summaryrefslogtreecommitdiffstats
path: root/install/tools/ipa-replica-install
diff options
context:
space:
mode:
authorMartin Basti <mbasti@redhat.com>2015-05-13 18:49:25 +0200
committerJan Cholasta <jcholast@redhat.com>2015-05-19 14:21:31 +0000
commitae9c3e2dce000ed185b28e2e6e85043ad8d001ed (patch)
tree118b9992fdf1bfa34fd96cdaeaaed65b4e73f8d3 /install/tools/ipa-replica-install
parent5a741b614f39a148d849877e743200de5a7302db (diff)
downloadfreeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.gz
freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.xz
freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.zip
DNS install: extract DNS installer into one module
This is required modification to be able move to new installers. DNS subsystem will be installed by functions in this module in each of ipa-server-install, ipa-dns-install, ipa-replica-install install scripts. https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'install/tools/ipa-replica-install')
-rwxr-xr-xinstall/tools/ipa-replica-install62
1 files changed, 13 insertions, 49 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index b09a5f16e..f68cc8cf4 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -41,6 +41,7 @@ from ipaserver.install.installutils import (
from ipaserver.plugins.ldap2 import ldap2
from ipaserver.install import cainstance
from ipaserver.install import krainstance
+from ipaserver.install import dns as dns_installer
from ipalib import api, create_api, errors, util, certstore, x509
from ipalib.constants import CACERT
from ipapython import version
@@ -150,6 +151,9 @@ def parse_options():
elif options.reverse_zones and options.no_reverse:
parser.error("You cannot specify a --reverse-zone option together with --no-reverse")
+ options.zonemgr = None
+ options.dnssec_master = False
+
return safe_options, options, args[0]
def get_dirman_password():
@@ -262,31 +266,6 @@ def install_http(config, auto_redirect):
return http
-def install_bind(config, options):
- api.Backend.ldap2.connect(bind_dn=DIRMAN_DN,
- bind_pw=config.dirman_password)
- if options.forwarders:
- forwarders = options.forwarders
- else:
- forwarders = ()
- bind = bindinstance.BindInstance(dm_password=config.dirman_password)
-
- bind.setup(config.host_name, config.ips, config.realm_name,
- config.domain_name, forwarders, options.conf_ntp,
- config.reverse_zones, ca_configured=options.setup_ca,
- no_dnssec_validation=options.no_dnssec_validation)
- bind.create_instance()
- print ""
- dnskeysyncd = dnskeysyncinstance.DNSKeySyncInstance(
- dm_password=config.dirman_password)
- dnskeysyncd.create_instance(api.env.host, api.env.realm)
- dnskeysyncd.start_dnskeysyncd()
- bind.start_named()
- print ""
- bind.check_global_configuration()
- print ""
-
-
def install_dns_records(config, options, remote_api):
if not bindinstance.dns_container_exists(config.master_host_name,
@@ -451,17 +430,6 @@ def main():
global fstore
fstore = sysrestore.FileStore(paths.SYSRESTORE)
- # check the bind is installed
- if options.setup_dns:
- check_bind()
-
- # test DNSSEC forwarders
- if options.forwarders:
- if (not bindinstance.check_forwarders(options.forwarders, root_logger)
- and not options.no_dnssec_validation):
- options.no_dnssec_validation = True
- print "WARNING: DNSSEC validation will be disabled"
-
# Check to see if httpd is already configured to listen on 443
if httpinstance.httpd_443_configured():
sys.exit("Aborting installation")
@@ -514,6 +482,13 @@ def main():
installutils.verify_fqdn(config.master_host_name, options.no_host_dns)
+ if options.setup_dns:
+ dns_installer.install_check(False, True, options, config.host_name)
+ else:
+ installutils.get_server_ip_address(config.host_name, fstore,
+ options.unattended, False,
+ options.ip_addresses)
+
# check connection
if not options.skip_conncheck:
replica_conn_check(
@@ -521,18 +496,6 @@ def main():
options.setup_ca, config.ca_ds_port, options.admin_password)
- # check replica host IP resolution
- config.ips = installutils.get_server_ip_address(config.host_name, fstore,
- options.unattended, options.setup_dns, options.ip_addresses)
-
- ip_addresses = [str(ip) for ip in config.ips]
- config.reverse_zones = bindinstance.check_reverse_zones(ip_addresses,
- options.reverse_zones, options, True)
-
- if config.reverse_zones is not None:
- print "Using reverse zone(s) %s" % ', '.join(config.reverse_zones)
-
-
# Create the management framework config file
# Note: We must do this before bootstraping and finalizing ipalib.api
old_umask = os.umask(022) # must be readable for httpd
@@ -713,7 +676,8 @@ def main():
CA.restart(dogtag.configured_constants().PKI_INSTANCE_NAME)
if options.setup_dns:
- install_bind(config, options)
+ api.Backend.ldap2.connect(autobind=True)
+ dns_installer.install(False, True, options)
# Restart httpd to pick up the new IPA configuration
service.print_msg("Restarting the web server")