Release 2.8.0

.docker/Dockerfile

@@ -35,7 +35,7 @@ ENV VIRTUAL_ENV=/venvs/.venv \
     VERSION=${VERSION:-beta}
 
 
-RUN set -eux; apk add --no-cache krb5-libs curl openssl netcat-openbsd
+RUN set -eux; apk add --no-cache krb5-libs curl openssl netcat-openbsd libsodium-dev
 COPY app /app
 COPY pyproject.toml /
 

.docker/dev.Dockerfile

@@ -33,7 +33,7 @@ ENV VIRTUAL_ENV=/venvs/.venv \
     PATH="/venvs/.venv/bin:$PATH" \
     VERSION=${VERSION:-beta}
 
-RUN set -eux; apk add --no-cache krb5-libs curl openssl netcat-openbsd
+RUN set -eux; apk add --no-cache krb5-libs curl openssl netcat-openbsd libsodium-dev
 
 COPY app /app
 COPY pyproject.toml /

.docker/krb.Dockerfile

@@ -7,12 +7,13 @@ ENV VIRTUAL_ENV=/venvs/.venv \
     PATH="/venvs/.venv/bin:$PATH"
 
 WORKDIR /venvs
+COPY .kerberos/kadmin_local-0.1.1.tar.gz /
 
 RUN python -m venv .venv
 RUN pip install \
     fastapi \
     uvicorn \
-    https://github.com/xianglei/python-kadmv/releases/download/0.1.7/python-kadmV-0.1.7.tar.gz
+    /kadmin_local-0.1.1.tar.gz
 
 
 FROM ghcr.io/multidirectorylab/krb5_base:${VERSION} AS runtime

.docker/pdns_auth.Dockerfile

@@ -0,0 +1,66 @@
+FROM alpine:3.20 AS builder
+
+RUN apk add --no-cache --virtual .build-deps \
+      build-base \
+      lmdb-dev \
+      openssl-dev \
+      boost-dev \
+      autoconf automake libtool \
+      git ragel bison flex \
+      lua5.4-dev \
+      curl-dev
+
+RUN apk add --no-cache \
+      lua \
+      lua-dev \
+      lmdb \
+      boost-libs \
+      openssl-libs-static \
+      curl \
+      libstdc++
+
+RUN git clone https://github.com/PowerDNS/pdns.git /pdns
+WORKDIR /pdns
+
+RUN git submodule init &&\
+    git submodule update &&\
+    git checkout auth-5.0.1
+
+RUN autoreconf -vi
+
+RUN mkdir /build && \
+    ./configure \
+      --sysconfdir=/etc/powerdns \
+      --enable-option-checking=fatal \
+      --with-dynmodules='lmdb' \
+      --with-modules='' \
+      --with-unixodbc-lib=/usr/lib/$(dpkg-architecture -q DEB_BUILD_GNU_TYPE) && \
+    make clean && \
+    make $MAKEFLAGS -C ext &&\
+    make $MAKEFLAGS -C modules &&\
+    make $MAKEFLAGS -C pdns && \
+    make -C pdns install DESTDIR=/build &&\ 
+    make -C modules install DESTDIR=/build &&\ 
+    make clean && \
+    strip /build/usr/local/bin/* /build/usr/local/sbin/* /build/usr/local/lib/pdns/*.so
+
+FROM alpine:3.20 AS runtime
+
+COPY --from=builder /build /
+
+RUN apk add --no-cache \
+    lua \
+    lua-dev \
+    lmdb \
+    boost-libs \
+    openssl-libs-static \
+    curl \
+    libstdc++
+
+RUN mkdir -p /etc/powerdns/pdns.d /var/run/pdns /var/lib/powerdns /etc/powerdns/templates.d /var/lib/pdns-lmdb
+
+COPY ./.package/pdns.conf /etc/powerdns/pdns.conf
+
+EXPOSE 8082/tcp
+
+CMD ["/usr/local/sbin/pdns_server"]

.docker/test.Dockerfile

@@ -27,7 +27,7 @@ RUN --mount=type=cache,target=/root/.cache/uv \
 FROM python:3.13.7-alpine3.21 AS runtime
 
 WORKDIR /app
-RUN set -eux; apk add --no-cache openldap-clients openssl curl krb5-libs
+RUN set -eux; apk add --no-cache openldap-clients openssl curl krb5-libs libsodium-dev
 
 ENV VIRTUAL_ENV=/venvs/.venv \
     PATH="/venvs/.venv/bin:$PATH" \

.github/workflows/build-beta.yml

@@ -156,7 +156,7 @@ jobs:
             --build-arg BUILDKIT_INLINE_CACHE=1 \
             --build-arg VERSION=beta
 
-  build-bind9:
+  build-pdns_auth:
     runs-on: ubuntu-latest
     needs: [build-tests, run-ssh-test, run-tests]
     steps:
@@ -173,14 +173,14 @@ jobs:
 
       - name: Build docker image
         env:
-          TAG: ghcr.io/${{ env.REPO }}_bind9:beta
+          TAG: ghcr.io/${{ env.REPO }}_pdns_auth:beta
           DOCKER_BUILDKIT: '1'
         run: |
           echo $TAG
           docker build \
             --push \
             --target=runtime \
-            -f .docker/bind9.Dockerfile . \
+            -f .docker/pdns_auth.Dockerfile . \
             -t $TAG \
             --cache-to type=gha,mode=max \
             --cache-from $TAG \

.github/workflows/build-dev.yml

@@ -155,7 +155,7 @@ jobs:
             --build-arg BUILDKIT_INLINE_CACHE=1 \
             --build-arg VERSION=dev
 
-  build-bind9:
+  build-pdns_auth:
     runs-on: ubuntu-latest
     needs: [build-tests, run-ssh-test, run-tests]
     steps:
@@ -172,14 +172,14 @@ jobs:
 
       - name: Build docker image
         env:
-          TAG: ghcr.io/${{ env.REPO }}_bind9:dev
+          TAG: ghcr.io/${{ env.REPO }}_pdns_auth:dev
           DOCKER_BUILDKIT: '1'
         run: |
           echo $TAG
           docker build \
             --push \
             --target=runtime \
-            -f .docker/bind9.Dockerfile . \
+            -f .docker/pdns_auth.Dockerfile . \
             -t $TAG \
             --cache-to type=gha,mode=max \
             --cache-from $TAG \

.github/workflows/build-docker-image.yml

@@ -176,7 +176,7 @@ jobs:
             --build-arg BUILDKIT_INLINE_CACHE=1 \
             --build-arg VERSION=latest
 
-  build-bind9:
+  build-pdns_auth:
     runs-on: ubuntu-latest
     needs: [build-tests, run-ssh-test, run-tests]
     steps:
@@ -193,14 +193,14 @@ jobs:
 
       - name: Build docker image
         env:
-          TAG: ghcr.io/${{ env.REPO }}_bind9:latest
+          TAG: ghcr.io/${{ env.REPO }}_pdns_auth:latest
           DOCKER_BUILDKIT: '1'
         run: |
           echo $TAG
           docker build \
             --push \
             --target=runtime \
-            -f .docker/bind9.Dockerfile . \
+            -f .docker/pdns_auth.Dockerfile . \
             -t $TAG \
             --cache-to type=gha,mode=max \
             --cache-from $TAG \

.gitignore

@@ -30,6 +30,7 @@ share/python-wheels/
 .installed.cfg
 *.egg
 MANIFEST
+resolve.conf
 
 # PyInstaller
 #  Usually these files are written by a python script from a template