mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-09 11:26:27 +00:00
Merge branch 'dnssec_options' into 'dev'
Dnssec options See merge request federez/re2o!194
This commit is contained in:
commit
cf3edceff5
9 changed files with 140 additions and 8 deletions
|
@ -829,6 +829,25 @@ class DNSZonesSerializer(serializers.ModelSerializer):
|
||||||
'aaaa_records', 'cname_records', 'sshfp_records')
|
'aaaa_records', 'cname_records', 'sshfp_records')
|
||||||
|
|
||||||
|
|
||||||
|
class DNSReverseZonesSerializer(serializers.ModelSerializer):
|
||||||
|
"""Serialize the data about DNS Zones.
|
||||||
|
"""
|
||||||
|
soa = SOARecordSerializer(source='extension.soa')
|
||||||
|
extension = serializers.CharField(source='extension.name', read_only=True)
|
||||||
|
cidrs = serializers.ListField(child=serializers.CharField(), source='ip_set_cidrs_as_str', read_only=True)
|
||||||
|
ns_records = NSRecordSerializer(many=True, source='extension.ns_set')
|
||||||
|
mx_records = MXRecordSerializer(many=True, source='extension.mx_set')
|
||||||
|
txt_records = TXTRecordSerializer(many=True, source='extension.txt_set')
|
||||||
|
ptr_records = ARecordSerializer(many=True, source='get_associated_ptr_records')
|
||||||
|
ptr_v6_records = AAAARecordSerializer(many=True, source='get_associated_ptr_v6_records')
|
||||||
|
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = machines.IpType
|
||||||
|
fields = ('type', 'extension', 'soa', 'ns_records', 'mx_records',
|
||||||
|
'txt_records', 'ptr_records', 'ptr_v6_records', 'cidrs',
|
||||||
|
'prefix_v6')
|
||||||
|
|
||||||
# MAILING
|
# MAILING
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -105,6 +105,7 @@ router.register_view(r'localemail/users', views.LocalEmailUsersView),
|
||||||
router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
|
router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
|
||||||
# DNS
|
# DNS
|
||||||
router.register_view(r'dns/zones', views.DNSZonesView),
|
router.register_view(r'dns/zones', views.DNSZonesView),
|
||||||
|
router.register_view(r'dns/reverse-zones', views.DNSReverseZonesView),
|
||||||
# MAILING
|
# MAILING
|
||||||
router.register_view(r'mailing/standard', views.StandardMailingView),
|
router.register_view(r'mailing/standard', views.StandardMailingView),
|
||||||
router.register_view(r'mailing/club', views.ClubMailingView),
|
router.register_view(r'mailing/club', views.ClubMailingView),
|
||||||
|
|
|
@ -561,6 +561,15 @@ class DNSZonesView(generics.ListAPIView):
|
||||||
.all())
|
.all())
|
||||||
serializer_class = serializers.DNSZonesSerializer
|
serializer_class = serializers.DNSZonesSerializer
|
||||||
|
|
||||||
|
class DNSReverseZonesView(generics.ListAPIView):
|
||||||
|
"""Exposes the detailed information about each extension (hostnames,
|
||||||
|
IPs, DNS records, etc.) in order to build the DNS zone files.
|
||||||
|
"""
|
||||||
|
queryset = (machines.IpType.objects.all())
|
||||||
|
serializer_class = serializers.DNSReverseZonesSerializer
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# MAILING
|
# MAILING
|
||||||
|
|
||||||
|
|
|
@ -218,7 +218,9 @@ class IpTypeForm(FormRevMixin, ModelForm):
|
||||||
class Meta:
|
class Meta:
|
||||||
model = IpType
|
model = IpType
|
||||||
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
|
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
|
||||||
'domaine_ip_stop', 'prefix_v6', 'vlan', 'ouverture_ports']
|
'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6',
|
||||||
|
'prefix_v6_length','dnssec_reverse_v6', 'vlan',
|
||||||
|
'ouverture_ports']
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||||
|
@ -230,7 +232,8 @@ class EditIpTypeForm(IpTypeForm):
|
||||||
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
|
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
|
||||||
synchroniser les objets iplist"""
|
synchroniser les objets iplist"""
|
||||||
class Meta(IpTypeForm.Meta):
|
class Meta(IpTypeForm.Meta):
|
||||||
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'vlan',
|
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'prefix_v6_length',
|
||||||
|
'vlan', 'dnssec_reverse_v4', 'dnssec_reverse_v6',
|
||||||
'ouverture_ports']
|
'ouverture_ports']
|
||||||
|
|
||||||
|
|
||||||
|
|
25
machines/migrations/0087_dnssec.py
Normal file
25
machines/migrations/0087_dnssec.py
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.10.7 on 2018-06-25 15:06
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('machines', '0086_role'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='iptype',
|
||||||
|
name='dnssec_reverse_v4',
|
||||||
|
field=models.BooleanField(default=False, help_text='Activer DNSSEC sur le reverse DNS IPv4'),
|
||||||
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='iptype',
|
||||||
|
name='dnssec_reverse_v6',
|
||||||
|
field=models.BooleanField(default=False, help_text='Activer DNSSEC sur le reverse DNS IPv6'),
|
||||||
|
),
|
||||||
|
]
|
21
machines/migrations/0088_iptype_prefix_v6_length.py
Normal file
21
machines/migrations/0088_iptype_prefix_v6_length.py
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.10.7 on 2018-07-16 18:46
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
import django.core.validators
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('machines', '0087_dnssec'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='iptype',
|
||||||
|
name='prefix_v6_length',
|
||||||
|
field=models.IntegerField(default=64, validators=[django.core.validators.MaxValueValidator(128), django.core.validators.MinValueValidator(0)]),
|
||||||
|
),
|
||||||
|
]
|
|
@ -41,8 +41,8 @@ from django.dispatch import receiver
|
||||||
from django.forms import ValidationError
|
from django.forms import ValidationError
|
||||||
from django.utils.functional import cached_property
|
from django.utils.functional import cached_property
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from django.core.validators import MaxValueValidator
|
|
||||||
from django.utils.translation import ugettext_lazy as _l
|
from django.utils.translation import ugettext_lazy as _l
|
||||||
|
from django.core.validators import MaxValueValidator, MinValueValidator
|
||||||
|
|
||||||
from macaddress.fields import MACAddressField
|
from macaddress.fields import MACAddressField
|
||||||
|
|
||||||
|
@ -256,11 +256,26 @@ class IpType(RevMixin, AclMixin, models.Model):
|
||||||
need_infra = models.BooleanField(default=False)
|
need_infra = models.BooleanField(default=False)
|
||||||
domaine_ip_start = models.GenericIPAddressField(protocol='IPv4')
|
domaine_ip_start = models.GenericIPAddressField(protocol='IPv4')
|
||||||
domaine_ip_stop = models.GenericIPAddressField(protocol='IPv4')
|
domaine_ip_stop = models.GenericIPAddressField(protocol='IPv4')
|
||||||
|
dnssec_reverse_v4 = models.BooleanField(
|
||||||
|
default=False,
|
||||||
|
help_text="Activer DNSSEC sur le reverse DNS IPv4",
|
||||||
|
)
|
||||||
prefix_v6 = models.GenericIPAddressField(
|
prefix_v6 = models.GenericIPAddressField(
|
||||||
protocol='IPv6',
|
protocol='IPv6',
|
||||||
null=True,
|
null=True,
|
||||||
blank=True
|
blank=True
|
||||||
)
|
)
|
||||||
|
prefix_v6_length = models.IntegerField(
|
||||||
|
default=64,
|
||||||
|
validators=[
|
||||||
|
MaxValueValidator(128),
|
||||||
|
MinValueValidator(0)
|
||||||
|
]
|
||||||
|
)
|
||||||
|
dnssec_reverse_v6 = models.BooleanField(
|
||||||
|
default=False,
|
||||||
|
help_text="Activer DNSSEC sur le reverse DNS IPv6",
|
||||||
|
)
|
||||||
vlan = models.ForeignKey(
|
vlan = models.ForeignKey(
|
||||||
'Vlan',
|
'Vlan',
|
||||||
on_delete=models.PROTECT,
|
on_delete=models.PROTECT,
|
||||||
|
@ -294,6 +309,33 @@ class IpType(RevMixin, AclMixin, models.Model):
|
||||||
""" Renvoie une liste des ip en string"""
|
""" Renvoie une liste des ip en string"""
|
||||||
return [str(x) for x in self.ip_set]
|
return [str(x) for x in self.ip_set]
|
||||||
|
|
||||||
|
@cached_property
|
||||||
|
def ip_set_full_info(self):
|
||||||
|
"""Iter sur les range cidr, et renvoie network, broacast , etc"""
|
||||||
|
return [
|
||||||
|
{
|
||||||
|
'network': str(ip_set.network),
|
||||||
|
'netmask': str(ip_set.netmask),
|
||||||
|
'netmask_cidr': str(ip_set.prefixlen),
|
||||||
|
'broadcast': str(ip_set.broadcast),
|
||||||
|
'vlan': str(self.vlan),
|
||||||
|
'vlan_id': self.vlan.vlan_id
|
||||||
|
} for ip_set in self.ip_set.iter_cidrs()
|
||||||
|
]
|
||||||
|
|
||||||
|
@cached_property
|
||||||
|
def ip6_set_full_info(self):
|
||||||
|
if self.prefix_v6:
|
||||||
|
return {
|
||||||
|
'network' : str(self.prefix_v6),
|
||||||
|
'netmask' : 'ffff:ffff:ffff:ffff::',
|
||||||
|
'netmask_cidr' : str(self.prefix_v6_length),
|
||||||
|
'vlan': str(self.vlan),
|
||||||
|
'vlan_id': self.vlan.vlan_id
|
||||||
|
}
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
def ip_objects(self):
|
def ip_objects(self):
|
||||||
""" Renvoie tous les objets ipv4 relié à ce type"""
|
""" Renvoie tous les objets ipv4 relié à ce type"""
|
||||||
return IpList.objects.filter(ip_type=self)
|
return IpList.objects.filter(ip_type=self)
|
||||||
|
@ -345,6 +387,17 @@ class IpType(RevMixin, AclMixin, models.Model):
|
||||||
):
|
):
|
||||||
ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
|
ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
|
||||||
|
|
||||||
|
def get_associated_ptr_records(self):
|
||||||
|
from re2o.utils import all_active_assigned_interfaces
|
||||||
|
return (all_active_assigned_interfaces()
|
||||||
|
.filter(type__ip_type=self)
|
||||||
|
.filter(ipv4__isnull=False))
|
||||||
|
|
||||||
|
def get_associated_ptr_v6_records(self):
|
||||||
|
from re2o.utils import all_active_interfaces
|
||||||
|
return (all_active_interfaces(full=True)
|
||||||
|
.filter(type__ip_type=self))
|
||||||
|
|
||||||
def clean(self):
|
def clean(self):
|
||||||
""" Nettoyage. Vérifie :
|
""" Nettoyage. Vérifie :
|
||||||
- Que ip_stop est après ip_start
|
- Que ip_stop est après ip_start
|
||||||
|
|
|
@ -35,10 +35,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
<th>Nécessite l'autorisation infra</th>
|
<th>Nécessite l'autorisation infra</th>
|
||||||
<th>Plage ipv4</th>
|
<th>Plage ipv4</th>
|
||||||
<th>Préfixe v6</th>
|
<th>Préfixe v6</th>
|
||||||
|
<th>DNSSEC reverse v4/v6</th>
|
||||||
<th>Sur vlan</th>
|
<th>Sur vlan</th>
|
||||||
<th>Ouverture ports par défault</th>
|
<th>Ouverture ports par défault</th>
|
||||||
<th></th>
|
<th></th>
|
||||||
<th></th>
|
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
{% for type in iptype_list %}
|
{% for type in iptype_list %}
|
||||||
|
@ -47,7 +47,8 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
<td>{{ type.extension }}</td>
|
<td>{{ type.extension }}</td>
|
||||||
<td>{{ type.need_infra|tick }}</td>
|
<td>{{ type.need_infra|tick }}</td>
|
||||||
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
|
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
|
||||||
<td>{{ type.prefix_v6 }}</td>
|
<td>{{ type.prefix_v6 }}/{{ type.prefix_v6_length }}</td>
|
||||||
|
<td>{{ type.dnssec_reverse_v4|tick }}/{{ type.dnssec_reverse_v6|tick }}</td>
|
||||||
<td>{{ type.vlan }}</td>
|
<td>{{ type.vlan }}</td>
|
||||||
<td>{{ type.ouverture_ports }}</td>
|
<td>{{ type.ouverture_ports }}</td>
|
||||||
<td class="text-right">
|
<td class="text-right">
|
||||||
|
|
|
@ -34,7 +34,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
<th></th>
|
<th></th>
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
{% for txt in txt_list %}
|
{% for txt in text_list %}
|
||||||
<tr>
|
<tr>
|
||||||
<td>{{ txt.zone }}</td>
|
<td>{{ txt.zone }}</td>
|
||||||
<td>{{ txt.dns_entry }}</td>
|
<td>{{ txt.dns_entry }}</td>
|
||||||
|
|
Loading…
Reference in a new issue