fix: Enforce DNS Name matches Device Name for Forward Zone generation
All checks were successful
Docker Build & Push / build-and-push (push) Successful in 8s
All checks were successful
Docker Build & Push / build-and-push (push) Successful in 8s
This commit is contained in:
Gemini Bot
25
sync.py
25
sync.py
@@ -171,6 +171,31 @@ def generate_zone_file_fwd(ipam_data, plugin_records):
|
|||||||
short_name = dns_name.replace(f".{ZONE_NAME}", "")
|
short_name = dns_name.replace(f".{ZONE_NAME}", "")
|
||||||
if short_name == "": short_name = "@"
|
if short_name == "": short_name = "@"
|
||||||
|
|
||||||
|
# Check: DNS Name muss zum Device/VM Namen passen (wenn zugewiesen)
|
||||||
|
# Verhindert, dass externe IPs auf anderen Hosts (Split-Brain) hier landen.
|
||||||
|
assigned = ip.get('assigned_object')
|
||||||
|
if assigned:
|
||||||
|
device_name = None
|
||||||
|
if 'device' in assigned and assigned['device']:
|
||||||
|
device_name = assigned['device']['name']
|
||||||
|
elif 'virtual_machine' in assigned and assigned['virtual_machine']:
|
||||||
|
device_name = assigned['virtual_machine']['name']
|
||||||
|
|
||||||
|
if device_name:
|
||||||
|
# Case-Insensitive Vergleich
|
||||||
|
d_norm = device_name.lower()
|
||||||
|
s_norm = short_name.lower()
|
||||||
|
|
||||||
|
# Erlaube Match mit Shortname ODER Full-FQDN als Devicename
|
||||||
|
fqdn_norm = dns_name.lower().rstrip('.')
|
||||||
|
|
||||||
|
if d_norm != s_norm and d_norm != fqdn_norm:
|
||||||
|
# Ausnahme: Wenn der Shortname "device-name-irgendwas" ist?
|
||||||
|
# Nein, User will strikte Trennung.
|
||||||
|
# Wir loggen das als Info, damit man es debuggen kann.
|
||||||
|
# log(f"DEBUG: Skipping {dns_name} on device {device_name} (Mismatch)")
|
||||||
|
continue
|
||||||
|
|
||||||
if ":" in address:
|
if ":" in address:
|
||||||
rtype = "AAAA"
|
rtype = "AAAA"
|
||||||
else:
|
else:
|
||||||
|
|||||||
Reference in New Issue
Block a user