Merge branch 'geomirror-use-lua-records' into 'master'

geomirror: leverage LUA records for failover+GeoIP See merge request archlinux/infrastructure!563

Merge branch 'geomirror-use-lua-records' into 'master'
geomirror: leverage LUA records for failover+GeoIP See merge request archlinux/infrastructure!563
2c57dbe6 · Evangelos Foutras · 9cdcd6e2 · 6878066d · 2c57dbe6 · 2c57dbe6
Commit 2c57dbe6 authored Apr 29, 2022 by Evangelos Foutras 🐱
--- a/roles/geomirror/meta/main.yml
+++ b/roles/geomirror/meta/main.yml
 ---
 dependencies:
  - role: geoipupdate
+    vars:
+      geoipupdate_edition_ids: GeoLite2-City
--- a/roles/geomirror/templates/geo.yml.j2
+++ b/roles/geomirror/templates/geo.yml.j2
@@ -5,29 +5,25 @@ domains:
    ttl: 3600
    records:
      {{ geo_mirror_domain }}:
-        - soa: mirror.pkgbuild.com. root.archlinux.org. 2022011501 3600 1800 604800 3600
-        - ns: mirror.pkgbuild.com
-      {% for host in groups['geo_mirrors'] %}
-        - ns: {{ host }}
-      {% endfor %}
-      {% for host in groups['geo_mirrors'] %}
-      {{ host.split(".")[0] }}.{{ geo_mirror_domain }}:
-        - a: {{ hostvars[host]['ipv4_address'] }}
-        - aaaa: {{ hostvars[host]['ipv6_address'] }}
-      {% endfor %}
+        - soa: mirror.pkgbuild.com. root.archlinux.org. 2022042701 3600 1800 604800 3600
+        {% for host in groups['geo_mirrors'] + ['mirror.pkgbuild.com'] %}
+        - ns:
+            ttl: 86400
+            content: {{ host }}
+        {% endfor %}
+        - lua:
+            ttl: 300
+            content: >
+              A "ifurlup('https://{{ geo_mirror_domain }}/lastupdate',
+              {'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv4_address']) | join("', '") }}'},
+              {selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
+        - lua:
+            ttl: 300
+            content: >
+              AAAA "ifurlup('https://{{ geo_mirror_domain }}/lastupdate',
+              {'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv6_address']) | join("', '") }}'},
+              {selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
      {% if not geomirror_acme_challenge %}
      _acme-challenge.{{ geo_mirror_domain }}:
        - ns: mirror.pkgbuild.com
      {% endif %}
-    services:
-      {{ geo_mirror_domain }}: '%mp.geo.mirror.pkgbuild.com'
-mapping_lookup_formats: ['%cn']
-custom_mapping:
-  af: europe
-  an: europe
-  as: asia
-  eu: europe
-  na: america
-  oc: asia
-  sa: america
-  unknown: europe
--- a/roles/geomirror/templates/pdns.conf.j2
+++ b/roles/geomirror/templates/pdns.conf.j2
@@ -12,5 +12,7 @@ lua-dnsupdate-policy-script=/etc/powerdns/dnsupdate-policy.lua
 {% else %}
 launch=geoip
 {% endif %}
-geoip-database-files=/var/lib/GeoIP/GeoLite2-Country.mmdb
+geoip-database-files=/var/lib/GeoIP/GeoLite2-City.mmdb
 geoip-zones-file=/etc/powerdns/geo.yml
+enable-lua-records
+lua-health-checks-interval=60
--- a/tf-stage1/archlinux.tf
+++ b/tf-stage1/archlinux.tf
@@ -431,13 +431,15 @@ resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns1" {
  name    = "geo.mirror"
  value   = "mirror.pkgbuild.com."
  type    = "NS"
+  ttl     = 86400
 }

-resource "hetznerdns_record" "pkgbuild_com_geo_mirror_n2" {
+resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns2" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "geo.mirror"
  value   = "asia.mirror.pkgbuild.com."
  type    = "NS"
+  ttl     = 86400
 }

 resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns3" {
@@ -445,6 +447,7 @@ resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns3" {
  name    = "geo.mirror"
  value   = "america.mirror.pkgbuild.com."
  type    = "NS"
+  ttl     = 86400
 }

 resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns4" {
@@ -452,6 +455,7 @@ resource "hetznerdns_record" "pkgbuild_com_geo_mirror_ns4" {
  name    = "geo.mirror"
  value   = "europe.mirror.pkgbuild.com."
  type    = "NS"
+  ttl     = 86400
 }

 resource "hetznerdns_record" "archlinux_org_origin_caa" {