87,10 +94,13 @@ secondary hosts domain = secondaryFor masters hosts domain -- | This variant is useful if the primary server does not have its DNS -- configured via propellor. -secondaryFor :: [HostName] -> [Host] -> Domain -> Property -secondaryFor masters hosts domain = pureAttrProperty desc (addNamedConf conf) - `requires` servingZones +secondaryFor :: [HostName] -> [Host] -> Domain -> RevertableProperty +secondaryFor masters hosts domain = RevertableProperty setup cleanup where + setup = pureAttrProperty desc (addNamedConf conf) + `requires` servingZones + cleanup = namedConfWritten + desc = "dns secondary for " ++ domain conf = NamedConf { confDomain = domain @@ -104,15 +114,16 @@ secondaryFor masters hosts domain = pureAttrProperty desc (addNamedConf conf) -- configured by `primary` and `secondary`, and ensures that bind9 is -- running. servingZones :: Property -servingZones = property "serving configured dns zones" go +servingZones = namedConfWritten `requires` Apt.serviceInstalledRunning "bind9" `onChange` Service.reloaded "bind9" - where - go = do - zs <- getNamedConf - ensureProperty $ - hasContent namedConfFile $ - concatMap confStanza $ M.elems zs + +namedConfWritten :: Property +namedConfWritten = property "named.conf configured" $ do + zs <- getNamedConf + ensureProperty $ + hasContent namedConfFile $ + concatMap confStanza $ M.elems zs confStanza :: NamedConf -> [Line] confStanza c = @@ -223,6 +234,11 @@ writeZoneFile z f = do writeFile f (genZoneFile z') writeZonePropellorFile f z' +removeZoneFile :: FilePath -> IO () +removeZoneFile f = do + nukeFile f + nukeFile (zonePropellorFile f) + -- | Next to the zone file, is a ".propellor" file, which contains -- the serialized Zone. This saves the bother of parsing -- the horrible bind zone file format. diff --git a/config-joey.hs b/config-joey.hs index e0973f9..1f1b6c1 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -245,7 +245,7 @@ cleanCloudAtCost = propertyList "cloudatcost cleanup" ] myDnsSecondary :: Property -myDnsSecondary = propertyList "dns secondary for all my domains" +myDnsSecondary = propertyList "dns secondary for all my domains" $ map toProp [ Dns.secondaryFor wren hosts "kitenet.net" , Dns.secondaryFor wren hosts "joeyh.name" , Dns.secondaryFor wren hosts "ikiwiki.info" diff --git a/debian/changelog b/debian/changelog index e84c321..8f1e5f5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ propellor (0.5.0) UNRELEASED; urgency=medium * Removed root domain records from SOA. Instead, use RootDomain when calling Dns.primary. + * Dns primary and secondary properties are now revertable. -- Joey Hess Sat, 19 Apr 2014 10:46:35 -0400 From 10c5c1d2310387de502a377e31ce1e5104b51acc Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:00:53 -0400 Subject: [PATCH 09/14] propellor spin From a381b58d61867a1c02d8476df19014e450d57ea8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:06:28 -0400 Subject: [PATCH 10/14] propellor spin --- Propellor/Attr.hs | 2 +- config-joey.hs | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Propellor/Attr.hs b/Propellor/Attr.hs index 05ea3ff..acaf28d 100644 --- a/Propellor/Attr.hs +++ b/Propellor/Attr.hs @@ -43,7 +43,7 @@ ipv6 addr = pureAttrProperty ("ipv6 " ++ addr) -- | Indicates another name for the host in the DNS. alias :: Domain -> Property -alias domain = pureAttrProperty ("aka " ++ domain) +alias domain = pureAttrProperty ("alias " ++ domain) (addDNS $ CNAME $ AbsDomain domain) addDNS :: Record -> SetAttr diff --git a/config-joey.hs b/config-joey.hs index 1f1b6c1..d67e3ae 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -46,6 +46,7 @@ hosts = -- (o) ` & Network.ipv6to4 & Tor.isBridge & Postfix.satellite + & myDnsSecondary & Docker.configured & alias "shell.olduse.net" From 7273d18461ce548f5ca30bfd797633eafe4e0a0b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:23:09 -0400 Subject: [PATCH 11/14] propellor spin --- config-joey.hs | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index d67e3ae..2f33aa3 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -23,6 +23,9 @@ import qualified Propellor.Property.SiteSpecific.GitHome as GitHome import qualified Propellor.Property.SiteSpecific.GitAnnexBuilder as GitAnnexBuilder import qualified Propellor.Property.SiteSpecific.JoeySites as JoeySites +main :: IO () +main = defaultMain hosts + -- _ ______`| ,-.__ {- Propellor -- / \___-=O`/|O`/__| (____.' @@ -46,7 +49,6 @@ hosts = -- (o) ` & Network.ipv6to4 & Tor.isBridge & Postfix.satellite - & myDnsSecondary & Docker.configured & alias "shell.olduse.net" @@ -62,6 +64,9 @@ hosts = -- (o) ` -- I'd rather this were on diatom, but it needs unstable. & alias "kgb.kitenet.net" & JoeySites.kgbServer + + & alias "ns9.kitenet.net" + & myDnsSecondary & Docker.garbageCollected `period` Daily & Apt.installed ["git-annex", "mtr", "screen"] @@ -123,12 +128,13 @@ hosts = -- (o) ` & alias "resources.olduse.net" & JoeySites.oldUseNetServer hosts + & alias "ns2.kitenet.net" & myDnsSecondary & Dns.primary hosts "olduse.net" (Dns.mkSOA "ns1.kitenet.net" 100) - [ (RootDomain, NS $ AbsDomain "ns1.kitenet.net") + [ (RootDomain, NS $ AbsDomain "ns2.kitenet.net") , (RootDomain, NS $ AbsDomain "ns6.gandi.net") - , (RootDomain, NS $ AbsDomain "ns2.kitenet.net") + , (RootDomain, NS $ AbsDomain "ns9.kitenet.net") , (RootDomain, MX 0 $ AbsDomain "kitenet.net") , (RootDomain, TXT "v=spf1 a -all") , (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") @@ -257,9 +263,6 @@ myDnsSecondary = propertyList "dns secondary for all my domains" $ map toProp wren = ["wren.kitenet.net"] branchable = ["branchable.com"] -main :: IO () -main = defaultMain hosts - -- o @@ -287,6 +290,8 @@ monsters = -- but do want to track their public keys etc. & ipv4 "80.68.85.49" & ipv6 "2001:41c8:125:49::10" & alias "kite.kitenet.net" + & alias "kitenet.net" + & alias "ns1.kitenet.net" , host "branchable.com" & ipv4 "66.228.46.55" & ipv6 "2600:3c03::f03c:91ff:fedf:c0e5" From 2d175089e0f19973a03d3975e3e5c09ea7ea8631 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:30:33 -0400 Subject: [PATCH 12/14] propellor spin --- config-joey.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-joey.hs b/config-joey.hs index 2f33aa3..dd84864 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -131,7 +131,7 @@ hosts = -- (o) ` & alias "ns2.kitenet.net" & myDnsSecondary & Dns.primary hosts "olduse.net" - (Dns.mkSOA "ns1.kitenet.net" 100) + (Dns.mkSOA "ns2.kitenet.net" 100) [ (RootDomain, NS $ AbsDomain "ns2.kitenet.net") , (RootDomain, NS $ AbsDomain "ns6.gandi.net") , (RootDomain, NS $ AbsDomain "ns9.kitenet.net") From d6640c6b857d494f87fbcd15e5dffa46b81a1b60 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:32:00 -0400 Subject: [PATCH 13/14] propellor spin From a2ef91929a19c4b70877691a66074fc42a9488ea Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 11:42:31 -0400 Subject: [PATCH 14/14] docs --- Propellor/Property/Dns.hs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 0cf2e13..73d427c 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -37,8 +37,9 @@ import Data.List -- with the configured IP address. -- -- The [(BindDomain, Record)] list can be used for additional records --- that cannot be configured elsewhere. For example, it might contain --- CNAMEs pointing at hosts that propellor does not control. +-- that cannot be configured elsewhere. This often includes NS records, +-- TXT records and perhaps CNAMEs pointing at hosts that propellor does +-- not control. primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty primary hosts domain soa rs = RevertableProperty setup cleanup where