[dns-authoritative] Use ldap instead of re2oapi

lookup_plugins/ldap.py

@@ -136,6 +136,18 @@ class LookupModule(LookupBase):
         result = [ip.decode('utf-8') for dn, entry in result[1] for ip in entry['ipHostNumber'] if ipaddress.ip_address(ip.decode('utf-8')) in subnet]
         return result
 
+    def zones_new(self):
+        search_dn = f'ou=dns,{self.base_dn}'
+        query_id = self.base.search(search_dn, ldap.SCOPE_SUBTREE, "sOARecord=*")
+        query_result = self.base.result(query_id)
+        result = []
+        for dn, entry in query_result[1]:
+            result.append('.'.join([dc[3:] for dc in dn[:-len(search_dn)-1].split(',')]))
+        return result
+
+    def zones_reverse(self):
+        return ['76.230.185.in-addr.arpa', '77.230.185.in-addr.arpa', '78.230.185.in-addr.arpa', '79.230.185.in-addr.arpa', '0.0.7.0.c.0.a.2.ip6.arpa']
+
     def run(self, terms, variables=None, **kwargs):
         if terms[0] == 'query':
             result = self.query(*terms[1:])
@@ -192,6 +204,10 @@ class LookupModule(LookupBase):
                 else:
                     res.append(f"{network}.crans.org")
             result = res
+        elif terms[0] == 'zones_new':
+            result = self.zones_new()
+        elif terms[0] == 'zones_reverse':
+            result = self.zones_reverse()
         elif terms[0] == 'vlanid':
             network = terms[1]
             query_id = self.base.search(f"cn={network},ou=networks,{self.base_dn}", ldap.SCOPE_BASE, "objectClass=ipNetwork")

plays/dns-authoritative.yml

@@ -8,8 +8,8 @@
     bind:
       masters: "{{ query('ldap', 'role', 'dns-primary') }}"
       slaves: "{{ query('ldap', 'role', 'dns-secondary') }}"
-      zones: "{{ (lookup('re2oapi', 'dnszones') + query('ldap', 'zones')) | unique }}"
+      zones: "{{ query('ldap', 'zones_new')) }}"
-      reverse: "{{ lookup('re2oapi', 'dnsreverse') }}"
+      reverse: "{{ lookup('ldap', 'zones_reverse') }}"
   roles:
     - bind-authoritative