search

UdelaRInterior / ansible-role-alternc-slavedns

Install and cofiguration of alternc-slavedns (Dynamic redundant DNS server for alternc managed bind zones)
GNU General Public License v3.0
0 stars 0 forks source link

[FEATURE] alternc-slavedns design #1

Open ulvida opened 3 years ago

ulvida commented 3 years ago

About alternc-slavedns

When you install an alternc instance, your are prompted to configure two NS servers, DNS1 and DNS2. These are not DNS resolvers of your local networks, but the NS servers of the zones you will configure in your AlternC panel, those that you have to provide to the registrar when you register a DNS zone. These NS servers must obviously be configured by AlternC, and these is done either because the NS server is the AlternC server itself (its bind daemon, more specifically) either because they run an alternc-slavedns which synchronizes a bind DNS server with slave zones with their master in the AlternC main server, for the list of zones that are shared through a webpage.

Work proposed for this repo

We want to extend the AlternC main role to allow the configuration of alternc-slave DNS accounts (Administrator panel -> Slave DNS accounts), and a role to install and configure alternc-slavedns in a host.

The set of variables must be coherent (an account being the same object for client and server) and addressable as group variables.

Technique's issue

The AlternC role adresses AlternC configuration setting data directly to the database, with SQL sentences. This technique is not very sustainable, as the database structure is not an API, and leads to idempotency problems.

It would be better to use AlternC API, which is mentioned but not consistently documented somewhere, just a few mentions int he code. We can start trying for alternc-slavdns role, and only then eventually refactor alternc main role.

ulvida commented 3 years ago

I start trying the API.

First, something not documented: AlternC API is not included in alternc package. One must install alternc-api.

I first try the authentication API with this ansible code.

But I obtain: 

...
TASK [udelarinterior.alternc_slavedns : See URI request result] *****************************************
task path: /home/ulvida/tech/interior/roles/ansible-role-alternc-slavedns/tasks/main.yml:17
ok: [anacahuita.interior.edu.uy] => {
    "alternc_login": {
        "changed": false,
        "connection": "close",
        "content": "I did nothing. Did you call the api properly?",
        "content_length": "45",
        "content_type": "text/html; charset=UTF-8",
        "cookies": {},
        "cookies_string": "",
        "date": "Mon, 22 Mar 2021 14:26:10 GMT",
        "elapsed": 0,
        "failed": false,
        "msg": "OK (45 bytes)",
        "redirected": false,
        "server": "Apache/2.4.46 (Debian)",
        "status": 200,
        "url": "https://anacahuita.interior.edu.uy/api/auth"
    }
}
...

¿What am I doing wrong?

ulvida commented 3 years ago

Well, bad idea to use the API; "we just found a bug that prevents the API to work at all"