From c23af4454e79f11677c808b3e05e9d14061f71b1 Mon Sep 17 00:00:00 2001 From: Clinton Ebadi Date: Tue, 25 Dec 2018 17:00:03 -0500 Subject: [PATCH 1/1] basic internal ipv6 support extend nodeips with ipv6, which is now mandatory for all domtool controlled servers going forward. fwtool will generate $WEBNODES using IPv6 so rules from the webservers to the member servers actually work. --- configDefault/domtool.cfg | 2 +- configDefault/domtool.cfs | 3 ++- src/domain.sml | 6 +++--- src/main-config.sml | 2 +- src/main.sml | 2 +- src/plugins/firewall.sml | 5 ++--- src/plugins/webalizer.sml | 2 +- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/configDefault/domtool.cfg b/configDefault/domtool.cfg index b57b6e2..0a1154b 100644 --- a/configDefault/domtool.cfg +++ b/configDefault/domtool.cfg @@ -7,7 +7,7 @@ val oldResultRoot = ConfigCore.sharedRoot ^ "/nodes.old" val domtool_publish = ConfigCore.installPrefix ^ "/sbin/domtool-publish" -val nodeIps = [("outpost", "151.236.216.192"), ("gibran", "142.93.177.82"), ("marsh", "45.55.52.66"), ("minsky", "104.248.1.95"), ("shelob", "68.183.54.165"), ("lovelace", "68.183.58.241")] +val nodeIps = [("outpost", "151.236.216.192", "2a01:7e00::f03c:91ff:fe70:7c62"), ("gibran", "142.93.177.82", "2604:a880:800:c1::99:5001"), ("marsh", "45.55.52.66", "2604:a880:800:a1::13a3:f001"), ("minsky", "104.248.1.95", "2604:a880:800:c1::b1:5001"), ("shelob", "68.183.54.165", "2604:a880:800:c1::d:3001"), ("lovelace", "68.183.58.241", "2604:a880:800:c1::c2:7001")] val dispatcherName = "gibran" val dnsNodes_all = ["outpost", "gibran"] diff --git a/configDefault/domtool.cfs b/configDefault/domtool.cfs index 94b0076..aea7f33 100644 --- a/configDefault/domtool.cfs +++ b/configDefault/domtool.cfs @@ -14,7 +14,8 @@ val tmpDir : string val domtool_publish : string (* Names of machines who will receive configuration *) -val nodeIps : (string * string) list +(* This should be a record type instead of a list *) +val nodeIps : (string * string * string) list val dispatcherName : string val aclFile : string diff --git a/src/domain.sml b/src/domain.sml index aebf0f1..90afaad 100644 --- a/src/domain.sml +++ b/src/domain.sml @@ -30,7 +30,7 @@ fun set_context ctx = ssl_context := SOME ctx fun get_context () = valOf (!ssl_context) val nodes = map #1 Config.nodeIps -val nodeMap = foldl (fn ((node, ip), mp) => SM.insert (mp, node, ip)) +val nodeMap = foldl (fn ((node, ip, ipv6), mp) => SM.insert (mp, node, ip)) SM.empty Config.nodeIps fun nodeIp node = valOf (SM.find (nodeMap, node)) @@ -794,7 +794,7 @@ val _ = Env.type_one "mail_node" fun rmdom' delete resultRoot doms = let - fun doNode (node, _) = + fun doNode (node, _, _) = let val dname = OS.Path.joinDirFile {dir = resultRoot, file = node} @@ -843,7 +843,7 @@ fun rmdom' delete resultRoot doms = end handle IO.Io _ => print ("Warning: IO error deleting domains on " ^ node ^ ".\n") - fun cleanupNode (node, _) = + fun cleanupNode (node, _, _) = let fun doDom dom = let diff --git a/src/main-config.sml b/src/main-config.sml index a3fc686..9443501 100644 --- a/src/main-config.sml +++ b/src/main-config.sml @@ -44,7 +44,7 @@ val _ = | _ => die "Invalid cert path type") | ["vmaildb"] => println Config.Vmail.userDatabase | _ => die "Invalid path type") - | ["-nodes"] => (app (fn (n, _) => (print n; print " ")) Config.nodeIps; + | ["-nodes"] => (app (fn (n, _, _) => (print n; print " ")) Config.nodeIps; print "\n") | ["-domain"] => println Config.defaultDomain | _ => die "Invalid command-line arguments") diff --git a/src/main.sml b/src/main.sml index 3a31c34..dfe0bd5 100644 --- a/src/main.sml +++ b/src/main.sml @@ -1110,7 +1110,7 @@ fun regenerateEither tc checker context = val ok = ref true - fun contactNode (node, ip) = + fun contactNode (node, ip, ipv6) = if node = Config.dispatcherName then Domain.resetLocal () else let diff --git a/src/plugins/firewall.sml b/src/plugins/firewall.sml index 5d2155c..ec5ad54 100644 --- a/src/plugins/firewall.sml +++ b/src/plugins/firewall.sml @@ -199,10 +199,9 @@ fun generateFirewallConfig rules = val nodeFermRules = generateNodeFermRules rules fun write_tcp_in_conf_preamble outf = - (* no ipv6 support yet, but use @ipfilter() in ferm to prepare *) TextIO.output (outf, String.concat ["@def $WEBNODES = @ipfilter((", - (String.concatWith " " (List.map (fn (_, ip) => ip) - (List.filter (fn (node, _) => List.exists (fn (n) => n = node) (List.map (fn (node, _) => node) (Config.Apache.webNodes_all @ Config.Apache.webNodes_admin))) + (String.concatWith " " (List.map (fn (_, ip, ipv6) => ip ^ " " ^ "[" ^ ipv6 ^ "]") + (List.filter (fn (node, _, _) => List.exists (fn (n) => n = node) (List.map (fn (node, _) => node) (Config.Apache.webNodes_all @ Config.Apache.webNodes_admin))) Config.nodeIps))), "));\n\n"]) diff --git a/src/plugins/webalizer.sml b/src/plugins/webalizer.sml index 50ca6a9..51e76c6 100644 --- a/src/plugins/webalizer.sml +++ b/src/plugins/webalizer.sml @@ -117,7 +117,7 @@ val () = Slave.registerFileHandler (fn fs => end) val () = Domain.registerResetLocal (fn () => - app (fn (node, _) => + app (fn (node, _, _) => ignore (OS.Process.system (Config.rm ^ " -rf " ^ Config.Webalizer.configDir ^ "/" ^ node ^ "/*"))) Config.nodeIps) -- 2.20.1