config: dns64 section added

diff --git a/manager/config/kres-manager.yaml b/manager/config/kres-manager.yaml
index 2a7cb2ceed69c9971e8c0861710e7183154bccf2..df37edc9a744c742fcee62e4818e5a5eca5bfdd3 100644 (file)
--- a/manager/config/kres-manager.yaml
+++ b/manager/config/kres-manager.yaml
@@ -1,5 +1,9 @@
 server:
-  instances: 4
+  instances: 1
+
+dns64:
+  prefix: "64:ff9b::/96"
+
 lua:
   script: |
     """

diff --git a/manager/config/kresd-template.j2 b/manager/config/kresd-template.j2
index eba71596f894809b86035731e8bc3dcc1f5c582f..74241a1d1499dc46108667f7508a10c0d9afaf3c 100644 (file)
--- a/manager/config/kresd-template.j2
+++ b/manager/config/kresd-template.j2
@@ -1,4 +1,10 @@
--- script from 'Lua' configuration section
-{% if cfg.lua.script -%}
+modules = {
+{%- if cfg.dns64 %}
+    dns64 = '{{ cfg.dns64.prefix }}' }   -- dns64
+{%- endif %}
+}
+
+-- lua
+{%- if cfg.lua.script %}
 {{ cfg.lua.script }}
-{% endif -%}
\ No newline at end of file
+{%- endif %}
\ No newline at end of file

diff --git a/manager/containers/debian/Containerfile b/manager/containers/debian/Containerfile
index 57c3fad0f332f57c34f62e5d3347f0b1ebd55a50..c8621efb84c6c8c4cdc034dcab90665ee698a4c0 100644 (file)
--- a/manager/containers/debian/Containerfile
+++ b/manager/containers/debian/Containerfile
@@ -58,7 +58,7 @@ RUN apt-get update \
 COPY ./config/knot-resolver-manager.service /etc/systemd/system
 
 # Copy knot-resolver-manager YAML configuration file
-COPY ./config/kres-manager.yaml /etc/knot-resolver/
+COPY ./config/kres-manager.yaml /etc/knot-resolver
 
 # Copy only requirements, to cache them in docker layer
 # no poetry.lock, because here we have a different python version

diff --git a/manager/containers/dev/Containerfile b/manager/containers/dev/Containerfile
index d18c707627a7953690677983f01b8dea637e721a..d29d7e6af6cb09de7bc5f3ebaff63c8caee5a8dc 100644 (file)
--- a/manager/containers/dev/Containerfile
+++ b/manager/containers/dev/Containerfile
@@ -66,6 +66,9 @@ RUN apt-get update \
 # Create knot-resolver-manager systemd service
 COPY ./config/knot-resolver-manager.service /etc/systemd/system
 
+# Copy knot-resolver-manager YAML configuration file
+COPY ./config/kres-manager.yaml /etc/knot-resolver
+
 # Copy only requirements, to cache them in docker layer
 COPY ./poetry.lock ./pyproject.toml ./yarn.lock ./package.json /code/
 

diff --git a/manager/integration/tests/basic_startup/payload.json b/manager/integration/tests/basic_startup/payload.json
index ecb5d5c85f5a3dee463f722e749ca9243b91d471..edc630918e23bc965f61ade31a753c16da4f2b92 100644 (file)
--- a/manager/integration/tests/basic_startup/payload.json
+++ b/manager/integration/tests/basic_startup/payload.json
@@ -2,6 +2,9 @@
   "server": {
     "instances": 1
   },
+  "dns64": {
+    "prefix": "64:ff9b::/96"
+  },
   "lua": {
     "script_list": [
       "-- SPDX-License-Identifier: CC0-1.0",
@@ -13,10 +16,11 @@
       "net.listen('::1', 53, { kind = 'dns', freebind = true })",
       "net.listen('::1', 853, { kind = 'tls', freebind = true })",
       "--net.listen('::1', 443, { kind = 'doh2' })",
-      "-- Load useful modules","modules = {",
-      "'hints > iterate',  -- Load /etc/hosts and allow custom root hints",
-      "'stats',            -- Track internal statistics",
-      "'predict',          -- Prefetch expiring/frequent records",
+      "-- Load useful modules",
+      "modules = {",
+      "    'hints > iterate',  -- Load /etc/hosts and allow custom root hints",
+      "    'stats',            -- Track internal statistics",
+      "    'predict',          -- Prefetch expiring/frequent records",
       "}",
       "-- Cache size",
       "cache.size = 100 * MB"

diff --git a/manager/integration/tests/basic_startup/run b/manager/integration/tests/basic_startup/run
index 126f038ed9b4301697e6b0a60868ca996144689a..93b50d11a5c8a5bab2883cf9decf53b1000b097a 100755 (executable)
--- a/manager/integration/tests/basic_startup/run
+++ b/manager/integration/tests/basic_startup/run
@@ -14,3 +14,7 @@ python3 send_request.py
 
 # assert that any kresd process is running
 systemctl status | grep kresd
+
+# see the rendered Lua configuration
+echo "Lua config in '/etc/knot-resolver/kresd.conf':"
+cat /etc/knot-resolver/kresd.conf

diff --git a/manager/knot_resolver_manager/configuration.py b/manager/knot_resolver_manager/configuration.py
index 9ec0992d4cbf7802a70cc78b625f96764116acc5..4fb4871fd8826c98317155d48dab4d950695453c 100644 (file)
--- a/manager/knot_resolver_manager/configuration.py
+++ b/manager/knot_resolver_manager/configuration.py
@@ -5,9 +5,16 @@ from jinja2 import Environment, Template
 from .datamodel import KresConfig
 
 _LUA_TEMPLATE_STR = """
-{% if lua_config -%}
+modules = {
+{%- if cfg.dns64 %}
+    dns64 = '{{ cfg.dns64.prefix }}' }   -- dns64
+{%- endif %}
+}
+
+-- lua
+{%- if cfg.lua.script %}
 {{ cfg.lua.script }}
-{% endif -%}
+{%- endif %}
 """
 
 _ENV = Environment(enable_async=True)

diff --git a/manager/knot_resolver_manager/datamodel.py b/manager/knot_resolver_manager/datamodel.py
index bae8dcfc088ff0e39e32f3539fe048993672d85e..f71633fcc1f6fdc8547bb1c30a014a9b05a8fd25 100644 (file)
--- a/manager/knot_resolver_manager/datamodel.py
+++ b/manager/knot_resolver_manager/datamodel.py
@@ -3,6 +3,7 @@ from typing import List, Optional
 from knot_resolver_manager.utils.dataclasses_parservalidator import DataclassParserValidatorMixin
 
 from .compat.dataclasses import dataclass
+from .datamodel_types import IPV6_PREFIX_96
 
 
 class DataValidationError(Exception):
@@ -14,8 +15,17 @@ class ServerConfig(DataclassParserValidatorMixin):
     instances: int = 1
 
     def validate(self):
-        if self.instances < 0:
-            raise DataValidationError("Number of workers must be non-negative")
+        if not 0 < self.instances <= 256:
+            raise DataValidationError("number of kresd 'instances' must be in range 1..256")
+
+
+@dataclass
+class Dns64Config(DataclassParserValidatorMixin):
+    prefix: str = "64:ff9b::"
+
+    def validate(self):
+        if not bool(IPV6_PREFIX_96.match(self.prefix)):
+            raise DataValidationError("'dns64.prefix' must be valid IPv6 address and '/96' CIDR")
 
 
 @dataclass
@@ -35,7 +45,11 @@ class LuaConfig(DataclassParserValidatorMixin):
 @dataclass
 class KresConfig(DataclassParserValidatorMixin):
     server: ServerConfig = ServerConfig()
+    dns64: Optional[Dns64Config] = None
     lua: LuaConfig = LuaConfig()
 
     def validate(self):
-        pass
+        self.server.validate()
+        if self.dns64 is not None:
+            self.dns64.validate()
+        self.lua.validate()

diff --git a/manager/knot_resolver_manager/datamodel_types.py b/manager/knot_resolver_manager/datamodel_types.py
new file mode 100644 (file)
index 0000000..6db42d7
--- /dev/null
+++ b/manager/knot_resolver_manager/datamodel_types.py
@@ -0,0 +1,5 @@
+import re
+
+IPV4ADDR = re.compile(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$")
+
+IPV6_PREFIX_96 = re.compile(r"^([0-9A-Fa-f]{1,4}:){2}:($|/96)$")