powerdns: Introduce PowerDNS software release

powerdns: provide basic instanciation

powerdns: add monitoring, promise and reload

powerdns: add replication

power-dns: replication specific for powerdns

powerdns: fix parameter name

powerdns: provide input json schema for powerdns instance

powerdns: Publish current NS record

powerdns: introduce flexible configuration for countries/ geographical zones

powerdns: fix contry configuration list

powerdns: fix country map list

powerdns: add dynamic slave configuration

powerdns: remove recursor

powerdns: reduce log level

component/powerdns/buildout.cfg

+[buildout]
+extends =
+  ../autoconf/buildout.cfg
+  ../automake/buildout.cfg
+  ../bison/buildout.cfg
+  ../flex/buildout.cfg
+  ../gcc/buildout.cfg
+  ../git/buildout.cfg
+  ../boost-lib/buildout.cfg
+  ../libtool/buildout.cfg
+  ../make/buildout.cfg
+  ../mariadb/buildout.cfg
+  ../pkgconfig/buildout.cfg
+  ../ragel/buildout.cfg
+  ../zlib/buildout.cfg
+
+parts =
+  powerdns
+
+[powerdns]
+recipe = slapos.recipe.cmmi
+url = http://downloads.powerdns.com/releases/pdns-3.3.1.tar.gz
+md5sum = 074e2ff211fd12ecad25b5c1cc190dd4
+configure-options =
+  --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
+  --with-modules="geo"
+  --with-dynmodules=""
+  --without-lua
+environment =
+  PATH=${make:location}/bin:${libtool:location}/bin:${pkgconfig:location}/bin:${bison:location}/bin:${flex:location}/bin:${git:location}/bin:${ragel:location}/bin:%(PATH)s
+  LDFLAGS = -L${boost-lib:location}/lib -Wl,-rpath=${boost-lib:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lz
+  CPPFLAGS=-I${boost-lib:location}/include
+make-target =
+  install

component/ragel/buildout.cfg

+[buildout]
+extends =
+  ../../component/gcc/buildout.cfg
+  ../../component/make/buildout.cfg
+
+parts =
+  ragel
+
+[ragel]
+recipe = slapos.recipe.cmmi
+url = http://www.complang.org/ragel/ragel-6.8.tar.gz
+md5sum = 1bb39745ac23da449019f9f2cb4b0d01
+configure-options =
+  --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
+environment =
+  PATH=${make:location}/bin:%(PATH)s
+make-target =
+  
+  install

software/powerdns/instance-powerdns-input-schema.json

+{
+  "type": "object",
+  "$schema": "http://json-schema.org/draft-04/schema",
+
+  "title": "Input Parameters",
+  "properties": {
+
+    "-dns-type": {
+      "title": "DNS Software type",
+      "description": "Software type of DNS nodes",
+      "default": "single-default",
+      "type": "string"
+    },
+
+    "-dns-software-release-url": {
+      "title": "DNS Software Release",
+      "description": "Url of the software release to be used for the nodes",
+      "default": "",
+      "type": "string"
+    },
+
+    "-dns-quantity": {
+      "title": "DNS Quantity",
+      "description": "DNS Nodes Quantity",
+      "default": 1,
+      "type": "integer"
+    },
+
+    "-dns-i-state": {
+      "title": "Requested state of node i",
+      "description": "Requested State of node i of the replication. i must inferior or equal to '-dns-quantity'",
+      "default": "started",
+      "type": "string"
+    },
+
+    "-sla-i-sla_parameter": {
+      "title": "sla_parameter used to request node i",
+      "description": "Parameter used to provide sla parameter to request dns nodes",
+      "default": "",
+      "type": "string"
+    },
+
+    "zone": {
+      "title": "Zone",
+      "description": "Zone to be handled by the DNS cluster",
+      "type": "string",
+      "default": "domain.com",
+      "pattern": "^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$"
+    },
+
+    "server-admin": {
+      "title": "Zone Administrator Email",
+      "description": "Email of the zone administrator, it is used to generate SOA value",
+      "type": "string",
+      "default": "admin@domain.com"
+    },
+
+    "dns-name-template-string": {
+      "title": "DNS domains template string",
+      "description": "Template used to generate DNS domain name",
+      "type": "string",
+      "default": "ns%s." + zone
+    }
+  }
+}

software/powerdns/instance-powerdns-replicate.cfg.jinja2

+{% if slap_software_type in software_type -%}
+
+[jinja2-template-base]
+recipe = slapos.recipe.template:jinja2
+rendered = ${buildout:directory}/${:filename}
+extra-context =
+context =
+    import json_module json
+    key eggs_directory buildout:eggs-directory
+    key develop_eggs_directory buildout:develop-eggs-directory
+    key slap_software_type slap-parameter:slap_software_type
+    key slave_instance_list slap-parameter:slave_instance_list
+    ${:extra-context}
+
+{% set part_list = [] -%}
+{% set single_type_key = 'single-' %}
+{% if slap_software_type in ("replicate", "RootSoftwareInstance") %}
+{%   set dns_type = slapparameter_dict.pop('-dns-type', 'single-default') -%}
+{% else -%}
+{%   set dns_type = "%s%s" % (single_type_key, slap_software_type) -%}
+{% endif -%}
+{% set dns_quantity = slapparameter_dict.pop('-dns-quantity', '1') | int -%}
+{% set slave_list_name = 'extra_slave_instance_list' -%}
+{% set dns_list = [] %}
+{% set dns_domain_list = [] %}
+{% set dns_section_list = [] %}
+{% set namebase = 'powerdns' -%}
+# XXX Dirty hack, not possible to define default value before
+{% set sla_computer_powerdns_1_key = '-sla-1-computer_guid' -%}
+{% if not sla_computer_powerdns_1_key in slapparameter_dict -%}
+{%   do slapparameter_dict.__setitem__(sla_computer_powerdns_1_key, '${slap-connection:computer-id}') -%}
+{% endif -%}
+
+## DNS set up
+{% set zone = slapparameter_dict.pop('zone', 'domain.com') %}
+{% set server_admin = slapparameter_dict.pop('server-admin', 'admin@domain.com') %}
+{% set dns_name_template_string = slapparameter_dict.pop('dns-name-template-string', 'ns%s.' + zone) %}
+
+# Here we request individualy each dns.
+# The presence of sla parameters is checked and added if found
+{% for i in range(1, dns_quantity + 1) -%}
+{%   set dns_name = 'ns%s' % i -%}
+{%   set dns_domain = dns_name_template_string % i %}
+{%   set request_section_title = 'request-%s' % dns_name -%}
+{%   set sla_key = "-sla-%s-" % i -%}
+{%   set sla_key_length = sla_key | length %}
+{%   set sla_parameters = [] %}
+{%   for key in slapparameter_dict.keys() %}
+{%     if key.startswith(sla_key) %}
+{%       do sla_parameters.append(key[sla_key_length:]) %}
+{%     endif -%}
+{%   endfor -%}
+{%   do dns_list.append(dns_name) -%}
+{%   do dns_domain_list.append(dns_domain) -%}
+{%   do dns_section_list.append(request_section_title) -%}
+{%   do part_list.append(request_section_title) -%}
+
+[{{request_section_title}}]
+<= replicate
+name = {{dns_name}}
+{%   set state_key = "-dns-%s-state" % i %}
+{%   if slapparameter_dict.has_key(state_key) %}
+state = {{ slapparameter_dict.pop(state_key) }}
+{%   endif%}
+config-zone = {{ zone }}
+config-soa = {{ "%s,%s" % (dns_domain, server_admin) }}
+{%   if sla_parameters %}
+sla = {{ ' '.join(sla_parameters) }}
+{%     for parameter in sla_parameters -%}
+sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }}
+{%     endfor -%}
+{%   endif -%}
+{% endfor -%}
+
+
+
+{% set ns_record = slapparameter_dict.pop('ns-record', ','.join(dns_domain_list)) %}
+[replicate]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+{% set dns_software_url_key = "-dns-software-release-url" %}
+{% if slapparameter_dict.has_key(dns_software_url_key) %}
+software-url = {{ slapparameter_dict.pop(dns_software_url_key) }}
+{% else %}
+software-url = ${slap-connection:software-release-url}
+{% endif %}
+software-type = {{dns_type}}
+return = private-ipv4 public-ipv4 slave-instance-information-list monitor_url
+config = {{ ' '.join(slapparameter_dict.keys()) + ' zone soa server-admin ns-record ' + slave_list_name }}
+config-server-admin = {{ server_admin }}
+config-ns-record = {{ ns_record }}
+{% for parameter, value in slapparameter_dict.iteritems() -%}
+config-{{parameter}} = {{ value }}
+{% endfor -%}
+config-{{ slave_list_name }} = {{ json_module.dumps(slave_instance_list) }}
+connection-monitor_url =
+
+[publish-information]
+recipe = slapos.cookbook:publish
+domain = {{ slapparameter_dict.get('domain') }}
+slave-amount = {{ slave_instance_list | length }}
+ns-record = {{ ns_record }}
+{% for dns in dns_section_list %}
+{{ dns }}-monitor-url = {{ '${' + dns + ':connection-monitor_url}' }}
+{% endfor -%}
+
+[buildout]
+parts =
+  publish-information
+{% for part in part_list -%}
+{{ '  %s' % part }}
+{% endfor -%}
+
+eggs-directory = {{ eggs_directory }}
+develop-eggs-directory = {{ develop_eggs_directory }}
+offline = true
+
+
+[slap_connection]
+# Kept for backward compatiblity
+computer_id = ${slap-connection:computer-id}
+partition_id = ${slap-connection:partition-id}
+server_url = ${slap-connection:server-url}
+software_release_url = ${slap-connection:software-release-url}
+key_file = ${slap-connection:key-file}
+cert_file = ${slap-connection:cert-file}
+
+[slap-parameter]
+slave_instance_list =
+-dns-quantity = 1
+-dns-type = single-default
+{%- endif %}
\ No newline at end of file

software/powerdns/instance-powerdns.cfg

+{% if slap_software_type in software_type -%}
+{% set part_list =  [] %}
+
+# Create all needed directories
+[directory]
+recipe = slapos.cookbook:mkdirectory
+
+bin = $${buildout:directory}/bin/
+etc = $${buildout:directory}/etc/
+srv = $${buildout:directory}/srv/
+var = $${buildout:directory}/var/
+template = $${buildout:directory}/template/
+
+backup = $${:srv}/backup
+log = $${:var}/log
+run = $${:var}/run
+service = $${:etc}/service
+etc-run = $${:etc}/run
+promise = $${:etc}/promise
+
+logrotate-backup = $${:backup}/logrotate
+logrotate-entries = $${:etc}/logrotate.d
+
+cron-entries = $${:etc}/cron.d
+crontabs = $${:etc}/crontabs
+cronstamps = $${:etc}/cronstamps
+ca-dir = $${:srv}/ssl
+
+# Instance parameters
+[instance-parameter]
+# Fetches parameters defined in SlapOS Master for this instance.
+# Always the same.
+recipe = slapos.cookbook:slapconfiguration.serialised
+computer = $${slap-connection:computer-id}
+partition = $${slap-connection:partition-id}
+url = $${slap-connection:server-url}
+key = $${slap-connection:key-file}
+cert = $${slap-connection:cert-file}
+
+
+# Generic jinja section to extend
+[jinja2-template-base]
+recipe = slapos.recipe.template:jinja2
+rendered = $${buildout:directory}/$${:filename}
+extra-context =
+context =
+    import json_module json
+    key eggs_directory buildout:eggs-directory
+    key develop_eggs_directory buildout:develop-eggs-directory
+    key slap_software_type instance-parameter:slap-software-type
+    key slapparameter_dict instance-parameter:configuration
+    section directory directory
+    $${:extra-context}
+
+####################
+# PowerDNS sections
+#
+[pdns]
+configuration = $${pdns-directory:configuration}/pdns.conf
+local-ipv4 = $${instance-parameter:ipv4-random}
+ipv6 = $${instance-parameter:ipv6-random}
+port = 5353
+socket-directory = $${pdns-directory:socket}
+webserver-port = 8088
+
+[geo]
+ip-map-zonefile = ${iso-list:location}/${iso-list:filename}
+geo-maps = $${pdns-directory:geo-maps}
+
+[pdns-directory]
+recipe = slapos.cookbook:mkdirectory
+configuration = $${directory:etc}/pdns
+geo-maps = $${:configuration}/geo-maps
+socket = $${directory:run}/pdns-socket
+
+[pdns-configuration-template]
+< = jinja2-template-base
+template = ${template-pdns-configuration:target}
+rendered = $${pdns:configuration}
+extra-context =
+  section pdns pdns
+  section geo geo
+
+# Executables
+[pdns-server]
+recipe = slapos.cookbook:wrapper
+command-line = ${powerdns:location}/sbin/pdns_server --config-dir=$${pdns-directory:configuration}
+wrapper-path = $${directory:service}/pdns
+
+[pdns-reload]
+recipe = slapos.cookbook:wrapper
+command-line = ${powerdns:location}/bin/pdns_control reload --config-dir=$${pdns-directory:configuration}
+wrapper-path = $${directory:etc-run}/pdns-reload
+
+# Promises
+[pdns-promise-listen-port]
+recipe = slapos.cookbook:check_port_listening
+path = $${directory:promise}/pdns-port-listening
+hostname = $${pdns:local-ipv4}
+port = $${pdns:port}
+
+#####################
+# Power DNS Slave configuration
+#
+{% set slave_instance_list = json_module.loads(slapparameter_dict.get('extra_slave_instance_list', '')) %}
+
+# Iter through slave list to prepare configuration
+{% for slave in slave_instance_list %}
+{%   if 'record' in slave and 'origin' in slave and 'default' in slave %}
+{%     set slave_reference = slave.get('slave_reference') %}
+{%     set slave_section_name = 'map-configuration-%s' % slave_reference  %}
+{%     do part_list.append(slave_section_name) %}
+[{{ slave_section_name }}]
+< = jinja2-template-base
+template = ${template-cdn-conf:location}/${template-cdn-conf:filename}
+rendered = $${geo:geo-maps}/{{ slave_reference }}
+configuration = {{ json_module.dumps(slave) }}
+extra-context =
+  key json_cdn :configuration
+{%   endif %}
+{% endfor %}
+
+[buildout]
+parts =
+  pdns-configuration-template
+  pdns-server
+  pdns-reload
+  pdns-promise-listen-port
+{% for part in part_list %}
+{{ '  %s' % part }}
+{% endfor %}
+## Monitoring part
+###Parts to add for monitoring
+  certificate-authority
+  cron-entry-monitor
+  cron-entry-rss
+  deploy-index
+  deploy-settings-cgi
+  deploy-status-cgi
+  deploy-status-history-cgi
+  setup-static-files
+  certificate-authority
+  zero-parameters
+  public-symlink
+  cgi-httpd-wrapper
+  cgi-httpd-graceful-wrapper
+  monitor-promise
+  monitor-instance-log-access
+
+extends = ${monitor-template:output}
+
+eggs-directory = {{ eggs_directory }}
+develop-eggs-directory = {{ develop_eggs_directory }}
+offline = true
+{% endif%}
\ No newline at end of file

software/powerdns/instance.cfg

+[buildout]
+parts =
+  switch-softwaretype
+
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory}
+offline = true
+
+
+[switch-softwaretype]
+recipe = slapos.cookbook:softwaretype
+default = $${dynamic-powerdns-replicate:rendered}
+single-default = $${dynamic-template-powerdns:rendered}
+
+
+[jinja2-template-base]
+recipe = slapos.recipe.template:jinja2
+rendered = $${buildout:directory}/$${:filename}
+extra-context =
+context =
+    import json_module json
+    key eggs_directory buildout:eggs-directory
+    key develop_eggs_directory buildout:develop-eggs-directory
+    key slap_software_type slap-parameters:slap-software-type
+    key slapparameter_dict slap-parameters:configuration
+    key slave_instance_list slap-parameters:slave-instance-list
+    $${:extra-context}
+
+[dynamic-template-powerdns]
+< = jinja2-template-base
+template = ${template-powerdns:output}
+filename = instance-powerdns.cfg
+extensions = jinja2.ext.do
+extra-context =
+# Must match the key id in [switch-softwaretype] which uses this section.
+    raw software_type single-default
+
+[dynamic-powerdns-replicate]
+< = jinja2-template-base
+template = ${template-dns-replicate:target}
+filename = instance-apache-replicate.cfg
+extensions = jinja2.ext.do
+extra-context =
+# Must match the key id in [switch-softwaretype] which uses this section.
+    raw software_type RootSoftwareInstance-default
+
+
+[slap-parameters]
+recipe = slapos.cookbook:slapconfiguration
+computer = $${slap-connection:computer-id}
+partition = $${slap-connection:partition-id}
+url = $${slap-connection:server-url}
+key = $${slap-connection:key-file}
+cert = $${slap-connection:cert-file}
+slave-instance-list =
\ No newline at end of file

software/powerdns/slave-instance-powerdns-input-schema.json

+{
+  "type": "object",
+  "$schema": "http://json-schema.org/draft-04/schema",
+
+  "title": "Input Parameters",
+  "properties": {
+
+    "record": {
+      "title": "Record",
+      "description": "Record for the configuration",
+      "type": "string"
+    },
+
+    "origin": {
+      "title": "Origin",
+      "description": "Used to qualify RR in the configuration. i.e.: if your origin is a.example.com and the RR for Europe is 'eu' the european clients will use eu.a.exmple.com",
+      "type": "string"
+    },
+
+    "default": {
+      "title": "Default RR",
+      "description": "Defautl record to use when the ip is not regognized",
+      "type": "string"
+    },
+
+    "europe": {
+      "title": "Europe RR",
+      "description": "Records to use for Europe",
+      "default": "eu",
+      "type": "string"
+    },
+
+    "africa": {
+      "title": "Africa RR",
+      "description": "Records to use for Africa",
+      "default": "af",
+      "type": "string"
+    },
+
+    "south-america": {
+      "title": "South America RR",
+      "description": "Records to use for South America",
+      "default": "sa",
+      "type": "string"
+    },
+
+    "north-america": {
+      "title": "North America RR",
+      "description": "Records to use for North America",
+      "default": "na",
+      "type": "string"
+    },
+
+    "china": {
+      "title": "China RR",
+      "description": "Records to use for China",
+      "default": "cn",
+      "type": "string"
+    },
+
+    "japan": {
+      "title": "Japan RR",
+      "description": "Records to use for Japan",
+      "default": "jp",
+      "type": "string"
+    },
+
+    "hong-kong": {
+      "title": "Honk Kong RR",
+      "description": "Records to use for Hong Kong",
+      "default": "hk",
+      "type": "string"
+    },
+
+    "east-asia": {
+      "title": "East Asia RR",
+      "description": "Records to use for East Asia",
+      "default": "as",
+      "type": "string"
+    },
+
+    "west-asia": {
+      "title": "West Asia RR",
+      "description": "Records to use for West Asia",
+      "default": "eu",
+      "type": "string"
+    },
+
+    "oceania": {
+      "title": "Oceania RR",
+      "description": "Records to use for Oceania",
+      "default": "oc",
+      "type": "string"
+    }
+  }
+}

software/powerdns/software.cfg

+[buildout]
+
+extends =
+  ../../stack/slapos.cfg
+  ../../component/powerdns/buildout.cfg
+# Monitoring stack
+  ../../stack/monitor/buildout.cfg
+
+parts =
+  template
+  slapos-cookbook
+  monitor-eggs
+  eggs
+
+[eggs]
+recipe = zc.recipe.egg
+eggs =
+  plone.recipe.command
+
+[template]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance.cfg
+#md5sum = 5c22b1e0fe601255ebf19adf6093489f
+output = ${buildout:directory}/template.cfg
+mode = 0644
+
+[template-powerdns]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-powerdns.cfg
+#md5sum = 05216295ad8ab5ebf34644ac253f0db6
+output = ${buildout:directory}/template-powerdns.cfg
+mode = 0644
+
+[template-pdns-configuration]
+recipe = slapos.recipe.build:download
+url = ${:_profile_base_location_}/template/pdns.conf.jinja2
+#md5sum = 72922908c1f4e72c92bb03e072660c7c
+mode = 640
+
+[template-dns-replicate]
+recipe = slapos.recipe.build:download
+url = ${:_profile_base_location_}/instance-powerdns-replicate.cfg.jinja2
+#md5sum = 5de85259870dc4364954018041561882
+mode = 0644
+
+[iso-list]
+recipe = hexagonit.recipe.download
+url = ${:_profile_base_location_}/template/zz.countries.nexedi.dk.rbldnsd
+#md5sum = 950a19be225a25309a3bda3f61fb5f6a
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+filename = zz.countries.nexedi.dk.rbldnsd
+download-only = true
+mode = 0644
+
+[template-cdn-conf]
+recipe = hexagonit.recipe.download
+url = ${:_profile_base_location_}/template/cdn.conf.in
+#md5sum = 950a19be225a25309a3bda3f61fb5f6a
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+filename = cdn.conf.in
+download-only = true
+mode = 0644

software/powerdns/template/cdn.conf.in

+{% set cdn = json_module.loads(json_cdn) %}
+
+$RECORD {{ cdn.get('record') }}
+$ORIGIN {{ cdn.get('origin') }}
+
+0 {{ cdn.get('default')}}
+
+# Andorra
+20 {{ cdn.get('europe', 'eu') }}
+# United Arab Emirates
+784 {{ cdn.get('west-asia', 'as') }}
+# Afghanistan
+4 {{ cdn.get('west-asia', 'as') }}
+# Antigua and Barbuda
+28 {{ cdn.get('south-america', 'sa') }}
+# Anguilla
+660 {{ cdn.get('south-america', 'sa') }}
+# Albania
+8 {{ cdn.get('europe', 'eu') }}
+# Armenia
+51 {{ cdn.get('west-asia', 'as') }}
+# Netherlands Antilles
+530 {{ cdn.get('south-america', 'sa') }}
+# Angola
+24 {{ cdn.get('africa', 'af') }}
+# Antarctica
+10 {{ cdn.get('europe', 'eu') }}
+# Argentina
+32 {{ cdn.get('south-america', 'sa') }}
+# American Samoa
+16 {{ cdn.get('oceania', 'oc') }}
+# Austria
+40 {{ cdn.get('europe', 'eu') }}
+# Australia
+36 {{ cdn.get('oceania', 'oc') }}
+# Aruba
+533 {{ cdn.get('south-america', 'sa') }}
+# Azerbaijan
+31 {{ cdn.get('west-asia', 'as') }}
+# Bosnia and Herzegovina
+70 {{ cdn.get('europe', 'eu') }}
+# Barbados
+52 {{ cdn.get('south-america', 'sa') }}
+# Bangladesh
+50 {{ cdn.get('east-asia', 'as') }}
+# Belgium
+56 {{ cdn.get('europe', 'eu') }}
+# Burkina Faso
+854 {{ cdn.get('africa', 'af') }}
+# Bulgaria
+100 {{ cdn.get('europe', 'eu') }}
+# Bahrain
+48 {{ cdn.get('west-asia', 'as') }}
+# Burundi
+108 {{ cdn.get('africa', 'af') }}
+# Benin
+204 {{ cdn.get('africa', 'af') }}
+# Bermuda
+60 {{ cdn.get('south-america', 'sa') }}
+# Brunei Darussalam
+96 {{ cdn.get('east-asia', 'as') }}
+# Bolivia
+68 {{ cdn.get('south-america', 'sa') }}
+# Brazil
+76 {{ cdn.get('south-america', 'sa') }}
+# Bahamas
+44 {{ cdn.get('south-america', 'sa') }}
+# Bhutan
+64 {{ cdn.get('east-asia', 'as') }}
+# Bouvet Island
+74 {{ cdn.get('africa', 'af') }}
+# Botswana
+72 {{ cdn.get('africa', 'af') }}
+# Belarus
+112 {{ cdn.get('europe', 'eu') }}
+# Belize
+84 {{ cdn.get('south-america', 'sa') }}
+# Canada
+124 {{ cdn.get('north-america', 'na') }}
+# Cocos (Keeling) Islands
+166 {{ cdn.get('west-asia', 'as') }}
+# Congo, The Democratic Republic of the
+178 {{ cdn.get('africa', 'af') }}
+# Central African Republic
+140 {{ cdn.get('africa', 'af') }}
+# Switzerland
+756 {{ cdn.get('europe', 'eu') }}
+# Cote D'Ivoire
+384 {{ cdn.get('africa', 'af') }}
+# Cook Islands
+184 {{ cdn.get('oceania', 'oc') }}
+# Chile
+152 {{ cdn.get('south-america', 'sa') }}
+# Cameroon
+120 {{ cdn.get('africa', 'af') }}
+# China
+156 {{ cdn.get('china', 'cn') }}
+# Colombia
+170 {{ cdn.get('south-america', 'sa') }}
+# Costa Rica
+188 {{ cdn.get('south-america', 'sa') }}
+# Cuba
+192 {{ cdn.get('south-america', 'sa') }}
+# Cape Verde
+132 {{ cdn.get('africa', 'af') }}
+# Christmas Island
+162 {{ cdn.get('east-asia', 'as') }}
+# Cyprus
+196 {{ cdn.get('west-asia', 'as') }}
+# Czech Republic
+203 {{ cdn.get('europe', 'eu') }}
+# Germany
+276 {{ cdn.get('europe', 'eu') }}
+# Djibouti
+262 {{ cdn.get('africa', 'af') }}
+# Denmark
+208 {{ cdn.get('europe', 'eu') }}
+# Dominica
+212 {{ cdn.get('south-america', 'sa') }}
+# Dominican Republic
+214 {{ cdn.get('south-america', 'sa') }}
+# Algeria
+12 {{ cdn.get('africa', 'af') }}
+# Ecuador
+218 {{ cdn.get('south-america', 'sa') }}
+# Estonia
+233 {{ cdn.get('europe', 'eu') }}
+# Egypt
+818 {{ cdn.get('africa', 'af') }}
+# Western Sahara
+732 {{ cdn.get('africa', 'af') }}
+# Eritrea
+232 {{ cdn.get('africa', 'af') }}
+# Spain
+724 {{ cdn.get('europe', 'eu') }}
+# Ethiopia
+210 {{ cdn.get('africa', 'af') }}
+# Finland
+246 {{ cdn.get('europe', 'eu') }}
+# Fiji
+242 {{ cdn.get('oceania', 'oc') }}
+# Falkland Islands (Malvinas)
+238 {{ cdn.get('south-america', 'sa') }}
+# Micronesia, Federated States of
+583 {{ cdn.get('oceania', 'oc') }}
+# Faroe Islands
+234 {{ cdn.get('europe', 'eu') }}
+# France
+250 {{ cdn.get('europe', 'eu') }}
+# France, Metropolitan
+249 {{ cdn.get('europe', 'eu') }}
+# Gabon
+266 {{ cdn.get('africa', 'af') }}
+# United Kingdom
+826 {{ cdn.get('europe', 'eu') }}
+# Grenada
+308 {{ cdn.get('south-america', 'sa') }}
+# Georgia
+268 {{ cdn.get('west-asia', 'as') }}
+# French Guiana
+254 {{ cdn.get('south-america', 'sa') }}
+# Ghana
+288 {{ cdn.get('africa', 'af') }}
+# Gibraltar
+292 {{ cdn.get('europe', 'eu') }}
+# Greenland
+304 {{ cdn.get('south-america', 'sa') }}
+# Gambia
+270 {{ cdn.get('africa', 'af') }}
+# Guinea
+324 {{ cdn.get('africa', 'af') }}
+# Guadeloupe
+312 {{ cdn.get('south-america', 'sa') }}
+# Equatorial Guinea
+226 {{ cdn.get('africa', 'af') }}
+# Greece
+300 {{ cdn.get('europe', 'eu') }}
+# Guatemala
+320 {{ cdn.get('south-america', 'sa') }}
+# Guam
+316 {{ cdn.get('oceania', 'oc') }}
+# Guinea-Bissau
+624 {{ cdn.get('africa', 'af') }}
+# Guyana
+328 {{ cdn.get('south-america', 'sa') }}
+# Hong Kong
+344 {{ cdn.get('hong-kong', 'hk') }}
+# Heard Island and McDonald Islands
+334 {{ cdn.get('africa', 'af') }}
+# Honduras
+340 {{ cdn.get('south-america', 'sa') }}
+# Croatia
+191 {{ cdn.get('europe', 'eu') }}
+# Haiti
+332 {{ cdn.get('south-america', 'sa') }}
+# Hungary
+348 {{ cdn.get('europe', 'eu') }}
+# Indonesia
+360 {{ cdn.get('east-asia', 'as') }}
+# Ireland
+372 {{ cdn.get('europe', 'eu') }}
+# Israel
+376 {{ cdn.get('west-asia', 'as') }}
+# India
+356 {{ cdn.get('east-asia', 'as') }}
+# British Indian Ocean Territory
+86 {{ cdn.get('east-asia', 'as') }}
+# Iraq
+368 {{ cdn.get('west-asia', 'as') }}
+# Iran, Islamic Republic of
+364 {{ cdn.get('west-asia', 'as') }}
+# Iceland
+352 {{ cdn.get('europe', 'eu') }}
+# Italy
+380 {{ cdn.get('europe', 'eu') }}
+# Jamaica
+388 {{ cdn.get('south-america', 'sa') }}
+# Jordan
+400 {{ cdn.get('west-asia', 'as') }}
+# Japan
+392 {{ cdn.get('japan', 'jp') }}
+# Kenya
+404 {{ cdn.get('africa', 'af') }}
+# Kyrgyzstan
+417 {{ cdn.get('west-asia', 'as') }}
+# Cambodia
+116 {{ cdn.get('east-asia', 'as') }}
+# Kiribati
+296 {{ cdn.get('oceania', 'oc') }}
+# Comoros
+174 {{ cdn.get('africa', 'af') }}
+# Saint Kitts and Nevis
+659 {{ cdn.get('south-america', 'sa') }}
+# Korea, Democratic People's Republic of
+408 {{ cdn.get('east-asia', 'as') }}
+# Korea, Republic of
+410 {{ cdn.get('east-asia', 'as') }}
+# Kuwait
+414 {{ cdn.get('west-asia', 'as') }}
+# Cayman Islands
+136 {{ cdn.get('south-america', 'sa') }}
+# Kazakhstan
+398 {{ cdn.get('west-asia', 'as') }}
+# Lao People's Democratic Republic
+418 {{ cdn.get('east-asia', 'as') }}
+# Lebanon
+422 {{ cdn.get('west-asia', 'as') }}
+# Saint Lucia
+662 {{ cdn.get('south-america', 'sa') }}
+# Liechtenstein
+438 {{ cdn.get('europe', 'eu') }}
+# Sri Lanka
+144 {{ cdn.get('east-asia', 'as') }}
+# Liberia
+430 {{ cdn.get('africa', 'af') }}
+# Lesotho
+426 {{ cdn.get('africa', 'af') }}
+# Lithuania
+440 {{ cdn.get('europe', 'eu') }}
+# Luxembourg
+442 {{ cdn.get('europe', 'eu') }}
+# Latvia
+428 {{ cdn.get('europe', 'eu') }}
+# Libyan Arab Jamahiriya
+434 {{ cdn.get('africa', 'af') }}
+# Morocco
+504 {{ cdn.get('africa', 'af') }}
+# Monaco
+492 {{ cdn.get('europe', 'eu') }}
+# Moldova, Republic of
+498 {{ cdn.get('europe', 'eu') }}
+# Madagascar
+450 {{ cdn.get('africa', 'af') }}
+# Marshall Islands
+584 {{ cdn.get('oceania', 'oc') }}
+# Macedonia, the Former Yugoslav Republic of
+807 {{ cdn.get('europe', 'eu') }}
+# Mali
+466 {{ cdn.get('africa', 'af') }}
+# Myanmar
+104 {{ cdn.get('east-asia', 'as') }}
+# Mongolia
+496 {{ cdn.get('east-asia', 'as') }}
+# Macao
+446 {{ cdn.get('east-asia', 'as') }}
+# Northern Mariana Islands
+580 {{ cdn.get('oceania', 'oc') }}
+# Martinique
+474 {{ cdn.get('south-america', 'sa') }}
+# Mauritania
+478 {{ cdn.get('africa', 'af') }}
+# Montserrat
+500 {{ cdn.get('south-america', 'sa') }}
+# Malta
+470 {{ cdn.get('europe', 'eu') }}
+# Mauritius
+480 {{ cdn.get('africa', 'af') }}
+# Maldives
+462 {{ cdn.get('east-asia', 'as') }}
+# Malawi
+454 {{ cdn.get('africa', 'af') }}
+# Mexico
+484 {{ cdn.get('north-america', 'na') }}
+# Malaysia
+458 {{ cdn.get('east-asia', 'as') }}
+# Mozambique
+508 {{ cdn.get('africa', 'af') }}
+# Namibia
+516 {{ cdn.get('africa', 'af') }}
+# New Caledonia
+540 {{ cdn.get('oceania', 'oc') }}
+# Niger
+562 {{ cdn.get('africa', 'af') }}
+# Norfolk Island
+574 {{ cdn.get('oceania', 'oc') }}
+# Nigeria
+566 {{ cdn.get('africa', 'af') }}
+# Nicaragua
+558 {{ cdn.get('south-america', 'sa') }}
+# Netherlands
+528 {{ cdn.get('europe', 'eu') }}
+# Norway
+578 {{ cdn.get('europe', 'eu') }}
+# Nepal
+524 {{ cdn.get('east-asia', 'as') }}
+# Nauru
+520 {{ cdn.get('oceania', 'oc') }}
+# Niue
+570 {{ cdn.get('oceania', 'oc') }}
+# New Zealand
+554 {{ cdn.get('oceania', 'oc') }}
+# Oman
+512 {{ cdn.get('west-asia', 'as') }}
+# Panama
+591 {{ cdn.get('south-america', 'sa') }}
+# Peru
+604 {{ cdn.get('south-america', 'sa') }}
+# French Polynesia
+258 {{ cdn.get('oceania', 'oc') }}
+# Papua New Guinea
+598 {{ cdn.get('oceania', 'oc') }}
+# Philippines
+608 {{ cdn.get('east-asia', 'as') }}
+# Pakistan
+586 {{ cdn.get('west-asia', 'as') }}
+# Poland
+616 {{ cdn.get('europe', 'eu') }}
+# Saint Pierre and Miquelon
+666 {{ cdn.get('south-america', 'sa') }}
+# Pitcairn
+612 {{ cdn.get('oceania', 'oc') }}
+# Puerto Rico
+630 {{ cdn.get('south-america', 'sa') }}
+# Portugal
+620 {{ cdn.get('europe', 'eu') }}
+# Palau
+585 {{ cdn.get('oceania', 'oc') }}
+# Paraguay
+600 {{ cdn.get('south-america', 'sa') }}
+# Qatar
+634 {{ cdn.get('west-asia', 'as') }}
+# Reunion
+638 {{ cdn.get('africa', 'af') }}
+# Romania
+642 {{ cdn.get('europe', 'eu') }}
+# Russian Federation
+643 {{ cdn.get('west-asia', 'as') }}
+# Rwanda
+646 {{ cdn.get('africa', 'af') }}
+# Saudi Arabia
+682 {{ cdn.get('west-asia', 'as') }}
+# Solomon Islands
+90 {{ cdn.get('oceania', 'oc') }}
+# Seychelles
+690 {{ cdn.get('africa', 'af') }}
+# Sudan
+736 {{ cdn.get('africa', 'af') }}
+# Sweden
+752 {{ cdn.get('europe', 'eu') }}
+# Singapore
+702 {{ cdn.get('east-asia', 'as') }}
+# Saint Helena
+654 {{ cdn.get('africa', 'af') }}
+# Slovenia
+705 {{ cdn.get('europe', 'eu') }}
+# Svalbard and Jan Mayen
+744 {{ cdn.get('europe', 'eu') }}
+# Slovakia
+703 {{ cdn.get('europe', 'eu') }}
+# Sierra Leone
+694 {{ cdn.get('africa', 'af') }}
+# San Marino
+674 {{ cdn.get('europe', 'eu') }}
+# Senegal
+686 {{ cdn.get('africa', 'af') }}
+# Somalia
+706 {{ cdn.get('africa', 'af') }}
+# Suriname
+740 {{ cdn.get('south-america', 'sa') }}
+# Sao Tome and Principe
+678 {{ cdn.get('africa', 'af') }}
+# El Salvador
+222 {{ cdn.get('south-america', 'sa') }}
+# Syrian Arab Republic
+760 {{ cdn.get('west-asia', 'as') }}
+# Swaziland
+748 {{ cdn.get('africa', 'af') }}
+# Turks and Caicos Islands
+796 {{ cdn.get('south-america', 'sa') }}
+# Chad
+148 {{ cdn.get('africa', 'af') }}
+# French Southern Territories
+260 {{ cdn.get('africa', 'af') }}
+# Togo
+768 {{ cdn.get('africa', 'af') }}
+# Thailand
+764 {{ cdn.get('east-asia', 'as') }}
+# Tajikistan
+762 {{ cdn.get('west-asia', 'as') }}
+# Tokelau
+772 {{ cdn.get('oceania', 'oc') }}
+# Turkmenistan
+795 {{ cdn.get('west-asia', 'as') }}
+# Tonga
+788 {{ cdn.get('oceania', 'oc') }}
+# East Timor
+776 {{ cdn.get('east-asia', 'as') }}
+# Turkey
+792 {{ cdn.get('west-asia', 'as') }}
+# Trinidad and Tobago
+780 {{ cdn.get('south-america', 'sa') }}
+# Tuvalu
+798 {{ cdn.get('oceania', 'oc') }}
+# Taiwan
+158 {{ cdn.get('east-asia', 'as') }}
+# Tanzania, United Republic of
+834 {{ cdn.get('africa', 'af') }}
+# Ukraine
+804 {{ cdn.get('europe', 'eu') }}
+# Uganda
+800 {{ cdn.get('africa', 'af') }}
+# United States Minor Outlying Islands
+581 {{ cdn.get('oceania', 'oc') }}
+# United States
+840 {{ cdn.get('north-america', 'na') }}
+# Uruguay
+858 {{ cdn.get('south-america', 'sa') }}
+# Uzbekistan
+860 {{ cdn.get('west-asia', 'as') }}
+# Holy See (Vatican City State)
+336 {{ cdn.get('europe', 'eu') }}
+# Saint Vincent and the Grenadines
+670 {{ cdn.get('south-america', 'sa') }}
+# Venezuela
+862 {{ cdn.get('south-america', 'sa') }}
+# Virgin Islands, British
+92 {{ cdn.get('south-america', 'sa') }}
+# Virgin Islands, U.S.
+850 {{ cdn.get('south-america', 'sa') }}
+# Vietnam
+704 {{ cdn.get('east-asia', 'as') }}
+# Vanuatu
+548 {{ cdn.get('oceania', 'oc') }}
+# Wallis and Futuna
+876 {{ cdn.get('oceania', 'oc') }}
+# Samoa
+882 {{ cdn.get('oceania', 'oc') }}
+# Yemen
+887 {{ cdn.get('west-asia', 'as') }}
+# Mayotte
+175 {{ cdn.get('africa', 'af') }}
+# Yugoslavia
+891 {{ cdn.get('europe', 'eu') }}
+# South Africa
+710 {{ cdn.get('africa', 'af') }}
+# Zambia
+894 {{ cdn.get('africa', 'af') }}
+# Zaire
+180 {{ cdn.get('africa', 'af') }}
+# Zimbabwe
+716 {{ cdn.get('africa', 'af') }}

software/powerdns/template/pdns.conf.jinja2

+# -------------------------------------------------------------------------
+
+# Configure ip/port binding
+local-address={{ pdns.get('local-ipv4') }}
+local-ipv6={{ pdns.get('ipv6') }}
+local-port={{ pdns.get('port') }}
+
+
+socket-dir={{ pdns.get('socket-directory') }}
+
+# Monitoring
+webserver=yes
+webserver-address={{ pdns.get('local-ipv4') }}
+webserver-port={{ pdns.get('webserver-port') }}
+
+# These totally disable query+packet caching for all zones.  This is necessary
+# because otherwise when the exact same question is asked twice in a short
+# period of time (by default, 10 seconds), the same response will be given
+# without any backends getting involved.
+#
+# This is bad for geobackend because obviously every question can potentially
+# require a new answer based only on the IP of the user's nameserver.  Now, it
+# should be noted that if you have other zones in PowerDNS then they will have
+# their query cache disabled as well.  That's not ideal, so you probably want
+# to run a separate instance of PowerDNS just for geobackend.  Maybe one day
+# there will be config options to set per-zone query caching time or something.
+query-cache-ttl=0
+cache-ttl=0
+
+# Log a lot of stuff.  Logging is slow.  We will disable this when we are happy
+# things are working. :)
+log-dns-details=yes
+log-dns-queries=yes
+log-failed-updates=yes
+loglevel=4
+
+# This disables wildcards which is more efficient.  geobackend doesn't use
+# them, so if none of your backends need them, set this, otherwise comment it
+# out.
+# wildcards=no
+
+# The geobackend
+launch=geo
+
+# The zone that your geo-balanced RR is inside of.  The whole zone has to be
+# delegated to the PowerDNS backend, so you will generally want to make up some
+# subzone of your main zone.  We chose "geo.blitzed.org".
+#
+geo-zone={{ slapparameter_dict.get('zone', 'example.com') }}
+
+# The only parts of the SOA for "geo.blitzed.org" that apply here are the
+# master server name and the contact address.
+geo-soa-values={{ slapparameter_dict.get('soa', 'ns0.example.com,admin@example.com') }}
+
+# List of NS records of the PowerDNS servers that are authoritative for your
+# GLB zone.
+geo-ns-records={{ slapparameter_dict.get('ns-record', 'ns0.example.com,ns1.example.com') }}
+
+# The TTL of the CNAME records that geobackend will return.  Since the same
+# resolver will always get the same CNAME (apart from if the director-map
+# changes) it is safe to return a reasonable TTL, so if you leave this
+# commented then a sane default will be chosen.
+#geo-ttl=3600
+
+# The TTL of the NS records that will be returned.  Leave this commented if you
+# don't understand.
+#geo-ns-ttl=86400
+
+# This is the real guts of the data that drives this backend.  This is a DNS
+# zone file for RBLDNSD, a nameserver specialised for running large DNS zones
+# typical of DNSBLs and such.  We choose it for our data because it is easier
+# to parse than the BIND-format one.
+#
+# Anyway, it comes from http://countries.nerd.dk/more.html - there are details
+# there for how to rsync your own copy.  You'll want to do that regularly,
+# every couple of days maybe.  We believe the nerd.dk guys take the netblock
+# info from Regional Internet Registries (RIRs) like RIPE, ARIN, APNIC.  From
+# that they build a big zonefile of IP/prefixlen -> ISO-country-code mappings.
+geo-ip-map-zonefile={{  geo.get('ip-map-zonefile') }}
+
+# And finally this last directive tells the geobackend where to find the map
+# files that say a) which RR to answer for, and b) what actual resource record
+# to return for each ISO country code.  The setting here is a comma-separated
+# list of paths, each of which may either be a single map file or a directory
+# that will contain map files.  If you are only ever going to serve one RR then
+# a single file is probably better, but if you're going to serve many then a
+# directory would probably be better.  The rest of this documentation will
+# assume you chose a directory.
+geo-maps={{  geo.get('geo-maps') }}
+
+# -------------------------------------------------------------------------
\ No newline at end of file