Changes

Jump to navigation Jump to search

Service/Nameservers (view source)

Revision as of 09:27, 7 March 2010

797 bytes added ,  09:27, 7 March 2010
no edit summary
Line 23: Line 23:  
!  IPv6
 
!  IPv6
 
|-
 
|-
!  ns1.sugarlabs.org
+
'''ns1.sugarlabs.org'''
 
|  lightwave
 
|  lightwave
 
|  FSF, Boston, USA
 
|  FSF, Boston, USA
Line 59: Line 59:  
To simplify merging, each hostmaster pushes to a separate branch:
 
To simplify merging, each hostmaster pushes to a separate branch:
   −
  git clone root@lightwave.sugarlabs.org:/var/lib/bind/etc/bind ns
+
  git clone lightwave.sugarlabs.org:/var/lib/bind/etc/bind ns
git config --add remote.origin.push '+refs/heads/*:refs/remotes/USERNAME/*'
     −
'''FIXME''': use an unprivileged group "hostmaster" rather than root.
+
Do not checkout the repository as root. Your user needs to be in group bind.
 +
 
 +
'''FIXME''': use a separate group ''hostmaster'' rather than bind.
    
== Edit zone data ==
 
== Edit zone data ==
Line 78: Line 79:  
== Push changes back to master nameserver ==
 
== Push changes back to master nameserver ==
   −
We have a handy script to automate this procedure:
+
* We have a handy post-receive hook to automate this procedure. All you have to do is pushing your changes:
   −
./update-named-master
+
  git push
    
* You should see the slaves transfering the new zones you have modified
 
* You should see the slaves transfering the new zones you have modified
Line 92: Line 93:     
FIXME: ssh keys needed for other admins
 
FIXME: ssh keys needed for other admins
 +
 +
== Implementation details ==
 +
 +
* The git config file is as follows:
 +
 +
[core]
 +
        repositoryformatversion = 0
 +
        filemode = true
 +
        bare = false
 +
        shared = true
 +
        logallrefupdates = true
 +
        worktree = /etc/bind
 +
[receive]
 +
        denycurrentbranch = ignore
 +
 +
[hooks]
 +
        mailinglist = bernie@codewiz.org
 +
        emailprefix = "[DNS] "
 +
        showrev = "git show -C %s; echo"
 +
 +
* We use a post-receive hook to checkout the zones to the local sandbox and make
 +
BIND reload them:
 +
 +
#!/bin/bash
 +
/bin/bash /usr/share/doc/git-core/contrib/hooks/post-receive-email
 +
git checkout -f
 +
tail -n0 -f /var/log/daemon.log &
 +
/etc/init.d/bind9 reload
 +
sleep 3
 +
 +
* For slightly better security, the repository lives outside the sandbox
Retrieved from "https://wiki.sugarlabs.org/go/Special:MobileDiff/49420"

Navigation menu