source: trunk/notes@ 55

Last change on this file since 55 was 39, checked in by Kris Deugau, 15 years ago

/trunk

XHTML strict, pass 2
fixed up a collection of things found to be broken (mostly relating to hardcoded group bits)
added a collection of notes-to-self to notes

File size: 9.9 KB
RevLine 
[2]1web frontend:
2
3workflow:
4
5log in, see domain list from current group
6
7-> "current group" includes all subgroups? (hairy SQL)
8
9
10logic:
11-> need to pass session ID on every call, otherwise we don't know who we are
12-> should check ACLs on every call in case of changing permissions
13-> should be able to store all webvar bits in the session
14
15
16ooo! ooo! what about "clone existing domain"?
17
18
19components:
20menu list (actions/sections)
21domain list
22group tree
23user list
24<various edit <entity> pages>
25
26
27
28time tables:
293600: 1h
307200: 2h
3110800: 3h
3214400: 4h
3321600: 6h
3443200: 12h
3586400: 1d
36172800: 2d
37604800: 7d (1w)
38
39valid records:
40
41nb: wildcards are supported for most types. use with extreme caution! (I don't plan on writing
42tools that will create them.)
43
44.fqdn:ip:x:ttl:timestamp:lo
45 -> x.fqdn is a nameserver at ip, SOA sets x.fqdn as master with hostmaster@fqdn as contact
46 -> if x contains a . that is used as the NS name
47(Not much use for us)
48
49Zfqdn:primary:contact:serial:refresh:retry:expire:minttl:recttl:(timestamp:lo)
50 -> SOA for fqdn
51
52&fqdn:ip:x:ttl:timestamp:lo
53 -> x.fqdn is a nameserver
54 -> if x contains a . that is used as the NS name
55 -> ip may be omitted; A record for fqdn->ip is created otherwise
56
57=fqdn:ip:ttl:timestamp:lo
58 -> A record and matching PTR record with fqdn and ip
59
60+fqdn:ip:ttl:timestamp:lo
61 -> A record
62
63^ptr:fqdn:ttl:timestamp:lo
64 -> PTR record. note ptr must be reverse-IP format ending in .in-addr.arpa
65
66@fqdn:ip:x:dist:ttl:timestamp:lo
67 -> MX. Dist defaults to 0.
68 -> ip may be omitted; A record for fqdn->ip is created otherwise
69
70-fqdn:ip:ttl:timestamp:lo
71 -> ignored
72
73'fqdn:text:ttl:timestamp:lo
74 -> TXT record
75 -> octal-encode special characters in text as \nnn
76
77Cfqdn:name:ttl:timestamp:lo
78 -> CNAME for fqdn pointing to name
79
80:fqdn:n:data:ttl:timestamp:lo
81 -> Generic data, of type n (n is a 16-bit unsigned integer)
82 17 is RP
83 16 is TXT
84 2 (NS), 5 (CNAME), 6 (SOA), 12 (PTR), 15 (MX) and 252 (AXFR) (WTF?) should not be used
85 -> data must use octal escapes for : or nondisplayable characters. axfr-get seems to escape all
86 non-alphanumerics, therefore so will we.
87
88two primary groups of data:
89-> forward zones
90 -> local master zones
91 -> local slave zones
92-> reverse zones
93- note that it would be really nice to eliminate duplicated A records (+domain.com:ip:: plus =domain.com:ip::)
94
95operations:
96-> import zone data (BIND*, djbdns, vegadns-mysql)
97 -> allow overwrite of existing SOA
98-> export data (BIND*, djbdns)
99-> add zone/domain
100 -> as slave
101 -> as master
102-> delete zone/domain
103-> add record to domain
104-> remove record from domain
105-> change record
106 -> A record IP
107 -> CNAME destination
108 -> MX destination
109 -> MX priority
110 -> A <-> CNAME ?
111 -> flag record as "primary" A record for an IP (means that PTR will set that name as rDNS)
112-> force propagation (execute propagation script)
113-> User ACL fiddling:
114 -> take IPDB model, include groups/delegation/etc
115 "admin" -> nominally full access to anything/everything
116 "staff" -> general access to all domains, can create users and delegate domains to them
117 "bulk hoster" -> customer with more than one domain, (can create users and delegate domains to them)?
118 "user" -> customer with one domain
119
120
121recommended SOA/TTL/etc times:
122refresh 86400 (24h), retry 7200 (2h), expire 2592000 (30d), ttl 345600 (4d)
123
124Qs re: new servers:
125-> IPs for cache/authoritative?
126
127
128flow of data:
129user input -> database -> local "zone" data -> rsync/scp to slaves
130
131don't use "domain ID" goop; its only advantage is slightly lower disk use. otherwise it's more
132complicated, less traceable thru the DB manually
133
134
135db structure (current)
136
137domains:
138| domain_id | int(11) | | MUL | NULL | auto_increment |
139| domain | varchar(100) | | | | |
140| group_id | int(11) | YES | | NULL | |
141| description | varchar(255) | | | | |
142| status | enum('active','inactive') | | | inactive | |
143
144records:
145| domain_id | int(11) | | MUL | 0 | |
146| record_id | int(11) | | PRI | NULL | auto_increment |
147| host | varchar(100) | | | | |
148| type | char(1) | YES | | NULL | |
149| val | varchar(100) | YES | | NULL | |
150| distance | int(4) | YES | | 0 | |
151| weight | int(4) | YES | | NULL | | - for SRV only
152| port | int(4) | YES | | NULL | | - for SRV only
153| ttl | int(11) | | | 86400 | |
154| description | varchar(255) | | | | |
155
156default_records is a duplicate of records structurally
157
158log: (not sure how useful this really is, in this form...)
159| domain_id | int(11) | | | 0 | |
160| user_id | int(11) | | | 0 | |
161| group_id | int(11) | | | 0 | |
162| email | varchar(60) | | | | |
163| name | varchar(60) | | | | |
164| entry | varchar(200) | | | | |
165| time | int(11) | | | 0 | |
166
167db structure (proposed)
168
169domains:
170domain char(128) pk, indexed
171group char(32) fk, indexed?
172status enum?
173masterns char(64)
174email char(128)
175serial long int (needs 2^32 at least)
176refresh long int needs semi-sane default
177retry long int needs semi-sane default
178expire long int needs semi-sane default
179minttl long int needs semi-sane default
180ctime timestamp
181mtime timestamp
182
183records:
184recid serial
185domain char(128) fk, indexed?
186host char(128) pk, indexed
187type enum?
188val char(256) to allow for 255-char TXT records
189extra char(10) 10 should be enough to express any needs for MX, SRV, or anything else...right?
190ttl long int
191ctime timestamp
192mtime timestamp
193
194default records to be either database-coded as default values or coded in er, code.
195-> hrm.
196 database-level defaults are "recommended practice" according to the cricket book
197 code-level defaults may be hardcoded (easy) or loaded from a config file (harder, but cleaner)
198 all must be overrideable by a database-table-stored "local policy defaults" widget
199
200add domain:
201 -> need domain name
202 -> IP/"company default" radio button pair, with some Javascript to change defaults for:
203 -> radio buttons with sane defaults for standard hosts (www/mail/ftp/smtp)
204 -> www CNAME @
205 -> FTP CNAME @
206 -> mail CNAME mail.company.com
207 -> smtp CNAME smtp.company.com
208 -> MX defaults to <mxlist>
209
210+----------------------------------------------------------------+
211| Domain: _________________________________ |
212| o Company hosting o Slave zone o Custom settings |
213+----------------------------------------------------------------+
214
215add_domain($domain,$class)
216update_domain($domain,$group,$status,[$contact,$primary,$serial,$ttl,$refresh,$retry,$expire,$minttl])
217delete_domain($domain)
218lock_domain($domain) -hm.. lock/unlock may be admin-level "don't touch!" flags vs "active/inactive" flags
219unlock_domain($domain)
220add_record($domain,$host,$type,$value,$extra,$ttl)
221update_record($id,$host,$type,$val,$extra,$ttl)
222delete_record($id)
223export_data($domain,$format) ->takes special <ALL> arg for all zones. $format -> BIND or djb (implement DJB first)
224update_nameservers()
225
[39]226
227FFFF:FFFF:FFFF:FFFF : FFFF:FFFF:FFFF:FFFF
228we get:
229 <x>:<x>:FFFF:FFFF
230we assign:
231 <x>:<x>:<y>:<a> (/64, nominally equivalent to current /32, logically)
232 <x>:<x>:<y>:<b>FF (/56, bitwise equivalent to current /24 relative to /32)
233 <x>:<x>:<y>:FFFF (/48, bitwise equivalent to current /16 relative to /24)
234
235Allocations SHOULD leave space for growth
236
237
238SELECT u.user_id, u.email, u.firstname, u.lastname, u.type, g.group_name
239 "FROM users u ".
240 "INNER JOIN groups g ON u.group_id=g.group_id ".
241 ($offset eq 'all' ? '' : " LIMIT $perpage OFFSET ".$offset*$perpage)
242
243
244SELECT g.group_id, g.group_name, g2.group_name, g.children, count(distinct(u.email)), count(distinct(d.domain))
245FROM groups g
246INNER JOIN groups g2 ON g2.group_id=g.parent_group_id
247LEFT OUTER JOIN users u ON u.group_id=g.group_id
248LEFT OUTER JOIN domains d ON d.group_id=g.group_id
249GROUP BY g.group_id, g.group_name, g2.group_name, g.children
250
251
252
253 record_id | group_id | host | type | val | distance | weight | port | ttl | description
254-----------+----------+----------------------------------------+------+-------------------------+----------+--------+------+-------+-------------
255 1 | 1 | ns1.example.com:hostmaster.DOMAIN | 6 | 10800:3600:604800:10800 | 0 | 0 | 0 | 86400 |
256 25 | 1 | DOMAIN | 1 | 10.2.3.4 | 0 | 0 | 0 | 7200 |
257 2 | 1 | DOMAIN | 15 | mx1.example.com | 10 | 0 | 0 | 7200 |
258 26 | 1 | DOMAIN | 15 | mx2.example.com | 10 | 0 | 0 | 7200 |
259 27 | 1 | DOMAIN | 2 | ns2.example.com | 0 | 0 | 0 | 7200 |
260 22 | 1 | DOMAIN | 2 | ns1.example.com | 0 | 0 | 0 | 7200 |
261 31 | 1 | www.DOMAIN | 5 | DOMAIN | 0 | 0 | 0 | 10800 |
262 32 | 1 | DOMAIN | 16 | "v=spf1 a mx -all" | 0 | 0 | 0 | 10800 |
263 17 | 1 | DOMAIN | 33 | srv.example.com | 15 | 2 | 325 | 7200 |
264
265
266serial in domains table
267'manual' - date+inc
268'manual' - monotone
269'auto' - generated (TinyDNS only; uses auto(date) for other exports)
270
271
272log_id? domain_id? group_id user_id action detail timestamp
Note: See TracBrowser for help on using the repository browser.