|
@@ -0,0 +1,136 @@
|
|
|
+#!/bin/bash
|
|
|
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin
|
|
|
+
|
|
|
+ZONE="private.os.mephi.ru"
|
|
|
+ZONE_PUBLIC="public.os.mephi.ru"
|
|
|
+MY_IP=85.143.112.100
|
|
|
+
|
|
|
+DOMAIN_ID=$(mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "SELECT id FROM domains WHERE name='$ZONE'")
|
|
|
+cd ~/reload-instance-list-workdir
|
|
|
+CURRENT_INSTANCES=($(~/go/bin/openstack-instance-list | sort))
|
|
|
+
|
|
|
+OLD_HASH="$(cat /run/reload-instance-list.sh.hash)"
|
|
|
+CURRENT_HASH="$(echo "$CURRENT_INSTANCES" | md5sum | awk '{print $1}')"
|
|
|
+
|
|
|
+if [ "$CURRENT_HASH" = "$OLD_HASH" ]; then
|
|
|
+ exit
|
|
|
+fi
|
|
|
+echo "$CURRENT_HASH" > /run/reload-instance-list.sh.hash
|
|
|
+timeout 600 lockfile-create /run/reload-instance-list.sh.lock
|
|
|
+trap 'lockfile-remove /run/reload-instance-list.sh.lock' SIGINT SIGTERM SIGHUP SIGQUIT SIGALRM SIGILL SIGABRT SIGPIPE EXIT
|
|
|
+
|
|
|
+oldIFS="$IFS"
|
|
|
+
|
|
|
+# updating the domain zone
|
|
|
+
|
|
|
+declare -A OLD_IDS_IP
|
|
|
+declare -A OLD_IDS_ID
|
|
|
+
|
|
|
+for LINE in $(pdnsutil list-zone "$ZONE" 2>/dev/null | sed -e "s/\\.$ZONE//g" | tr "\t" "@"); do
|
|
|
+ IFS="@"; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ ID="${WORDS[0]}"
|
|
|
+ IP="${WORDS[4]}"
|
|
|
+ if [ "$IP" = '' ]; then
|
|
|
+ continue
|
|
|
+ fi
|
|
|
+ if [ "$ID" = "$ZONE" ]; then
|
|
|
+ continue
|
|
|
+ fi
|
|
|
+ OLD_IDS_IP[$ID]="$IP"
|
|
|
+ OLD_IDS_ID[$ID]="$ID"
|
|
|
+done
|
|
|
+
|
|
|
+for LINE in ${CURRENT_INSTANCES[@]}; do
|
|
|
+ IFS=","; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ ID="${WORDS[0]}"
|
|
|
+ IP="${WORDS[1]}"
|
|
|
+ if [ "${OLD_IDS_IP[$ID]}" = '' ]; then
|
|
|
+ pdnsutil add-record "$ZONE" "$ID" A "$IP"
|
|
|
+ continue
|
|
|
+ fi
|
|
|
+ if [ "${OLD_IDS_IP[$ID]}" != "$IP" ]; then
|
|
|
+ mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "DELETE FROM records WHERE domain_id='$DOMAIN_ID' AND name='$ID.$ZONE'"
|
|
|
+ pdnsutil add-record "$ZONE" "$ID" A "$IP"
|
|
|
+ fi
|
|
|
+ OLD_IDS_IP[$ID]=""
|
|
|
+ OLD_IDS_ID[$ID]=""
|
|
|
+done
|
|
|
+
|
|
|
+for OLD_ID in ${OLD_IDS_ID[@]}; do
|
|
|
+ if [ "$OLD_ID" = '' ]; then
|
|
|
+ continue
|
|
|
+ fi
|
|
|
+ mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "DELETE FROM records WHERE domain_id='$DOMAIN_ID' AND name='$OLD_ID.$ZONE'"
|
|
|
+done
|
|
|
+
|
|
|
+# generating the certificate
|
|
|
+
|
|
|
+GENCERT_ARGS=()
|
|
|
+
|
|
|
+for LINE in ${CURRENT_INSTANCES[@]}; do
|
|
|
+ IFS=","; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ ID="${WORDS[0]}"
|
|
|
+ GENCERT_ARGS+=" -d ${ID}.${ZONE_PUBLIC} "
|
|
|
+done
|
|
|
+
|
|
|
+for LINE in $(cat /etc/webaliases); do
|
|
|
+ IFS=":"; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ HOST="${WORDS[0]}"
|
|
|
+ GENCERT_ARGS+=" -d ${HOST} "
|
|
|
+done
|
|
|
+
|
|
|
+/root/bin/generate-certificate.sh ${GENCERT_ARGS[@]}
|
|
|
+
|
|
|
+# generating haproxy config
|
|
|
+
|
|
|
+ cat > /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF
|
|
|
+
|
|
|
+# Automatically generated frontend configuration:
|
|
|
+
|
|
|
+EOF
|
|
|
+ cat > /etc/haproxy/gen-conf.d/060-backends.conf <<EOF
|
|
|
+
|
|
|
+# Automatically generated backends configuration:
|
|
|
+
|
|
|
+EOF
|
|
|
+
|
|
|
+for LINE in ${CURRENT_INSTANCES[@]}; do
|
|
|
+ IFS=","; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ ID="${WORDS[0]}"
|
|
|
+ IP="${WORDS[1]}"
|
|
|
+
|
|
|
+ cat >> /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF
|
|
|
+ acl host_${ID} hdr(host) -i ${ID}.${ZONE}
|
|
|
+ acl host_${ID} hdr(host) -i ${ID}.${ZONE_PUBLIC}
|
|
|
+ use_backend backend_${ID} if host_${ID}
|
|
|
+EOF
|
|
|
+ cat >> /etc/haproxy/gen-conf.d/060-backends.conf <<EOF
|
|
|
+backend backend_${ID}
|
|
|
+ mode http
|
|
|
+ server primary ${IP}:80
|
|
|
+EOF
|
|
|
+ #option httpchk GET / "HTTP/1.0\r\nX-Forwarded-Proto: https"
|
|
|
+ #option redispatch
|
|
|
+ #http-send-name-header Host
|
|
|
+ #http-check expect rstatus ((2|3)[0-9][0-9]|40[13])
|
|
|
+ #server primary 192.168.3.132:80 check inter 25s
|
|
|
+ #server backup0 192.168.0.132:80 check backup inter 25s
|
|
|
+ #server backup1 192.168.1.132:80 check backup inter 25s
|
|
|
+done
|
|
|
+
|
|
|
+for LINE in $(cat /etc/webaliases); do
|
|
|
+ IFS=":"; WORDS=($LINE); IFS="$oldIFS"
|
|
|
+ HOST="${WORDS[0]}"
|
|
|
+ ID="${WORDS[1]}"
|
|
|
+ IP="$(host "$HOST" | awk '{if($2=="has" && $3=="address"){print $4}}')"
|
|
|
+
|
|
|
+ if [ "$IP" != "$MY_IP" ]; then
|
|
|
+ continue
|
|
|
+ fi
|
|
|
+
|
|
|
+ cat >> /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF
|
|
|
+ acl host_${ID} hdr(host) -i ${HOST}
|
|
|
+EOF
|
|
|
+done
|
|
|
+
|
|
|
+cat /etc/haproxy/gen-conf.d/* > /etc/haproxy/haproxy.cfg
|