diff --git a/.github/workflows/test-and-deploy.yaml b/.github/workflows/test-and-deploy.yaml index 186536fd..676463dc 100644 --- a/.github/workflows/test-and-deploy.yaml +++ b/.github/workflows/test-and-deploy.yaml @@ -13,6 +13,7 @@ jobs: steps: - uses: actions/checkout@v3 + # disabled for now, we don't want to reset TLS cert, and for testing nine.testrun.org resetting makes less sense #- name: rebuild staging.testrun.org to have a clean VPS # run: | # curl -X POST \ @@ -49,6 +50,16 @@ jobs: - name: cmdeploy run run: cmdeploy run + - name: cmdeploy dns + run: | + echo "${{ secrets.DEFAULT_DNS_ZONE }}" > staging.testrun.org.zone + cmdeploy dns --zonefile staging-additional.zone + cat staging-additional.zone >> staging.testrun.org.zone + scp -o StrictHostKeyChecking=accept-new staging.testrun.org.zone root@ns.testrun.org:/etc/nsd/staging.testrun.org.zone + ssh root@ns.testrun.org nsd-checkzone staging.testrun.org /etc/nsd/staging.testrun.org.zone + ssh root@ns.testrun.org systemctl reload nsd + cmdeploy dns + - name: cmdeploy test run: cmdeploy test --slow diff --git a/cmdeploy/src/cmdeploy/cmdeploy.py b/cmdeploy/src/cmdeploy/cmdeploy.py index e3ed752b..0fdb481a 100644 --- a/cmdeploy/src/cmdeploy/cmdeploy.py +++ b/cmdeploy/src/cmdeploy/cmdeploy.py @@ -82,7 +82,8 @@ def dns_cmd_options(parser): def dns_cmd(args, out): """Generate dns zone file.""" - show_dns(args, out) + exit_code = show_dns(args, out) + exit(exit_code) def status_cmd(args, out): diff --git a/cmdeploy/src/cmdeploy/dns.py b/cmdeploy/src/cmdeploy/dns.py index 8a1baca7..6cf95cc9 100644 --- a/cmdeploy/src/cmdeploy/dns.py +++ b/cmdeploy/src/cmdeploy/dns.py @@ -43,11 +43,12 @@ class DNS: def check_ptr_record(self, ip: str, mail_domain) -> bool: """Check the PTR record for an IPv4 or IPv6 address.""" - result = self.shell(f"dig -r -x {ip} +short").rstrip() + result = self.shell(f"dig @ns1.your-server.de -r -x {ip} +short").rstrip() return result == f"{mail_domain}." -def show_dns(args, out): +def show_dns(args, out) -> int: + """Check existing DNS records, optionally write them to zone file, return exit code 0 or 1.""" template = importlib.resources.files(__package__).joinpath("chatmail.zone.f") mail_domain = args.config.mail_domain ssh = f"ssh root@{mail_domain}" @@ -70,7 +71,7 @@ def show_dns(args, out): acme_account_url = out.shell_output(f"{ssh} -- acmetool account-url") except subprocess.CalledProcessError: print("Please run `cmdeploy run` first.") - return + return 1 dkim_entry = read_dkim_entries( out.shell_output(f"{ssh} -- cat /var/lib/rspamd/dkim/{mail_domain}.dkim.zone") ) @@ -99,7 +100,7 @@ def show_dns(args, out): with open(args.zonefile, "w+") as zf: zf.write(zonefile) print(f"DNS records successfully written to: {args.zonefile}") - return + return 0 except TypeError: pass started_dkim_parsing = False @@ -153,6 +154,7 @@ def show_dns(args, out): else: to_print.append(dkim_entry) + exit_code = 0 if to_print: to_print.insert( 0, "You should configure the following DNS entries at your provider:\n" @@ -161,6 +163,7 @@ def show_dns(args, out): "\nIf you already configured the DNS entries, wait a bit until the DNS entries propagate to the Internet." ) print("\n".join(to_print)) + exit_code = 1 else: out.green("Great! All your DNS entries are correct.") @@ -180,6 +183,8 @@ def show_dns(args, out): print( "You can do so at your hosting provider (maybe this isn't your DNS provider)." ) + exit_code = 1 + return exit_code def check_necessary_dns(out, mail_domain):