Use a dedicated zone for health checking

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-11-12 19:42:41 +00:00 · 2019-08-25 17:03:46 +02:00 · 2019-08-25 17:03:46 +02:00 · 0ecb98ce3d
commit 0ecb98ce3d
parent fe93ee74e9
3 changed files with 13 additions and 6 deletions
--- a/6
+++ b/6
@ -9,7 +9,9 @@ RUN set -ex \
      curl \
      git \
      make \
- && go get -v github.com/Luzifer/rootzone \
+ && go get -v \
+      github.com/Luzifer/korvike\
+      github.com/Luzifer/rootzone \
 && rootzone >named.stubs \
 && make blacklist

@ -36,6 +38,6 @@ COPY                docker-entrypoint.sh  /usr/local/bin/
 EXPOSE 53/udp 53

 HEALTHCHECK --interval=30s --timeout=5s \
-  CMD dig +short @localhost health.server.test A || exit 1
+  CMD dig +short @localhost health.pdns.luzifer.io A || exit 1

 ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
--- a/blacklist.tpl
+++ b/blacklist.tpl
@ -1,10 +1,11 @@
 $TTL 1H

-@ SOA LOCALHOST. personal-dns.luzifer.io. (1 1h 15m 30d 2h)
-  NS  LOCALHOST.
+@                         SOA   LOCALHOST. personal-dns.luzifer.io. (1 1h 15m 30d 2h)
+                          NS    LOCALHOST.

 ; Healthcheck record - don't remove
-health.server.test  A 127.0.1.1
+health.pdns.luzifer.io    A     127.0.1.1
+version.pdns.luzifer.io   TXT   "{{ .version }} @ {{ now `2006-01-02 15:04:05 -07:00` }}"

 ; vim: set ft=bindzone:
 ; Blacklist entries
--- a/build_blacklist.sh
+++ b/build_blacklist.sh
@ -23,7 +23,11 @@ done
 cat blacklist.local >>${target}

 # Convert into named response-policy file
-cp blacklist.tpl named.${target}
+korvike \
+	-i blacklist.tpl \
+	-o named.${target} \
+	-v version=$(git describe --tags --always)
+
 awk '/^0.0.0.0/{ printf "%s  CNAME .\n", $2 }' blacklist |
 	grep -v '^0.0.0.0  ' |
 	sort >>named.${target}