bind multi views

Bug #29 Instead of reloading all zones as mentioned in issue Only reload the adblock rpz zones in the views provided by sysadmin This avoids touching zones which this script does not manage Doco includes news --views argument Signed-off-by: Nic Boet <[email protected]>
Trellmor · Apr 3, 2023 · ab04743 · ab04743
1 parent 5515bcc
commit ab04743
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -78,11 +78,29 @@ Create a zone file for your zone. Replace example.com with the domain you used b
       --no-bind   Don't try to check/reload bind zone
       --raw       Save the zone file in raw format. Requires named-compilezone
       --empty     Create header-only (empty) rpz zone file
+      --views     If using multiple BIND views, list where each zone is defined
 
 Example: `update-zonefile.py /etc/bind/db.rpz.example.com rpz.example.com`
 
 `update-zonefile.py` will update the zone file with the fetched adserver lists and issue a `rndc reload origin` afterwards.
 
+### Multiple BIND Views
+
+If you defined the  adblock rpz across multiple BIND views, then you will need to pass --views a space separated list of which views the zone is defined.
+
+Doing so will issue 'rndc reload origin IN view' for each view provided for the origin zone.
+
+```shell
+--views "internal dmz test"
+```
+
+This argument can be omitted if the origin zone only occurs once in your configuration.
+The following error is an indication you are using the rpz zone multiple views.
+
+```text
+zone 'rpz.adblocker' was found in multiple views
+```
+
 ## Whitelist
 
 You can either use an additional zone to whitelist domains (Or add them to `config.yml`) 

diff --git a/update-zonefile.py b/update-zonefile.py
@@ -220,12 +220,20 @@ def check_zone(origin, zonefile):
     r = subprocess.call(cmd)
     return r == 0
 
-def reload_zone(origin):
-    cmd = ['rndc', 'reload', origin]
+def rndc_reload(cmd):
     r = subprocess.call(cmd)
     if r != 0:
         raise Exception('rndc failed with return code {}'.format(r))
 
+def reload_zone(origin, views):
+    if views:
+        for v in views.split():
+            print (f"view {v}, {origin} ", end='', flush=True)
+            rndc_reload( ['rndc', 'reload', origin, "IN", v] )
+    else:
+        print (f"{origin} ", end='', flush=True)
+        rndc_reload( ['rndc', 'reload', origin] )
+
 def is_exe(fpath):
     return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
 
@@ -253,6 +261,8 @@ def append_domain_to_zonefile(file, domain):
     parser.add_argument('--no-bind', dest='no_bind', action='store_true', help='Don\'t try to check/reload bind zone')
     parser.add_argument('--raw', dest='raw_zone', action='store_true', help='Save the zone file in raw format. Requires named-compilezone')
     parser.add_argument('--empty', dest='empty', action='store_true', help='Create header-only (empty) rpz zone file')
+    parser.add_argument('--views', dest='views', type=str,
+                        help='If using multiple BIND views, list where each zone is defined')
     parser.add_argument('zonefile', help='path to zone file')
     parser.add_argument('origin', help='zone origin')
     args = parser.parse_args()
@@ -297,6 +307,6 @@ def append_domain_to_zonefile(file, domain):
                         r = subprocess.call(cmd)
                         if r != 0:
                             raise Exception('Cannot run selinux restorecon on the zonefile - return code {}'.format(r))
-            reload_zone(args.origin)
+            reload_zone(args.origin, args.views)
         else:
             print('Zone file invalid, not loading')