From be2bfd867c22017d1d5838ad297f1bdfa021b2c0 Mon Sep 17 00:00:00 2001
From: Michael Schmitz <37506516+eifelmicha@users.noreply.github.com>
Date: Sun, 4 Sep 2022 01:16:35 +0200
Subject: [PATCH] Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS
 (#9245)

---
 docs/dns-stack.md                                          | 7 +++++++
 inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml    | 7 +++++++
 .../ansible/templates/coredns-config.yml.j2                | 5 +++++
 .../ansible/templates/nodelocaldns-config.yml.j2           | 5 +++++
 4 files changed, 24 insertions(+)

diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index 04662594e..44df1785f 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -62,6 +62,13 @@ coredns_external_zones:
   nameservers:
   - 192.168.0.53
   cache: 0
+- zones:
+  - mydomain.tld
+  nameservers:
+  - 10.233.0.3
+  cache: 5
+  rewrite:
+  - name stop website.tld website.namespace.svc.cluster.local
 ```
 
 or as INI
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
index 5215e1fd9..16cf8330e 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -185,6 +185,13 @@ nodelocaldns_secondary_skew_seconds: 5
 #   nameservers:
 #   - 192.168.0.53
 #   cache: 0
+# - zones:
+#   - mydomain.tld
+#   nameservers:
+#   - 10.233.0.3
+#   cache: 5
+#   rewrite:
+#   - name website.tld website.namespace.svc.cluster.local
 # Enable k8s_external plugin for CoreDNS
 enable_coredns_k8s_external: false
 coredns_k8s_external_zone: k8s_external.local
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index 567824719..cb5aafc2f 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -13,6 +13,11 @@ data:
     {{ block['zones'] | join(' ') }} {
         log
         errors
+{% if block['rewrite'] is defined and block['rewrite']|length > 0 %}
+{% for rewrite_match in block['rewrite'] %}
+        rewrite {{ rewrite_match }}
+{% endfor %}
+{% endif %}
         forward . {{ block['nameservers'] | join(' ') }}
         loadbalance
         cache {{ block['cache'] | default(5) }}
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index 5f9027caa..9ea695c48 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -14,6 +14,11 @@ data:
         errors
         cache {{ block['cache'] | default(30) }}
         reload
+{% if block['rewrite'] is defined and block['rewrite']|length > 0 %}
+{% for rewrite_match in block['rewrite'] %}
+        rewrite {{ rewrite_match }}
+{% endfor %}
+{% endif %}
         loop
         bind {{ nodelocaldns_ip }}
         forward . {{ block['nameservers'] | join(' ') }}