8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-30 08:32:26 +00:00

Merge branch 'dnssec_options' into 'dev'

Dnssec options

See merge request federez/re2o!194
This commit is contained in:
chirac 2018-08-04 14:26:35 +02:00
commit cf3edceff5
9 changed files with 140 additions and 8 deletions

View file

@ -829,6 +829,25 @@ class DNSZonesSerializer(serializers.ModelSerializer):
'aaaa_records', 'cname_records', 'sshfp_records') 'aaaa_records', 'cname_records', 'sshfp_records')
class DNSReverseZonesSerializer(serializers.ModelSerializer):
"""Serialize the data about DNS Zones.
"""
soa = SOARecordSerializer(source='extension.soa')
extension = serializers.CharField(source='extension.name', read_only=True)
cidrs = serializers.ListField(child=serializers.CharField(), source='ip_set_cidrs_as_str', read_only=True)
ns_records = NSRecordSerializer(many=True, source='extension.ns_set')
mx_records = MXRecordSerializer(many=True, source='extension.mx_set')
txt_records = TXTRecordSerializer(many=True, source='extension.txt_set')
ptr_records = ARecordSerializer(many=True, source='get_associated_ptr_records')
ptr_v6_records = AAAARecordSerializer(many=True, source='get_associated_ptr_v6_records')
class Meta:
model = machines.IpType
fields = ('type', 'extension', 'soa', 'ns_records', 'mx_records',
'txt_records', 'ptr_records', 'ptr_v6_records', 'cidrs',
'prefix_v6')
# MAILING # MAILING

View file

@ -105,6 +105,7 @@ router.register_view(r'localemail/users', views.LocalEmailUsersView),
router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView), router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
# DNS # DNS
router.register_view(r'dns/zones', views.DNSZonesView), router.register_view(r'dns/zones', views.DNSZonesView),
router.register_view(r'dns/reverse-zones', views.DNSReverseZonesView),
# MAILING # MAILING
router.register_view(r'mailing/standard', views.StandardMailingView), router.register_view(r'mailing/standard', views.StandardMailingView),
router.register_view(r'mailing/club', views.ClubMailingView), router.register_view(r'mailing/club', views.ClubMailingView),

View file

@ -561,6 +561,15 @@ class DNSZonesView(generics.ListAPIView):
.all()) .all())
serializer_class = serializers.DNSZonesSerializer serializer_class = serializers.DNSZonesSerializer
class DNSReverseZonesView(generics.ListAPIView):
"""Exposes the detailed information about each extension (hostnames,
IPs, DNS records, etc.) in order to build the DNS zone files.
"""
queryset = (machines.IpType.objects.all())
serializer_class = serializers.DNSReverseZonesSerializer
# MAILING # MAILING

View file

@ -218,7 +218,9 @@ class IpTypeForm(FormRevMixin, ModelForm):
class Meta: class Meta:
model = IpType model = IpType
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start', fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
'domaine_ip_stop', 'prefix_v6', 'vlan', 'ouverture_ports'] 'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6',
'prefix_v6_length','dnssec_reverse_v6', 'vlan',
'ouverture_ports']
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__) prefix = kwargs.pop('prefix', self.Meta.model.__name__)
@ -230,7 +232,8 @@ class EditIpTypeForm(IpTypeForm):
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait """Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
synchroniser les objets iplist""" synchroniser les objets iplist"""
class Meta(IpTypeForm.Meta): class Meta(IpTypeForm.Meta):
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'vlan', fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'prefix_v6_length',
'vlan', 'dnssec_reverse_v4', 'dnssec_reverse_v6',
'ouverture_ports'] 'ouverture_ports']

View file

@ -0,0 +1,25 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-06-25 15:06
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('machines', '0086_role'),
]
operations = [
migrations.AddField(
model_name='iptype',
name='dnssec_reverse_v4',
field=models.BooleanField(default=False, help_text='Activer DNSSEC sur le reverse DNS IPv4'),
),
migrations.AddField(
model_name='iptype',
name='dnssec_reverse_v6',
field=models.BooleanField(default=False, help_text='Activer DNSSEC sur le reverse DNS IPv6'),
),
]

View file

@ -0,0 +1,21 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-07-16 18:46
from __future__ import unicode_literals
import django.core.validators
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('machines', '0087_dnssec'),
]
operations = [
migrations.AddField(
model_name='iptype',
name='prefix_v6_length',
field=models.IntegerField(default=64, validators=[django.core.validators.MaxValueValidator(128), django.core.validators.MinValueValidator(0)]),
),
]

View file

@ -41,8 +41,8 @@ from django.dispatch import receiver
from django.forms import ValidationError from django.forms import ValidationError
from django.utils.functional import cached_property from django.utils.functional import cached_property
from django.utils import timezone from django.utils import timezone
from django.core.validators import MaxValueValidator
from django.utils.translation import ugettext_lazy as _l from django.utils.translation import ugettext_lazy as _l
from django.core.validators import MaxValueValidator, MinValueValidator
from macaddress.fields import MACAddressField from macaddress.fields import MACAddressField
@ -256,11 +256,26 @@ class IpType(RevMixin, AclMixin, models.Model):
need_infra = models.BooleanField(default=False) need_infra = models.BooleanField(default=False)
domaine_ip_start = models.GenericIPAddressField(protocol='IPv4') domaine_ip_start = models.GenericIPAddressField(protocol='IPv4')
domaine_ip_stop = models.GenericIPAddressField(protocol='IPv4') domaine_ip_stop = models.GenericIPAddressField(protocol='IPv4')
dnssec_reverse_v4 = models.BooleanField(
default=False,
help_text="Activer DNSSEC sur le reverse DNS IPv4",
)
prefix_v6 = models.GenericIPAddressField( prefix_v6 = models.GenericIPAddressField(
protocol='IPv6', protocol='IPv6',
null=True, null=True,
blank=True blank=True
) )
prefix_v6_length = models.IntegerField(
default=64,
validators=[
MaxValueValidator(128),
MinValueValidator(0)
]
)
dnssec_reverse_v6 = models.BooleanField(
default=False,
help_text="Activer DNSSEC sur le reverse DNS IPv6",
)
vlan = models.ForeignKey( vlan = models.ForeignKey(
'Vlan', 'Vlan',
on_delete=models.PROTECT, on_delete=models.PROTECT,
@ -294,6 +309,33 @@ class IpType(RevMixin, AclMixin, models.Model):
""" Renvoie une liste des ip en string""" """ Renvoie une liste des ip en string"""
return [str(x) for x in self.ip_set] return [str(x) for x in self.ip_set]
@cached_property
def ip_set_full_info(self):
"""Iter sur les range cidr, et renvoie network, broacast , etc"""
return [
{
'network': str(ip_set.network),
'netmask': str(ip_set.netmask),
'netmask_cidr': str(ip_set.prefixlen),
'broadcast': str(ip_set.broadcast),
'vlan': str(self.vlan),
'vlan_id': self.vlan.vlan_id
} for ip_set in self.ip_set.iter_cidrs()
]
@cached_property
def ip6_set_full_info(self):
if self.prefix_v6:
return {
'network' : str(self.prefix_v6),
'netmask' : 'ffff:ffff:ffff:ffff::',
'netmask_cidr' : str(self.prefix_v6_length),
'vlan': str(self.vlan),
'vlan_id': self.vlan.vlan_id
}
else:
return None
def ip_objects(self): def ip_objects(self):
""" Renvoie tous les objets ipv4 relié à ce type""" """ Renvoie tous les objets ipv4 relié à ce type"""
return IpList.objects.filter(ip_type=self) return IpList.objects.filter(ip_type=self)
@ -345,6 +387,17 @@ class IpType(RevMixin, AclMixin, models.Model):
): ):
ipv6.check_and_replace_prefix(prefix=self.prefix_v6) ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
def get_associated_ptr_records(self):
from re2o.utils import all_active_assigned_interfaces
return (all_active_assigned_interfaces()
.filter(type__ip_type=self)
.filter(ipv4__isnull=False))
def get_associated_ptr_v6_records(self):
from re2o.utils import all_active_interfaces
return (all_active_interfaces(full=True)
.filter(type__ip_type=self))
def clean(self): def clean(self):
""" Nettoyage. Vérifie : """ Nettoyage. Vérifie :
- Que ip_stop est après ip_start - Que ip_stop est après ip_start

View file

@ -35,10 +35,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th>Nécessite l'autorisation infra</th> <th>Nécessite l'autorisation infra</th>
<th>Plage ipv4</th> <th>Plage ipv4</th>
<th>Préfixe v6</th> <th>Préfixe v6</th>
<th>DNSSEC reverse v4/v6</th>
<th>Sur vlan</th> <th>Sur vlan</th>
<th>Ouverture ports par défault</th> <th>Ouverture ports par défault</th>
<th></th> <th></th>
<th></th>
</tr> </tr>
</thead> </thead>
{% for type in iptype_list %} {% for type in iptype_list %}
@ -47,7 +47,8 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ type.extension }}</td> <td>{{ type.extension }}</td>
<td>{{ type.need_infra|tick }}</td> <td>{{ type.need_infra|tick }}</td>
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td> <td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
<td>{{ type.prefix_v6 }}</td> <td>{{ type.prefix_v6 }}/{{ type.prefix_v6_length }}</td>
<td>{{ type.dnssec_reverse_v4|tick }}/{{ type.dnssec_reverse_v6|tick }}</td>
<td>{{ type.vlan }}</td> <td>{{ type.vlan }}</td>
<td>{{ type.ouverture_ports }}</td> <td>{{ type.ouverture_ports }}</td>
<td class="text-right"> <td class="text-right">

View file

@ -34,7 +34,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th></th> <th></th>
</tr> </tr>
</thead> </thead>
{% for txt in txt_list %} {% for txt in text_list %}
<tr> <tr>
<td>{{ txt.zone }}</td> <td>{{ txt.zone }}</td>
<td>{{ txt.dns_entry }}</td> <td>{{ txt.dns_entry }}</td>