diff options
| author | Aleš Mrázek <ales.mrazek@nic.cz> | 2023-04-12 12:26:01 +0200 |
|---|---|---|
| committer | Aleš Mrázek <ales.mrazek@nic.cz> | 2023-06-09 13:54:07 +0200 |
| commit | e925013e77cf3502bb7b3f568b964ecee41e8e23 (patch) | |
| tree | 5737811c55dfcccd4cbddb1737153b31a1c8e718 | |
| parent | manager: datamodel: views render to Lua (diff) | |
| download | knot-resolver-e925013e77cf3502bb7b3f568b964ecee41e8e23.tar.xz knot-resolver-e925013e77cf3502bb7b3f568b964ecee41e8e23.zip | |
manager: datamodel: local_data render to Lua
6 files changed, 50 insertions, 50 deletions
diff --git a/manager/etc/knot-resolver/config.policy.dev.yml b/manager/etc/knot-resolver/config.policy.dev.yml index 8fb7a691..5f5a7429 100644 --- a/manager/etc/knot-resolver/config.policy.dev.yml +++ b/manager/etc/knot-resolver/config.policy.dev.yml @@ -23,7 +23,14 @@ views: - subnets: [10.0.10.0/24] answer: allow -# local-data: +local-data: + subtrees: + - type: empty + tags: [ t2 ] + roots: [ example1.org ] + - type: nxdomain + roots: [ sub4.example.org ] + # ttl: 1d # nodata: true # addresses: @@ -36,18 +43,6 @@ views: # A 192.168.2.3 # A 192.168.2.4 # local.example.org AAAA ::1 -# subtrees: -# - type: empty -# roots: [ sub2.example.org ] -# tags: [ t2 ] -# - type: nxdomain -# roots-file: /path/to/file.txt -# - type: empty -# roots-url: https://example.org/blocklist.txt -# refresh: 1d -# - type: redirect -# roots: [ sub4.example.org ] -# addresses: [ 127.0.0.1, "::1" ] # forward: # - subtree: '.' diff --git a/manager/knot_resolver_manager/datamodel/local_data_schema.py b/manager/knot_resolver_manager/datamodel/local_data_schema.py index 8008e085..18e20007 100644 --- a/manager/knot_resolver_manager/datamodel/local_data_schema.py +++ b/manager/knot_resolver_manager/datamodel/local_data_schema.py @@ -1,4 +1,4 @@ -from typing import Dict, List, Optional, Union +from typing import Dict, List, Optional from typing_extensions import Literal @@ -14,6 +14,8 @@ class SubtreeSchema(ConfigSchema): --- type: Type of the subtree. tags: Tags to link with other policy rules. + ttl: Default TTL value used for added local subtree. + nodata: Use NODATA synthesis. NODATA will be synthesised for matching name, but mismatching type(e.g. AAAA query when only A exists). addresses: Subtree addresses. roots: Subtree roots. roots_file: Subtree roots from given file. @@ -23,8 +25,10 @@ class SubtreeSchema(ConfigSchema): type: Literal["empty", "nxdomain", "redirect"] tags: Optional[List[IDPattern]] = None - addresses: Optional[Union[List[IPAddress], IPAddress]] = None - roots: Optional[Union[List[DomainName], DomainName]] = None + ttl: Optional[TimeUnit] = None + nodata: bool = True + addresses: Optional[List[IPAddress]] = None + roots: Optional[List[DomainName]] = None roots_file: Optional[UncheckedPath] = None roots_url: Optional[str] = None refresh: Optional[TimeUnit] = None @@ -54,7 +58,7 @@ class LocalDataSchema(ConfigSchema): ttl: Optional[TimeUnit] = None nodata: bool = True - addresses: Optional[Dict[DomainName, Union[List[IPAddress], IPAddress]]] = None - addresses_files: Optional[Union[List[UncheckedPath], UncheckedPath]] = None + addresses: Optional[Dict[DomainName, List[IPAddress]]] = None + addresses_files: Optional[List[UncheckedPath]] = None records: Optional[str] = None subtrees: Optional[List[SubtreeSchema]] = None diff --git a/manager/knot_resolver_manager/datamodel/templates/config.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/config.lua.j2 index b741ed26..ee4a2ed6 100644 --- a/manager/knot_resolver_manager/datamodel/templates/config.lua.j2 +++ b/manager/knot_resolver_manager/datamodel/templates/config.lua.j2 @@ -31,7 +31,7 @@ nsid.name('{{ cfg.nsid }}_' .. worker.id) {% include "views.lua.j2" %} -- LOCAL-DATA section ------------------------------- -{# {% include "local_data.lua.j2" %} #} +{% include "local_data.lua.j2" %} -- SLICES section ----------------------------------- {# {% include "slices.lua.j2" %} #} diff --git a/manager/knot_resolver_manager/datamodel/templates/local_data.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/local_data.lua.j2 index dbab321d..51967105 100644 --- a/manager/knot_resolver_manager/datamodel/templates/local_data.lua.j2 +++ b/manager/knot_resolver_manager/datamodel/templates/local_data.lua.j2 @@ -1,39 +1,18 @@ -{% from 'macros/common_macros.lua.j2' import string_table %} -{% from 'macros/policy_macros.lua.j2' import policy_get_tagset, policy_todname %} -{% from 'macros/local_data_macros.lua.j2' import local_data_emptyzone, local_data_nxdomain %} - -local C = require('ffi').C - +{% from 'macros/local_data_macros.lua.j2' import local_data_subtree_root %} {# TODO: implemented all other options/features from local_data_schema #} +{% if cfg.local_data.subtrees -%} +{% for subtree in cfg.local_data.subtrees %} - -{% for subtree in cfg.local_data.subnets %} - -{# IF subtree.roots is not None #} {% if subtree.roots -%} -{%- for root in subtree.roots -%} - - -{% if subtree.type == 'empty' -%} -{{ local_data_emptyzone(policy_todname(root), policy_get_tagset(string_table(subtree.tags))) }} -{%- elif subtree.type == 'nxdomain' -%} -{{ view_insert_action(policy_todname(root), policy_get_tagset(string_table(subtree.tags))) }} -{% else %} -{# TODO: implement other possible types #} -{%- endif %} - -{%- endfor -%} -{%- endif %} - -{# IF subtree.roots_file is not None #} -{% if subtree.roots_file -%} +{% for root in subtree.roots %} +{{ local_data_subtree_root(subtree.type, root, subtree.tags) }} +{% endfor %} +{%- elif subtree.roots_file -%} {# TODO: not implemented yet #} -{%- endif %} - -{# IF subtree.roots_url is not None #} -{% if subtree.roots_url -%} +{%- elif subtree.roots_url -%} {# TODO: not implemented yet #} {%- endif %} {% endfor %} +{%- endif %} diff --git a/manager/knot_resolver_manager/datamodel/templates/macros/local_data_macros.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/macros/local_data_macros.lua.j2 index cee9fcdc..43f10f35 100644 --- a/manager/knot_resolver_manager/datamodel/templates/macros/local_data_macros.lua.j2 +++ b/manager/knot_resolver_manager/datamodel/templates/macros/local_data_macros.lua.j2 @@ -1,3 +1,6 @@ +{% from 'macros/common_macros.lua.j2' import string_table %} +{% from 'macros/policy_macros.lua.j2' import policy_get_tagset, policy_todname %} + {% macro local_data_emptyzone(dname, tags) -%} assert(C.kr_rule_local_data_emptyzone({{ dname }},{{ tags }})==0) {%- endmacro %} @@ -5,3 +8,18 @@ assert(C.kr_rule_local_data_emptyzone({{ dname }},{{ tags }})==0) {% macro local_data_nxdomain(dname, tags) -%} assert(C.kr_rule_local_data_nxdomain({{ dname }},{{ tags }})==0) {%- endmacro %} + +{% macro local_data_subtree_root(type, root, tags) -%} +{%- if tags -%} +{%- set get_tags = policy_get_tagset(tags) -%} +{%- else -%} +{%- set get_tags = '0' -%} +{%- endif -%} +{%- if type == 'empty' -%} +{{ local_data_emptyzone(policy_todname(root), get_tags) }} +{%- elif type == 'nxdomain' -%} +{{ local_data_nxdomain(policy_todname(root), get_tags) }} +{%- else -%} +{# TODO: implement other possible types #} +{%- endif -%} +{%- endmacro %} diff --git a/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2 index ba5c1be1..36ce102f 100644 --- a/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2 +++ b/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2 @@ -258,7 +258,11 @@ policy.TLS_FORWARD({{ tls_servers_table(servers) }}) {# Other #} -{% macro policy_todname(names) -%} +{% macro policy_todname(name) -%} +todname('{{ name.punycode()|string }}') +{%- endmacro %} + +{% macro policy_todnames(names) -%} policy.todnames({ {%- if names is string -%} '{{ names.punycode()|string }}' |