#! /usr/bin/python2 -E # Authors: Martin Nagy # Based on ipa-server-install by Karl MacMillan # # Copyright (C) 2007 - 2009 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # from __future__ import print_function from optparse import OptionGroup, SUPPRESS_HELP from ipaserver.install import bindinstance, httpinstance from ipaserver.install.installutils import * from ipaserver.install import installutils from ipapython import version from ipalib import api from ipaplatform.paths import paths from ipapython.config import IPAOptionParser from ipapython.ipa_log_manager import standard_logging_setup, root_logger from ipaserver.install import dns as dns_installer log_file_name = paths.IPASERVER_INSTALL_LOG def parse_options(): parser = IPAOptionParser(version=version.VERSION) parser.add_option("-p", "--ds-password", dest="dm_password", sensitive=True, help=SUPPRESS_HELP) parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False, help="print debugging information") parser.add_option("--ip-address", dest="ip_addresses", metavar="IP_ADDRESS", default=[], action="append", type="ip", ip_local=True, help="Master Server IP Address. This option can be used multiple times") parser.add_option("--forwarder", dest="forwarders", action="append", type="ip", help="Add a DNS forwarder. This option can be used multiple times") parser.add_option("--no-forwarders", dest="no_forwarders", action="store_true", default=False, help="Do not add any DNS forwarders, use root servers instead") parser.add_option("--auto-forwarders", dest="auto_forwarders", action="store_true", default=False, help="Use DNS forwarders configured in /etc/resolv.conf") parser.add_option("--reverse-zone", dest="reverse_zones", default=[], action="append", metavar="REVERSE_ZONE", help="The reverse DNS zone to use. This option can be used multiple times") parser.add_option("--no-reverse", dest="no_reverse", action="store_true", default=False, help="Do not create new reverse DNS zone") parser.add_option("--no-dnssec-validation", dest="no_dnssec_validation", action="store_true", default=False, help="Disable DNSSEC validation") parser.add_option("--dnssec-master", dest="dnssec_master", action="store_true", default=False, help="Setup server to be DNSSEC key master") parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback, type="string", help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN") parser.add_option("-U", "--unattended", dest="unattended", action="store_true", default=False, help="unattended installation never prompts the user") parser.add_option("--disable-dnssec-master", dest="disable_dnssec_master", action="store_true", default=False, help="Disable the " "DNSSEC master on this server") parser.add_option("--kasp-db", dest="kasp_db_file", type="string", metavar="FILE", action="store", help="Copy OpenDNSSEC " "metadata from the specified file (will not create a new " "kasp.db file)") parser.add_option("--force", dest="force", action="store_true", help="Force install") options, args = parser.parse_args() safe_options = parser.get_safe_opts(options) if options.dnssec_master and options.disable_dnssec_master: parser.error("Invalid combination of parameters: --dnssec-master and " "--disable-dnssec-master") if options.forwarders and options.no_forwarders: parser.error("You cannot specify a --forwarder option together with --no-forwarders") elif options.reverse_zones and options.no_reverse: parser.error("You cannot specify a --reverse-zone option together with --no-reverse") if options.unattended: if not options.forwarders and not options.no_forwarders: parser.error("You must specify at least one --forwarder option or --no-forwarders option") if options.kasp_db_file and not ipautil.file_exists(options.kasp_db_file): parser.error("File %s does not exist" % options.kasp_db_file) if options.dm_password: print ("WARNING: Option -p/--ds-password is deprecated " "and should not be used anymore.") return safe_options, options def main(): safe_options, options = parse_options() if os.getegid() != 0: sys.exit("Must be root to setup server") standard_logging_setup(log_file_name, debug=options.debug, filemode='a') print("\nThe log file for this installation can be found in %s" % log_file_name) root_logger.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options)) root_logger.debug("missing options might be asked for interactively later\n") root_logger.debug('IPA version %s' % version.VENDOR_VERSION) installutils.check_server_configuration() # Initialize the ipalib api cfg = dict( in_server=True, debug=options.debug, ) api.bootstrap(**cfg) api.finalize() api.Backend.ldap2.connect(autobind=True) options.setup_ca = None # must be None to enable autodetection dns_installer.install_check(True, False, options, hostname=api.env.host) dns_installer.install(True, False, options) # Restart http instance to make sure that python-dns has the right resolver # https://bugzilla.redhat.com/show_bug.cgi?id=800368 fstore = sysrestore.FileStore(paths.SYSRESTORE) http = httpinstance.HTTPInstance(fstore) service.print_msg("Restarting the web server") http.restart() return 0 if __name__ == '__main__': installutils.run_script(main, log_file_name=log_file_name, operation_name='ipa-dns-install')