Verified Commit b3ec0204 authored by Evangelos Foutras's avatar Evangelos Foutras 🐱
Browse files

geomirror: leverage LUA records for failover+GeoIP

PowerDNS provides a neat way to implement GeoIP-based redirection and
automatic failover. With GeoLite2-City database, it is able to select
the closest mirror from a list of IPs we provide. Every 60 seconds it
also checks if the mirror's HTTPS URL is working as expected; if that
check fails, it stops giving it out (this acts as automatic failover).
parent 9cdcd6e2
--- ---
dependencies: dependencies:
- role: geoipupdate - role: geoipupdate
vars:
geoipupdate_edition_ids: GeoLite2-City
...@@ -10,24 +10,19 @@ domains: ...@@ -10,24 +10,19 @@ domains:
{% for host in groups['geo_mirrors'] %} {% for host in groups['geo_mirrors'] %}
- ns: {{ host }} - ns: {{ host }}
{% endfor %} {% endfor %}
{% for host in groups['geo_mirrors'] %} - lua:
{{ host.split(".")[0] }}.{{ geo_mirror_domain }}: ttl: 300
- a: {{ hostvars[host]['ipv4_address'] }} content: >
- aaaa: {{ hostvars[host]['ipv6_address'] }} A "ifurlup('https://{{ geo_mirror_domain }}/lastupdate',
{% endfor %} {'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv4_address']) | join("', '") }}'},
{selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
- lua:
ttl: 300
content: >
AAAA "ifurlup('https://{{ geo_mirror_domain }}/lastupdate',
{'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv6_address']) | join("', '") }}'},
{selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
{% if not geomirror_acme_challenge %} {% if not geomirror_acme_challenge %}
_acme-challenge.{{ geo_mirror_domain }}: _acme-challenge.{{ geo_mirror_domain }}:
- ns: mirror.pkgbuild.com - ns: mirror.pkgbuild.com
{% endif %} {% endif %}
services:
{{ geo_mirror_domain }}: '%mp.geo.mirror.pkgbuild.com'
mapping_lookup_formats: ['%cn']
custom_mapping:
af: europe
an: europe
as: asia
eu: europe
na: america
oc: asia
sa: america
unknown: europe
...@@ -12,5 +12,7 @@ lua-dnsupdate-policy-script=/etc/powerdns/dnsupdate-policy.lua ...@@ -12,5 +12,7 @@ lua-dnsupdate-policy-script=/etc/powerdns/dnsupdate-policy.lua
{% else %} {% else %}
launch=geoip launch=geoip
{% endif %} {% endif %}
geoip-database-files=/var/lib/GeoIP/GeoLite2-Country.mmdb geoip-database-files=/var/lib/GeoIP/GeoLite2-City.mmdb
geoip-zones-file=/etc/powerdns/geo.yml geoip-zones-file=/etc/powerdns/geo.yml
enable-lua-records
lua-health-checks-interval=60
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment