From 440f7d151f2ea9d3e9478953cefd5357e3a8688b Mon Sep 17 00:00:00 2001
From: Alex <alex@blueselene.com>
Date: Fri, 6 Sep 2024 13:56:49 +0200
Subject: [PATCH] T12537: Migrate to BIND

https://issue-tracker.miraheze.org/T12537
---
 modules/dns/files/check-dns-zones.py | 13 ++++++++
 modules/dns/manifests/init.pp        | 48 +++++++++++++++-------------
 2 files changed, 39 insertions(+), 22 deletions(-)
 create mode 100644 modules/dns/files/check-dns-zones.py

diff --git a/modules/dns/files/check-dns-zones.py b/modules/dns/files/check-dns-zones.py
new file mode 100644
index 0000000000..e41c378c36
--- /dev/null
+++ b/modules/dns/files/check-dns-zones.py
@@ -0,0 +1,13 @@
+#! /usr/bin/python3
+
+# Loops over all zonefiles and passes them through named-checkzone
+# Exits with error if named-checkzone does
+# Checks are in local mode
+
+import os
+import subprocess
+
+dir = os.fsencode('/etc/bind/zones/')
+for file in os.listdir(dir):
+    filename = os.fsdecode(file)
+    subprocess.run(['/usr/bin/named-checkzone', '-i local', filename, f'/etc/bind/zones/{filename}'], check=True)
diff --git a/modules/dns/manifests/init.pp b/modules/dns/manifests/init.pp
index fda48d32a4..aa61760198 100644
--- a/modules/dns/manifests/init.pp
+++ b/modules/dns/manifests/init.pp
@@ -1,46 +1,50 @@
 # dns
 class dns {
-    include prometheus::exporter::gdnsd
+    # include prometheus::exporter::gdnsd
 
-    package { 'gdnsd':
+    package { 'bind9':
+        ensure  => installed,
+    }
+    package { 'bind9-utils':
         ensure  => installed,
     }
 
     git::clone { 'dns':
         ensure    => latest,
-        directory => '/etc/gdnsd',
+        directory => '/etc/bind',
         origin    => 'https://github.com/miraheze/dns',
         owner     => 'root',
         group     => 'root',
-        before    => Package['gdnsd'],
-        notify    => Exec['gdnsd-syntax'],
+        before    => Package['bind9'],
+        notify    => Exec['bind-syntax'],
     }
 
-    file { '/usr/share/GeoIP/GeoLite2-Country.mmdb':
+    file { '/usr/local/bin/check-dns-zones':
         ensure => present,
-        source => 'puppet:///private/geoip/GeoLite2-Country.mmdb',
-        mode   => '0444',
-        notify => Exec['gdnsd-syntax'],
+        owner  => 'root',
+        group  => 'root',
+        source => 'puppet:///modules/dns/check-dns-zones.py',
+        mode   => '0555',
     }
 
-    exec { 'gdnsd-syntax':
-        command     => '/usr/sbin/gdnsd checkconf',
-        notify      => Service['gdnsd'],
+    exec { 'bind-syntax':
+        command     => '/usr/local/bin/check-dns-zones',
+        notify      => Service['named'],
         refreshonly => true,
     }
 
-    service { 'gdnsd':
+    service { 'named':
         ensure     => running,
         hasrestart => true,
         hasstatus  => true,
-        require    => [ Package['gdnsd'], Exec['gdnsd-syntax'] ],
+        require    => [ Package['bind9'], Exec['bind-syntax'] ],
     }
 
-    file { '/usr/lib/nagios/plugins/check_gdnsd_datacenters':
-        ensure => present,
-        source => 'puppet:///modules/dns/check_gdnsd_datacenters.py',
-        mode   => '0755',
-    }
+    #file { '/usr/lib/nagios/plugins/check_gdnsd_datacenters':
+        #ensure => present,
+        #source => 'puppet:///modules/dns/check_gdnsd_datacenters.py',
+        #mode   => '0755',
+    #}
 
     if ( $facts['networking']['interfaces']['ens19'] and $facts['networking']['interfaces']['ens18'] ) {
         $address = $facts['networking']['interfaces']['ens19']['ip']
@@ -58,7 +62,7 @@
         },
     }
 
-    monitoring::nrpe { 'GDNSD Datacenters':
-        command => '/usr/bin/sudo /usr/lib/nagios/plugins/check_gdnsd_datacenters'
-    }
+    #monitoring::nrpe { 'GDNSD Datacenters':
+        #command => '/usr/bin/sudo /usr/lib/nagios/plugins/check_gdnsd_datacenters'
+    #}
 }