val masterNode = "deleuze"
val slaveNodes = ["mire"]
+val dnsNodes_all = ["deleuze", "mire"]
+val dnsNodes_admin = []
+
val aclFile = "/afs/hcoop.net/common/etc/domtool/acl"
val testUser = "test"
val dispatcherName : string
val homeBase : string
+
+val dnsNodes_all : string list
+val dnsNodes_admin : string list
val defaultSoa = soa "ns.hcoop.net" serialAuto 172800 900 1209600 3600;
+extern type dns_node;
+{{A node offering DNS services}}
+extern val dns_node_to_node : dns_node -> node;
+
extern type master;
{{Information on the master DNS server for a domain}}
extern val externalMaster : ip -> master;
{{A server not controlled by domtool will serve as master.}}
-extern val internalMaster : node -> master;
+extern val internalMaster : dns_node -> master;
{{A server controlled by domtool will serve as master.}}
extern type dnsKind;
{{How should DNS for this domain be handled?}}
-extern val useDns : soa -> master -> [node] -> dnsKind;
+extern val useDns : soa -> master -> [dns_node] -> dnsKind;
{{We do want DNS services for this domain. Specify the SOA record, information
on the server in charge of zone data, and a list of slave servers.}}
extern val noDns : dnsKind;
val set_context : OpenSSL.context -> unit
- val inGroup : string -> bool
+ val hasPriv : string -> bool
end
Env.string
validNode
+val _ = Env.registerFunction ("web_node_to_node",
+ fn [e] => SOME e
+ | _ => NONE)
open Ast
val dl = ErrorMsg.dummyLoc
fn cl => "Temp file cleanup failed: " ^ cl))
end)
-fun inGroup group = Acl.query {user = getUser (), class = "group", value = "root"}
- orelse Acl.query {user = getUser (), class = "group", value = group}
+fun hasPriv priv = Acl.query {user = getUser (), class = "priv", value = "all"}
+ orelse Acl.query {user = getUser (), class = "priv", value = priv}
+
+val _ = Env.type_one "dns_node"
+ Env.string
+ (fn node =>
+ List.exists (fn x => x = node) Config.dnsNodes_all
+ orelse (hasPriv "dns"
+ andalso List.exists (fn x => x = node) Config.dnsNodes_admin))
end
end
| MsgGrant acl =>
- if Acl.query {user = user, class = "group", value = "root"} then
+ if Acl.query {user = user, class = "priv", value = "all"} then
((Acl.grant acl;
Acl.write Config.aclFile;
Msg.send (bio, MsgOk);
loop ())
| MsgRevoke acl =>
- if Acl.query {user = user, class = "group", value = "root"} then
+ if Acl.query {user = user, class = "priv", value = "all"} then
((Acl.revoke acl;
Acl.write Config.aclFile;
Msg.send (bio, MsgOk);
Env.string
(fn node =>
List.exists (fn x => x = node) Config.Apache.webNodes_all
- orelse (Domain.inGroup "www"
+ orelse (Domain.hasPriv "www"
andalso List.exists (fn x => x = node) Config.Apache.webNodes_admin))
val _ = Env.type_one "proxy_port"