From: Tom Hughes <tom@compton.nu>
Date: Wed, 26 Jun 2019 17:36:51 +0000 (+0100)
Subject: Allow grisu to provide DNS service to all bytemark machines
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/ab5751cdbec569aaf0eb0edbd0f88f45f31f1161

Allow grisu to provide DNS service to all bytemark machines
---

diff --git a/cookbooks/bind/recipes/default.rb b/cookbooks/bind/recipes/default.rb
index 4dcfaa859..44d364320 100644
--- a/cookbooks/bind/recipes/default.rb
+++ b/cookbooks/bind/recipes/default.rb
@@ -19,6 +19,16 @@
 
 include_recipe "networking"
 
+clients = search(:node, "roles:#{node[:bind][:clients]}")
+
+ipv4_clients = clients.collect do |client|
+  client.ipaddresses(:family => :inet)
+end.flatten
+
+ipv6_clients = clients.collect do |client|
+  client.ipaddresses(:family => :inet6)
+end.flatten
+
 package "bind9"
 
 service "bind9" do
@@ -39,6 +49,7 @@ template "/etc/bind/named.conf.options" do
   owner "root"
   group "root"
   mode 0o644
+  variables :ipv4_clients => ipv4_clients, :ipv6_clients => ipv6_clients
   notifies :restart, "service[bind9]"
 end
 
diff --git a/cookbooks/bind/templates/default/named.options.erb b/cookbooks/bind/templates/default/named.options.erb
index a2bd23dbb..f9cebbc10 100644
--- a/cookbooks/bind/templates/default/named.options.erb
+++ b/cookbooks/bind/templates/default/named.options.erb
@@ -2,13 +2,13 @@
 
 acl "osm" {
 	127.0.0.1/32;
-<% node.interfaces(:family => :inet).each do |interface| -%>
-	<%= interface[:network] %>/<%= interface[:prefix] %>;
+<% @ipv4_clients.sort.each do |address| -%>
+	<%= address %>/32;
 <% end -%>
 
 	::1/128;
-<% node.interfaces(:family => :inet6).each do |interface| -%>
-	<%= interface[:network] %>/<%= interface[:prefix] %>;
+<% @ipv6_clients.sort.each do |address| -%>
+	<%= address %>/128;
 <% end -%>
 };
 
diff --git a/roles/grisu.rb b/roles/grisu.rb
index be3a48e3f..8e177a8ff 100644
--- a/roles/grisu.rb
+++ b/roles/grisu.rb
@@ -2,6 +2,9 @@ name "grisu"
 description "Master role applied to grisu"
 
 default_attributes(
+  :bind => {
+    :clients => "bytemark"
+  },
   :networking => {
     :interfaces => {
       :internal_ipv4 => {
diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb
index 8bc758e76..2f05572fb 100644
--- a/roles/ironbelly.rb
+++ b/roles/ironbelly.rb
@@ -5,6 +5,9 @@ default_attributes(
   :apt => {
     :sources => ["ubuntugis-unstable"]
   },
+  :bind => {
+    :clients => "equinix"
+  },
   :dhcpd => {
     :first_address => "10.0.63.1",
     :last_address => "10.0.63.254"
diff --git a/roles/ridley.rb b/roles/ridley.rb
index ec985da04..591f31ae2 100644
--- a/roles/ridley.rb
+++ b/roles/ridley.rb
@@ -2,6 +2,9 @@ name "ridley"
 description "Master role applied to ridley"
 
 default_attributes(
+  :bind => {
+    :clients => "ucl"
+  },
   :dhcpd => {
     :first_address => "10.0.15.1",
     :last_address => "10.0.15.254"