Merge and move branch 'master' of github.com:desec/desec-db

db/00-init.sql

@@ -0,0 +1,11 @@
+CREATE DATABASE desec;
+CREATE USER desec IDENTIFIED BY 'test123';
+GRANT SELECT, INSERT, UPDATE, DELETE, REFERENCES, INDEX, CREATE, ALTER, DROP ON desec.* TO desec;
+
+CREATE DATABASE pdns;
+CREATE USER pdns IDENTIFIED BY '123test';
+GRANT SELECT, INSERT, UPDATE, DELETE ON pdns.* TO pdns;
+
+CREATE USER poweradmin IDENTIFIED BY '123passphrase';
+GRANT SELECT, INSERT, UPDATE, DELETE ON pdns.* TO poweradmin;
+

db/10-pdns.sql

@@ -0,0 +1,93 @@
+USE pdns;
+
+CREATE TABLE domains (
+  id                    INT AUTO_INCREMENT,
+  name                  VARCHAR(255) NOT NULL,
+  master                VARCHAR(128) DEFAULT NULL,
+  last_check            INT DEFAULT NULL,
+  type                  VARCHAR(6) NOT NULL,
+  notified_serial       INT DEFAULT NULL,
+  account               VARCHAR(40) DEFAULT NULL,
+  PRIMARY KEY (id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE UNIQUE INDEX name_index ON domains(name);
+
+
+CREATE TABLE records (
+  id                    INT AUTO_INCREMENT,
+  domain_id             INT DEFAULT NULL,
+  name                  VARCHAR(255) DEFAULT NULL,
+  type                  VARCHAR(10) DEFAULT NULL,
+  content               VARCHAR(64000) DEFAULT NULL,
+  ttl                   INT DEFAULT NULL,
+  prio                  INT DEFAULT NULL,
+  change_date           INT DEFAULT NULL,
+  disabled              TINYINT(1) DEFAULT 0,
+  ordername             VARCHAR(255) BINARY DEFAULT NULL,
+  auth                  TINYINT(1) DEFAULT 1,
+  PRIMARY KEY (id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE INDEX nametype_index ON records(name,type);
+CREATE INDEX domain_id ON records(domain_id);
+CREATE INDEX recordorder ON records (domain_id, ordername);
+
+
+CREATE TABLE supermasters (
+  ip                    VARCHAR(64) NOT NULL,
+  nameserver            VARCHAR(255) NOT NULL,
+  account               VARCHAR(40) NOT NULL,
+  PRIMARY KEY (ip, nameserver)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+
+CREATE TABLE comments (
+  id                    INT AUTO_INCREMENT,
+  domain_id             INT NOT NULL,
+  name                  VARCHAR(255) NOT NULL,
+  type                  VARCHAR(10) NOT NULL,
+  modified_at           INT NOT NULL,
+  account               VARCHAR(40) NOT NULL,
+  comment               VARCHAR(64000) NOT NULL,
+  PRIMARY KEY (id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE INDEX comments_domain_id_idx ON comments (domain_id);
+CREATE INDEX comments_name_type_idx ON comments (name, type);
+CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
+
+
+CREATE TABLE domainmetadata (
+  id                    INT AUTO_INCREMENT,
+  domain_id             INT NOT NULL,
+  kind                  VARCHAR(32),
+  content               TEXT,
+  PRIMARY KEY (id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
+
+
+CREATE TABLE cryptokeys (
+  id                    INT AUTO_INCREMENT,
+  domain_id             INT NOT NULL,
+  flags                 INT NOT NULL,
+  active                BOOL,
+  content               TEXT,
+  PRIMARY KEY(id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE INDEX domainidindex ON cryptokeys(domain_id);
+
+
+CREATE TABLE tsigkeys (
+  id                    INT AUTO_INCREMENT,
+  name                  VARCHAR(255),
+  algorithm             VARCHAR(50),
+  secret                VARCHAR(255),
+  PRIMARY KEY (id)
+) Engine=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
+

db/11-pdns-REFERENCES.sql

@@ -0,0 +1,5 @@
+USE pdns;
+
+-- As recommended by https://doc.powerdns.com/md/authoritative/backend-generic-mysql/
+ALTER TABLE `records` ADD CONSTRAINT `records_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE;
+ALTER TABLE `domainmetadata` ADD CONSTRAINT `domainmetadata_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE;

db/99-1-poweradmin-mysql-db-structure.sql

@@ -0,0 +1,120 @@
+USE pdns;
+-- PowerAdmin
+-- MySQL Database Structure
+--
+
+CREATE TABLE users (
+  id          INTEGER      NOT NULL AUTO_INCREMENT,
+  username    VARCHAR(64)  NOT NULL,
+  `password`  VARCHAR(128) NOT NULL,
+  fullname    VARCHAR(255) NOT NULL,
+  email       VARCHAR(255) NOT NULL,
+  description TEXT         NOT NULL,
+  perm_templ  TINYINT      NOT NULL,
+  active      TINYINT      NOT NULL,
+  use_ldap    TINYINT      NOT NULL,
+  PRIMARY KEY (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+START TRANSACTION;
+    INSERT INTO users ( id, username, `password`, fullname, email
+                      , description, perm_templ, active, use_ldap )
+    VALUES ( 1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator'
+           , 'admin@example.net', 'Administrator with full rights.', 1, 1, 0 );
+COMMIT;
+
+CREATE TABLE perm_items (
+  id INTEGER       NOT NULL AUTO_INCREMENT,
+  name VARCHAR(64) NOT NULL,
+  descr TEXT       NOT NULL,
+  PRIMARY KEY (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+START TRANSACTION;
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 41, 'zone_master_add', 'User is allowed to add new master zones.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 42, 'zone_slave_add', 'User is allowed to add new slave zones.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 43, 'zone_content_view_own', 'User is allowed to see the content and meta data of zones he owns.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 44, 'zone_content_edit_own', 'User is allowed to edit the content of zones he owns.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 45, 'zone_meta_edit_own', 'User is allowed to edit the meta data of zones he owns.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 46, 'zone_content_view_others', 'User is allowed to see the content and meta data of zones he does not own.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 47, 'zone_content_edit_others', 'User is allowed to edit the content of zones he does not own.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 48, 'zone_meta_edit_others', 'User is allowed to edit the meta data of zones he does not own.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 49, 'search', 'User is allowed to perform searches.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 50, 'supermaster_view', 'User is allowed to view supermasters.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 51, 'supermaster_add', 'User is allowed to add new supermasters.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 52, 'supermaster_edit', 'User is allowed to edit supermasters.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 53, 'user_is_ueberuser', 'User has full access. God-like. Redeemer.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 54, 'user_view_others', 'User is allowed to see other users and their details.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 55, 'user_add_new', 'User is allowed to add new users.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 56, 'user_edit_own', 'User is allowed to edit their own details.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 57, 'user_edit_others', 'User is allowed to edit other users.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 58, 'user_passwd_edit_others', 'User is allowed to edit the password of other users.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 59, 'user_edit_templ_perm', 'User is allowed to change the permission template that is assigned to a user.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 60, 'templ_perm_add', 'User is allowed to add new permission templates.' );
+    INSERT INTO perm_items ( id, name, descr ) VALUES ( 61, 'templ_perm_edit', 'User is allowed to edit existing permission templates.' );
+COMMIT;
+
+CREATE TABLE perm_templ (
+  id    INTEGER      NOT NULL AUTO_INCREMENT,
+  name  VARCHAR(128) NOT NULL,
+  descr TEXT         NOT NULL,
+  PRIMARY KEY  (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+START TRANSACTION;
+    INSERT INTO perm_templ ( id, name, descr )
+        VALUES ( 1, 'Administrator'
+               , 'Administrator template with full rights.' );
+COMMIT;
+
+CREATE TABLE perm_templ_items (
+  id INTEGER       NOT NULL AUTO_INCREMENT,
+  templ_id INTEGER NOT NULL,
+  perm_id INTEGER  NOT NULL,
+  PRIMARY KEY (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+START TRANSACTION;
+    INSERT INTO perm_templ_items ( id, templ_id, perm_id )
+    VALUES ( 1, 1, 53 );
+COMMIT;
+
+CREATE TABLE zones (
+  id            INTEGER NOT NULL AUTO_INCREMENT,
+  domain_id     INTEGER NOT NULL,
+  owner         INTEGER NOT NULL,
+  `comment`     TEXT,
+  zone_templ_id INTEGER NOT NULL,
+  PRIMARY KEY (id),
+  KEY owner (owner)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE TABLE zone_templ (
+  id    INTEGER      NOT NULL AUTO_INCREMENT,
+  name  VARCHAR(128) NOT NULL,
+  descr TEXT         NOT NULL,
+  owner INTEGER      NOT NULL,
+  PRIMARY KEY (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE TABLE zone_templ_records (
+  id            INTEGER      NOT NULL AUTO_INCREMENT,
+  zone_templ_id INTEGER      NOT NULL,
+  name          VARCHAR(255) NOT NULL,
+  `type`        VARCHAR(6)   NOT NULL,
+  content       VARCHAR(255) NOT NULL,
+  ttl           INTEGER      NOT NULL,
+  prio          INTEGER      NOT NULL,
+  PRIMARY KEY (id)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE TABLE records_zone_templ (
+    domain_id INTEGER NOT NULL,
+    record_id INTEGER NOT NULL,
+    zone_templ_id INTEGER NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE TABLE migrations (
+    version VARCHAR(255) NOT NULL,
+    apply_time INTEGER NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;

db/99-2-poweradmin-mysql-update-to-2.1.5.sql.disabled

@@ -0,0 +1,6 @@
+USE pdns;
+
+ALTER TABLE zones ADD zone_templ_id INT( 11 ) NOT NULL;
+ALTER TABLE zones ENGINE = InnoDB;
+ALTER TABLE zone_templ ENGINE = InnoDB;
+ALTER TABLE zone_templ_records ENGINE = InnoDB;

db/99-3-poweradmin-mysql-update-to-2.1.6.sql

@@ -0,0 +1,4 @@
+USE pdns;
+
+ALTER TABLE users MODIFY username VARCHAR(64) NOT NULL DEFAULT '0';
+ALTER TABLE users MODIFY password VARCHAR(128) NOT NULL DEFAULT '0';

db/99-4-poweradmin-mysql-update-to-2.1.7.sql.disabled

@@ -0,0 +1,28 @@
+USE pdns;
+
+ALTER TABLE users ADD use_ldap BOOLEAN NOT NULL;
+
+ALTER TABLE users ENGINE=InnoDB;
+ALTER TABLE perm_items ENGINE=InnoDB;
+ALTER TABLE perm_templ ENGINE=InnoDB;
+ALTER TABLE perm_templ_items ENGINE=InnoDB;
+ALTER TABLE zones ENGINE=InnoDB;
+ALTER TABLE zone_templ ENGINE=InnoDB;
+ALTER TABLE zone_templ_records ENGINE=InnoDB;
+ALTER TABLE domainmetadata ENGINE=InnoDB;
+ALTER TABLE cryptokeys ENGINE=InnoDB;
+ALTER TABLE tsigkeys ENGINE=InnoDB;
+ALTER TABLE domains ENGINE=InnoDB;
+ALTER TABLE records ENGINE=InnoDB;
+ALTER TABLE supermasters ENGINE=InnoDB;
+
+CREATE TABLE records_zone_templ (
+    domain_id INTEGER NOT NULL,
+    record_id INTEGER NOT NULL,
+    zone_templ_id INTEGER NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+CREATE TABLE migrations (
+    version VARCHAR(255) NOT NULL,
+    apply_time INTEGER NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;

db/Dockerfile

@@ -0,0 +1,4 @@
+FROM mariadb
+
+COPY *.sql /docker-entrypoint-initdb.d/
+

desec-db

@@ -1 +0,0 @@
-../desec-db

docker-compose.yml

@@ -14,7 +14,7 @@ static:
   build: desec-static
 
 db:
-  build: desec-db
+  build: db
   environment:
    - MYSQL_ROOT_PASSWORD=test123