###--------------------------------------------------------------------------
### Programs and options.
+## Zone checking.
CHECKZONE = named-checkzone -i full \
-k fail -M fail -n fail -S fail -W fail
+## Zone installation.
+MASTER = localhost
+inside_MASTER = precision
+
+ifeq ($(MASTER),localhost)
+ZONEINST = userv zoneconf install
+else
+ZONEINST = ssh zoneconf@$(MASTER)
+endif
+
###--------------------------------------------------------------------------
### Utility functions.
ZONESETS += distorted
distorted_VIEWS = inside outside
-distorted_outside_NETS = dmz
-distorted_inside_NETS = unsafe
+distorted_outside_NETS = dmz jump
+distorted_inside_NETS = any unsafe colo vpn upn
+
+distorted_all_ZONES += distorted.org.uk
+
+distorted_all_ZONES += 195.113.2.81.in-addr.arpa
+distorted_all_ZONES += 128-143.238.187.81.in-addr.arpa
+distorted_all_ZONES += 64-79.198.13.212.in-addr.arpa
-distorted_all_ZONES = distorted.org.uk io.distorted.org.uk
-distorted_inside_ZONES = 199.29.172.in-addr.arpa
+distorted_all_ZONES += 199.29.172.in-addr.arpa
+
+distorted_all_ZONES += 9.d.1.0.0.0.0.0.8.a.b.0.1.0.0.2.ip6.arpa
+distorted_all_ZONES += 2.9.c.0.0.b.8.0.1.0.0.2.ip6.arpa
+distorted_all_ZONES += 9.d.1.0.8.a.b.0.1.0.0.2.ip6.arpa
+
+distorted_outside_NSDIFF = -sradius.dmz.distorted.org.uk
###--------------------------------------------------------------------------
-### The harlequin.org.uk zones.
+### Other zones.
-ZONESETS += harlequin
+## binswood.org.uk
+ZONESETS += binswood
+binswood_VIEWS = outside
+binswood_all_ZONES += binswood.org.uk
+binswood_all_ZONES += 27.165.10.in-addr.arpa
-harlequin_VIEWS = inside outside
-harlequin_outside_NETS = dmz
-harlequin_inside_NETS = unsafe
+## escorted.org.uk
+ZONESETS += escorted
+escorted_VIEWS = outside
+escorted_all_ZONES += escorted.org.uk
-harlequin_all_ZONES = harlequin.org.uk
+## odin.gg
+ZONESETS += odin
+odin_VIEWS = outside
+odin_all_ZONES = odin.gg
###--------------------------------------------------------------------------
### Zone construction machinery.
$(ALL_ZONESTAMPS) : %.zonestamp : $$(notdir $$*).lisp hosts.lisp
$(V_AT)mkdir -p $(dir $*)
$(V_ZONE) -d$(dir $*) -fview/$(call dir-nosl,$*)$(hack \
- hack) $(addprefix -s, $($(notdir $*)_$(call dir-nosl,$*)_NETS)) $<
+ hack) $(addprefix -s, \
+ $($(notdir $*)_$(call dir-nosl,$*)_NETS)) $<
$(V_AT)touch $@
all: $(ALL_ZONESTAMPS)
CLEANFILES += $(sort $(foreach s,$(ZONESETS), \
$(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \
$(eval $v/$z.zone: $v/$s.zonestamp))))
+## Prepare a mapping from zone names back to their owning zonesets.
+$(foreach s,$(ZONESETS), \
+ $(foreach z,$(sort $(foreach v,$($s_VIEWS), \
+ $($s_all_ZONES) $($s_$v_ZONES))), \
+ $(eval $z_ZONESET = $s)))
+
## Now we have to check the individual zone files.
ALL_ZONECHECKS = $(foreach s,$(ZONESETS), \
$(foreach v,$($s_VIEWS), \
check: $(ALL_ZONECHECKS)
.PHONY: check $(ALL_ZONECHECKS)
+## If nsdiff(1) is available then we can show what changes we will make if
+## we install the new zone files.
+ALL_ZONEDIFFS = $(foreach s,$(ZONESETS), \
+ $(foreach v,$($s_VIEWS), \
+ $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \
+ $v/$z.zonediff)))
+run-nsdiff = nsdiff -v "" $2 \
+ $($($(call notdir,$1)_ZONESET)_$(call dir-nosl,$1)_NSDIFF) \
+ $(call notdir,$1) $1.zone
+$(ALL_ZONEDIFFS) : %.zonediff : %.zone
+ $(call v_tag,NSDIFF)$(call run-nsdiff,$*,-q); \
+ rc=$$?; case $$rc in 1) $(call run-nsdiff,$*); rc=$$? ;; esac; \
+ case $$rc in 0 | 1) : ;; *) exit $$rc ;; esac
+diff: $(ALL_ZONEDIFFS)
+
+## Finally we have to install the zone files.
+ALL_INSTALLS = $(foreach s,$(ZONESETS), \
+ $(foreach v,$($s_VIEWS), \
+ $(foreach z,$($s_all_ZONES) $($s_$v_ZONES), \
+ $v/$z.inst)))
+$(ALL_INSTALLS) : %.inst : %.check
+ $(call v_tag,INST)$(ZONEINST) \
+ $(call dir-nosl,$*) $(notdir $*) <$*.zone
+install: $(ALL_INSTALLS)
+.PHONY: install $(ALL_INSTALLS)
+
## Files to clean.
clean:
rm -f $(CLEANFILES)
~mdw / zones / blobdiff