n0ball/dns-records
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add authoritative DNS zone generation for svc.n0ball.tw
Some checks failed
Deploy DNS Records / deploy (push) Failing after 4s
Details

Browse Source
This commit is contained in:
Wen-Ju Chiang 2026-03-10 21:48:29 +08:00
parent b131e1079e
commit 68ad8415d5
No known key found for this signature in database
GPG Key ID: 63155659B939CE68
3 changed files with 56 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
.gitea/workflows/deploy.yaml
View File

@ -2,7 +2,9 @@ name: Deploy DNS Records
on: on:
push: push:
branches: [main] branches: [main]
paths: [records.yaml] paths:
- records.yaml
- svc-records.yaml
jobs: jobs:
deploy: deploy:
@ -28,7 +30,7 @@ jobs:
sudo install kubectl /usr/local/bin/kubectl sudo install kubectl /usr/local/bin/kubectl
fi fi
- name: Generate and apply CoreDNS configmap - name: Apply internal CoreDNS records
run: | run: |
cd dns-records cd dns-records
chmod +x generate.sh chmod +x generate.sh
@ -37,4 +39,15 @@ jobs:
kubectl apply -f /tmp/coredns-custom.yaml kubectl apply -f /tmp/coredns-custom.yaml
kubectl rollout restart deployment/coredns -n kube-system kubectl rollout restart deployment/coredns -n kube-system
kubectl rollout status deployment/coredns -n kube-system --timeout=60s kubectl rollout status deployment/coredns -n kube-system --timeout=60s
echo "DNS records applied successfully" echo "Internal DNS records applied"
- name: Apply authoritative zone records
run: |
cd dns-records
chmod +x generate-zone.sh
./generate-zone.sh svc-records.yaml > /tmp/coredns-auth-zone.yaml
cat /tmp/coredns-auth-zone.yaml
kubectl apply -f /tmp/coredns-auth-zone.yaml
kubectl rollout restart deployment/coredns-auth -n authoritative-dns
kubectl rollout status deployment/coredns-auth -n authoritative-dns --timeout=60s
echo "Authoritative zone records applied"

33
generate-zone.sh Executable file
View File

@ -0,0 +1,33 @@
#!/bin/sh
# Generates authoritative zone ConfigMap for svc.n0ball.tw from svc-records.yaml
# Usage: ./generate-zone.sh svc-records.yaml > coredns-auth-zone.yaml
set -e
RECORDS_FILE="${1:-svc-records.yaml}"
SERIAL=$(date +%Y%m%d%H)
cat <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns-auth-zone
namespace: authoritative-dns
data:
svc.n0ball.tw.zone: |
\$ORIGIN svc.n0ball.tw.
@ 3600 IN SOA ns1.n0ball.tw. admin.n0ball.tw. (
${SERIAL} ; serial
3600 ; refresh
600 ; retry
86400 ; expire
60 ; minimum
)
@ 3600 IN NS ns1.n0ball.tw.
@ 3600 IN NS ns2.n0ball.tw.
EOF
awk '
/^[a-zA-Z0-9]/ && / IN / {
printf " %s\n", $0
}
' "$RECORDS_FILE"

7
svc-records.yaml Normal file
View File

@ -0,0 +1,7 @@
## External DNS Records for svc.n0ball.tw zone
## Format: name: IP
## These are served authoritatively to the internet.
## Push to main to apply changes automatically.
# Example:
# test 60 IN A 140.115.16.135