[Bug] Cluster Dns mode Slave receive only Master when upgrade key letsencrypt.

[ccsipnow]

Describe the bug

When Hestia starts updating letsencrypt it sends to DNS-SLAVE the wrong way.
I could verify that in 'v-delete-remote-dns-record' there is no line:

if [ "$DNS_CLUSTER_SYSTEM" != "hestia-zone" ]; then

It is generating the named.conf file wrongly.

Tell us how to replicate the bug

In

Alter:

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Starting cluster loop
IFS=$'\n'
for cluster in $(cat $HESTIA/conf/dns-cluster.conf); do

for:

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Starting cluster loop
if [ "$DNS_CLUSTER_SYSTEM" != "hestia-zone" ]; then
IFS=$'\n'
for cluster in $(cat $HESTIA/conf/dns-cluster.conf); do

Obs: close the if at the end.

Which components are affected by this bug?

Control Panel Command Line Interface

Hestia Control Panel Version

1.7.6

Operating system

Debian 11

Log capture

# HOSTING - MASTER
2023-05-09 03:10:04 v-delete-web-domain-ssl-force  'fd_diremp' 'directorempresarial.com.br'
2023-05-09 03:10:05 v-restart-service  'bind9' ''
2023-05-09 03:10:05 v-delete-dns-record  'fd_diremp' 'directorempresarial.com.br' '32'
2023-05-09 03:10:06 v-restart-service  'bind9' ''
2023-05-09 03:10:06 v-add-dns-record  'fd_diremp' 'directorempresarial.com.br' '@' 'CAA' '0 issue "letsencrypt.org"'
2023-05-09 03:10:10 v-restart-service  'nginx' ''
2023-05-09 03:10:25 v-restart-service  'bind9' ''
2023-05-09 03:10:25 v-delete-dns-record  'fd_diremp' 'directorempresarial.com.br' '34'


# DNS - SLAVE
named.conf:

zone “ipnow.com.br" in {type slave; masters { 187.121.160.5; }; file "/home/dns-cluster/conf/dns/ipnow.com.br.db";};
zone “nicnet.com.br" in {type slave; masters { 187.121.160.5; }; file "/home/dns-cluster/conf/dns/nicnet.com.br.db";};
zone "directorempresarial.com.br" {type master; file "/home/dns-cluster/conf/dns/directorempresarial.com.br.db”;};

[jaapmarcus]

What kind of setup do you currently use?

[jaapmarcus]

hestiacp/bin/v-add-dns-record

Lines 143 to 151 in 7ddbe1d

	# Updating dns-cluster queue
	if [ "$DNS_CLUSTER" = "yes" ]; then
	# Check for first sync
	dlock=$(grep "domain $user $domain" $HESTIA/data/queue/dns-cluster.pipe)
	if [ -z "$dlock" ]; then
	cmd="$BIN/v-add-remote-dns-record $user $domain $id"
	echo "$cmd" >> $HESTIA/data/queue/dns-cluster.pipe
	fi
	fi

Use the same code..

as v-delete-dns-record

hestiacp/bin/v-delete-remote-dns-record

Lines 45 to 68 in 7ddbe1d

	# Starting cluster loop
	IFS=$'\n'
	for cluster in $(cat $HESTIA/conf/dns-cluster.conf); do
	# Reset user, password and hash vars
	clear_dns_cluster_settings
	# Parsing remote host parameters
	parse_object_kv_list "$cluster"
	# Syncing serial
	str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
	cluster_cmd v-insert-dns-domain "$DNS_USER" "$str" "$HOSTNAME" 'domain' 'no'
	check_result $? "$HOST connection failed (soa sync)" "$E_CONNECT"
	# Sync domain
	cluster_cmd v-delete-dns-record "$DNS_USER" "$domain" "$id" 'no'
	#check_result $? "$HOST connection failed (delete)" $E_CONNECT
	# Rebuilding dns zone
	cluster_cmd v-rebuild-dns-domain "$DNS_USER" "$domain" 'yes' 'no'
	check_result $? "$HOST connection failed (rebuild)" "$E_CONNECT"
	done

vs

hestiacp/bin/v-add-remote-dns-record

Lines 59 to 86 in 7ddbe1d

	if [ "$DNS_CLUSTER_SYSTEM" != "hestia-zone" ]; then
	IFS=$'\n'
	for cluster in $(grep "SUSPENDED='no'" $HESTIA/conf/dns-cluster.conf); do
	# Reset user, password and hash vars
	clear_dns_cluster_settings
	# Parsing remote host parameters
	parse_object_kv_list "$cluster"
	# Syncing serial
	str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
	# Parsing domain parameters
	parse_object_kv_list "$str"
	cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
	check_result $? "$HOST connection failed (soa sync)" "$E_CONNECT"
	# Syncing record
	str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf | sed 's/"/\\"/g')
	cluster_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no'
	check_result $? "$HOST connection failed (record sync)" "$E_CONNECT"
	# Rebuilding dns zone
	cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
	check_result $? "$HOST connection failed (rebuild)" "$E_CONNECT"
	done
	fi

I assume this is the issue?

[ccsipnow]

With the implementation of DNSSEC I migrated my dns-cluster to slave type, adjusting the hestia.conf to:
DNS_CLUSTER_SYSTEM='hestia-zone'
DNS_CLUSTER='yes'
When there is automatic renewal of letsencrypt, dns_cluster receives the wrong instruction and launches the host as type Master.

Debugging, I made the mentioned adjustment and it solved the issue.

[jaapmarcus]

I noticed patched the issue in the pr attached

[jaapmarcus]

With the implementation of DNSSEC I migrated my dns-cluster to slave type, adjusting the hestia.conf to: DNS_CLUSTER_SYSTEM='hestia-zone' DNS_CLUSTER='yes' When there is automatic renewal of letsencrypt, dns_cluster receives the wrong instruction and launches the host as type Master.

Debugging, I made the mentioned adjustment and it solved the issue.

Thanks for the report :)

Will release a new version later today