| 1 | ### -*-makefile-*- |
| 2 | ### |
| 3 | ### Makefile for the DNS zones I maintain. |
| 4 | ### |
| 5 | ### (c) 2011 Mark Wooding |
| 6 | |
| 7 | ###-------------------------------------------------------------------------- |
| 8 | ### Silent-rules machinery. |
| 9 | |
| 10 | V = 0 |
| 11 | v_tag = $(call v_tag_$V,$1) |
| 12 | v_tag_0 = @printf " %-6s %s\n" "$1" "$@"; |
| 13 | |
| 14 | V_AT = $(V_AT_$V) |
| 15 | V_AT_0 = @ |
| 16 | |
| 17 | ###-------------------------------------------------------------------------- |
| 18 | ### Programs and options. |
| 19 | |
| 20 | ## Zone checking. |
| 21 | CHECKZONE = named-checkzone -i full \ |
| 22 | -k fail -M fail -n fail -S fail -W fail |
| 23 | |
| 24 | ## Zone installation. |
| 25 | MASTER = localhost |
| 26 | inside_MASTER = precision |
| 27 | |
| 28 | ifeq ($(MASTER),localhost) |
| 29 | ZONEINST = userv zoneconf install |
| 30 | else |
| 31 | ZONEINST = ssh zoneconf@$(MASTER) |
| 32 | endif |
| 33 | |
| 34 | ###-------------------------------------------------------------------------- |
| 35 | ### Utility functions. |
| 36 | |
| 37 | dir-nosl = $(patsubst %/,%,$(dir $1)) |
| 38 | |
| 39 | ###-------------------------------------------------------------------------- |
| 40 | ### Keeping all of the files straight. |
| 41 | |
| 42 | ## Establish a default target. We'll sort out what it does later. |
| 43 | all: |
| 44 | .PHONY: all |
| 45 | |
| 46 | ## Things to clean. |
| 47 | CLEANFILES = |
| 48 | CLEANDIRS = |
| 49 | REALCLEANFILES = $(CLEANFILES) |
| 50 | REALCLEANDIRS = $(CLEANDIRS) |
| 51 | |
| 52 | ## We work in terms of `zonesets'. Each one corresponds to a Lisp source |
| 53 | ## file to be passed to `zone'. A zoneset has a number of different nets |
| 54 | ## associated with it, in the variable zoneset_NETS, and we must run it |
| 55 | ## through `zone' once for each net. The zoneset will make a number of |
| 56 | ## zones, listed in zoneset_ZONES. |
| 57 | ZONESETS = |
| 58 | |
| 59 | ###-------------------------------------------------------------------------- |
| 60 | ### The distorted.org.uk zones. |
| 61 | |
| 62 | ZONESETS += distorted |
| 63 | |
| 64 | distorted_VIEWS = inside outside |
| 65 | distorted_outside_NETS = dmz jump |
| 66 | distorted_inside_NETS = any unsafe colo vpn upn |
| 67 | |
| 68 | distorted_all_ZONES += distorted.org.uk |
| 69 | |
| 70 | distorted_all_ZONES += 144-159.204.49.62.in-addr.arpa |
| 71 | distorted_all_ZONES += 64-79.198.13.212.in-addr.arpa |
| 72 | |
| 73 | distorted_all_ZONES += 199.29.172.in-addr.arpa |
| 74 | |
| 75 | distorted_all_ZONES += 8.9.b.1.9.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa |
| 76 | distorted_all_ZONES += 0.4.7.9.0.7.4.0.1.0.0.2.ip6.arpa |
| 77 | |
| 78 | distorted_all_ZONES += 9.d.1.0.0.0.0.0.8.a.b.0.1.0.0.2.ip6.arpa |
| 79 | distorted_all_ZONES += 9.d.1.0.8.a.b.0.1.0.0.2.ip6.arpa |
| 80 | |
| 81 | distorted_outside_NSDIFF = -sradius.dmz.distorted.org.uk |
| 82 | |
| 83 | ###-------------------------------------------------------------------------- |
| 84 | ### Other zones. |
| 85 | |
| 86 | ## binswood.org.uk |
| 87 | ZONESETS += binswood |
| 88 | binswood_VIEWS = outside |
| 89 | binswood_all_ZONES += binswood.org.uk |
| 90 | binswood_all_ZONES += 27.165.10.in-addr.arpa |
| 91 | |
| 92 | ## escorted.org.uk |
| 93 | ZONESETS += escorted |
| 94 | escorted_VIEWS = outside |
| 95 | escorted_all_ZONES += escorted.org.uk |
| 96 | |
| 97 | ## odin.gg |
| 98 | ZONESETS += odin |
| 99 | odin_VIEWS = outside |
| 100 | odin_all_ZONES = odin.gg |
| 101 | |
| 102 | ## goodhstg.com |
| 103 | ZONESETS += goodhstg |
| 104 | goodhstg_VIEWS = outside |
| 105 | goodhstg_all_ZONES = goodhstg.com |
| 106 | |
| 107 | ###-------------------------------------------------------------------------- |
| 108 | ### Zone construction machinery. |
| 109 | |
| 110 | ZONE = zone |
| 111 | V_ZONE = $(call v_tag,ZONE)$(ZONE) |
| 112 | |
| 113 | .SECONDEXPANSION: #sorry |
| 114 | |
| 115 | ## For each net/zoneset pair, we make a stamp file net/zoneset.stamp to |
| 116 | ## remember that we've made the corresponding zones. |
| 117 | ALL_ZONESTAMPS = $(foreach s,$(ZONESETS), \ |
| 118 | $(patsubst %,%/$s.zonestamp,$($s_VIEWS))) |
| 119 | $(ALL_ZONESTAMPS) : %.zonestamp : $$(notdir $$*).lisp hosts.lisp |
| 120 | $(V_AT)mkdir -p $(dir $*) |
| 121 | $(V_ZONE) -d$(dir $*) -fview/$(call dir-nosl,$*)$(hack \ |
| 122 | hack) $(addprefix -s, \ |
| 123 | $($(notdir $*)_$(call dir-nosl,$*)_NETS)) $< |
| 124 | $(V_AT)touch $@ |
| 125 | all: $(ALL_ZONESTAMPS) |
| 126 | CLEANFILES += $(sort $(foreach s,$(ZONESETS), \ |
| 127 | $(foreach v,$($s_VIEWS), \ |
| 128 | $v/*.zonestamp $v/*.zone))) |
| 129 | REALCLEANFILES += $(sort $(foreach s,$(ZONESETS), \ |
| 130 | $(foreach v,$($s_VIEWS), \ |
| 131 | $v/*.serial))) |
| 132 | REALCLEANDIRS += $(sort $(foreach s,$(ZONESETS),$($s_VIEWS))) |
| 133 | |
| 134 | ## Now explain that each generated zone file depends on the corresponding |
| 135 | ## zonestamp. This is where things start getting a little hairy. |
| 136 | $(foreach s,$(ZONESETS), \ |
| 137 | $(foreach v,$($s_VIEWS), \ |
| 138 | $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \ |
| 139 | $(eval $v/$z.zone: $v/$s.zonestamp)))) |
| 140 | |
| 141 | ## Prepare a mapping from zone names back to their owning zonesets. |
| 142 | $(foreach s,$(ZONESETS), \ |
| 143 | $(foreach z,$(sort $(foreach v,$($s_VIEWS), \ |
| 144 | $($s_all_ZONES) $($s_$v_ZONES))), \ |
| 145 | $(eval $z_ZONESET = $s))) |
| 146 | |
| 147 | ## Now we have to check the individual zone files. |
| 148 | ALL_ZONECHECKS = $(foreach s,$(ZONESETS), \ |
| 149 | $(foreach v,$($s_VIEWS), \ |
| 150 | $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \ |
| 151 | $v/$z.check))) |
| 152 | $(ALL_ZONECHECKS) : %.check : %.zone |
| 153 | $(call v_tag,CHECK)\ |
| 154 | { $(CHECKZONE) $(notdir $*) $^ || kill $$$$; } | \ |
| 155 | { grep -Ev 'loaded serial|OK' || :; } |
| 156 | check: $(ALL_ZONECHECKS) |
| 157 | .PHONY: check $(ALL_ZONECHECKS) |
| 158 | |
| 159 | ## If nsdiff(1) is available then we can show what changes we will make if |
| 160 | ## we install the new zone files. |
| 161 | ALL_ZONEDIFFS = $(foreach s,$(ZONESETS), \ |
| 162 | $(foreach v,$($s_VIEWS), \ |
| 163 | $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \ |
| 164 | $v/$z.zonediff))) |
| 165 | run-nsdiff = nsdiff -v "" $2 \ |
| 166 | $($($(call notdir,$1)_ZONESET)_$(call dir-nosl,$1)_NSDIFF) \ |
| 167 | $(call notdir,$1) $1.zone |
| 168 | $(ALL_ZONEDIFFS) : %.zonediff : %.zone |
| 169 | $(call v_tag,NSDIFF)$(call run-nsdiff,$*,-q); \ |
| 170 | rc=$$?; case $$rc in 1) $(call run-nsdiff,$*); rc=$$? ;; esac; \ |
| 171 | case $$rc in 0 | 1) : ;; *) exit $$rc ;; esac |
| 172 | diff: $(ALL_ZONEDIFFS) |
| 173 | |
| 174 | ## Finally we have to install the zone files. |
| 175 | ALL_INSTALLS = $(foreach s,$(ZONESETS), \ |
| 176 | $(foreach v,$($s_VIEWS), \ |
| 177 | $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \ |
| 178 | $v/$z.inst))) |
| 179 | $(ALL_INSTALLS) : %.inst : %.check |
| 180 | $(call v_tag,INST)$(ZONEINST) \ |
| 181 | $(call dir-nosl,$*) $(notdir $*) <$*.zone |
| 182 | install: $(ALL_INSTALLS) |
| 183 | .PHONY: install $(ALL_INSTALLS) |
| 184 | |
| 185 | ## Files to clean. |
| 186 | clean: |
| 187 | rm -f $(CLEANFILES) |
| 188 | [ "$(CLEANDIRS)x" = x ] || rmdir $(CLEANDIRS) || : |
| 189 | realclean: |
| 190 | rm -f $(REALCLEANFILES) |
| 191 | [ "$(REALCLEANDIRS)x" = x ] || rmdir $(REALCLEANDIRS) || : |
| 192 | .PHONY: clean realclean |
| 193 | |
| 194 | ###----- That's all, folks -------------------------------------------------- |