diff options
author | Martin Basti <mbasti@redhat.com> | 2015-05-13 18:49:25 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-05-19 14:21:31 +0000 |
commit | ae9c3e2dce000ed185b28e2e6e85043ad8d001ed (patch) | |
tree | 118b9992fdf1bfa34fd96cdaeaaed65b4e73f8d3 /install/tools/ipa-replica-install | |
parent | 5a741b614f39a148d849877e743200de5a7302db (diff) | |
download | freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.gz freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.xz freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.zip |
DNS install: extract DNS installer into one module
This is required modification to be able move to new installers.
DNS subsystem will be installed by functions in this module in each of
ipa-server-install, ipa-dns-install, ipa-replica-install install
scripts.
https://fedorahosted.org/freeipa/ticket/4468
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'install/tools/ipa-replica-install')
-rwxr-xr-x | install/tools/ipa-replica-install | 62 |
1 files changed, 13 insertions, 49 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index b09a5f16e..f68cc8cf4 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -41,6 +41,7 @@ from ipaserver.install.installutils import ( from ipaserver.plugins.ldap2 import ldap2 from ipaserver.install import cainstance from ipaserver.install import krainstance +from ipaserver.install import dns as dns_installer from ipalib import api, create_api, errors, util, certstore, x509 from ipalib.constants import CACERT from ipapython import version @@ -150,6 +151,9 @@ def parse_options(): elif options.reverse_zones and options.no_reverse: parser.error("You cannot specify a --reverse-zone option together with --no-reverse") + options.zonemgr = None + options.dnssec_master = False + return safe_options, options, args[0] def get_dirman_password(): @@ -262,31 +266,6 @@ def install_http(config, auto_redirect): return http -def install_bind(config, options): - api.Backend.ldap2.connect(bind_dn=DIRMAN_DN, - bind_pw=config.dirman_password) - if options.forwarders: - forwarders = options.forwarders - else: - forwarders = () - bind = bindinstance.BindInstance(dm_password=config.dirman_password) - - bind.setup(config.host_name, config.ips, config.realm_name, - config.domain_name, forwarders, options.conf_ntp, - config.reverse_zones, ca_configured=options.setup_ca, - no_dnssec_validation=options.no_dnssec_validation) - bind.create_instance() - print "" - dnskeysyncd = dnskeysyncinstance.DNSKeySyncInstance( - dm_password=config.dirman_password) - dnskeysyncd.create_instance(api.env.host, api.env.realm) - dnskeysyncd.start_dnskeysyncd() - bind.start_named() - print "" - bind.check_global_configuration() - print "" - - def install_dns_records(config, options, remote_api): if not bindinstance.dns_container_exists(config.master_host_name, @@ -451,17 +430,6 @@ def main(): global fstore fstore = sysrestore.FileStore(paths.SYSRESTORE) - # check the bind is installed - if options.setup_dns: - check_bind() - - # test DNSSEC forwarders - if options.forwarders: - if (not bindinstance.check_forwarders(options.forwarders, root_logger) - and not options.no_dnssec_validation): - options.no_dnssec_validation = True - print "WARNING: DNSSEC validation will be disabled" - # Check to see if httpd is already configured to listen on 443 if httpinstance.httpd_443_configured(): sys.exit("Aborting installation") @@ -514,6 +482,13 @@ def main(): installutils.verify_fqdn(config.master_host_name, options.no_host_dns) + if options.setup_dns: + dns_installer.install_check(False, True, options, config.host_name) + else: + installutils.get_server_ip_address(config.host_name, fstore, + options.unattended, False, + options.ip_addresses) + # check connection if not options.skip_conncheck: replica_conn_check( @@ -521,18 +496,6 @@ def main(): options.setup_ca, config.ca_ds_port, options.admin_password) - # check replica host IP resolution - config.ips = installutils.get_server_ip_address(config.host_name, fstore, - options.unattended, options.setup_dns, options.ip_addresses) - - ip_addresses = [str(ip) for ip in config.ips] - config.reverse_zones = bindinstance.check_reverse_zones(ip_addresses, - options.reverse_zones, options, True) - - if config.reverse_zones is not None: - print "Using reverse zone(s) %s" % ', '.join(config.reverse_zones) - - # Create the management framework config file # Note: We must do this before bootstraping and finalizing ipalib.api old_umask = os.umask(022) # must be readable for httpd @@ -713,7 +676,8 @@ def main(): CA.restart(dogtag.configured_constants().PKI_INSTANCE_NAME) if options.setup_dns: - install_bind(config, options) + api.Backend.ldap2.connect(autobind=True) + dns_installer.install(False, True, options) # Restart httpd to pick up the new IPA configuration service.print_msg("Restarting the web server") |