T6983: treat vyos-domain-resolver as a real service (#4261)

* op-mode: T6983: add "show log" and "monitor log" commands for vyos-domain-resolver

* firewall: T6983: drop unused variable domain_resolver_usage_nat

* T6983: introduce Python logging module in vyos-domain-resolver

* T6983: treat vyos-domain-resolver as a real service

5 files changed, 25 insertions, 6 deletions

diff --git a/op-mode-definitions/monitor-log.xml.in b/op-mode-definitions/monitor-log.xml.in
index c9dc49b3a..b9ef8f48e 100644
--- a/op-mode-definitions/monitor-log.xml.in
+++ b/op-mode-definitions/monitor-log.xml.in
@@ -377,6 +377,12 @@
             </properties>
             <command>journalctl --no-hostname --boot --follow --unit vyos-configd.service</command>
           </leafNode>
+          <leafNode name="vyos-domain-resolver">
+            <properties>
+              <help>Monitor last lines of VyOS domain resolver daemon log</help>
+            </properties>
+            <command>journalctl --no-hostname --boot --follow --unit vyos-domain-resolver.service</command>
+          </leafNode>
           <node name="wireless">
             <properties>
               <help>Monitor last lines of Wireless interface log</help>
diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in
index 9dcebb6af..7ace50cc9 100755
--- a/op-mode-definitions/show-log.xml.in
+++ b/op-mode-definitions/show-log.xml.in
@@ -905,6 +905,12 @@
             </properties>
             <command>journalctl --no-hostname --boot --unit vyos-configd.service</command>
           </leafNode>
+          <leafNode name="vyos-domain-resolver">
+            <properties>
+              <help>Show log for VyOS domain resolver daemon</help>
+            </properties>
+            <command>journalctl --no-hostname --boot --unit vyos-domain-resolver.service</command>
+          </leafNode>
           <node name="wireless">
             <properties>
               <help>Show log for Wireless interface</help>
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index ffbd915a2..10d389d73 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -43,7 +43,6 @@ airbag.enable()
 
 nftables_conf = '/run/nftables.conf'
 domain_resolver_usage = '/run/use-vyos-domain-resolver-firewall'
-domain_resolver_usage_nat = '/run/use-vyos-domain-resolver-nat'
 
 sysctl_file = r'/run/sysctl/10-vyos-firewall.conf'
 
diff --git a/src/helpers/vyos-domain-resolver.py b/src/services/vyos-domain-resolver
index f5a1d9297..bc74a05d1 100755
--- a/src/helpers/vyos-domain-resolver.py
+++ b/src/services/vyos-domain-resolver
@@ -16,6 +16,7 @@
 
 import json
 import time
+import logging
 
 from vyos.configdict import dict_merge
 from vyos.configquery import ConfigTreeQuery
@@ -48,6 +49,11 @@ ipv6_tables = {
     'ip6 raw'
 }
 
+logger = logging.getLogger(__name__)
+logs_handler = logging.StreamHandler()
+logger.addHandler(logs_handler)
+logger.setLevel(logging.INFO)
+
 def get_config(conf, node):
     node_config = conf.get_config_dict(node, key_mangling=('-', '_'), get_first_key=True,
                                     no_tag_node_value_mangle=True)
@@ -163,15 +169,15 @@ def update_fqdn(config, node):
     nft_conf_str = "\n".join(conf_lines) + "\n"
     code = run(f'nft --file -', input=nft_conf_str)
 
-    print(f'Updated {count} sets in {node} - result: {code}')
+    logger.info(f'Updated {count} sets in {node} - result: {code}')
 
 if __name__ == '__main__':
-    print(f'VyOS domain resolver')
+    logger.info(f'VyOS domain resolver')
 
     count = 1
     while commit_in_progress():
         if ( count % 60 == 0 ):
-            print(f'Commit still in progress after {count}s - waiting')
+            logger.info(f'Commit still in progress after {count}s - waiting')
         count += 1
         time.sleep(1)
 
@@ -179,7 +185,7 @@ if __name__ == '__main__':
     firewall = get_config(conf, base_firewall)
     nat = get_config(conf, base_nat)
 
-    print(f'interval: {timeout}s - cache: {cache}')
+    logger.info(f'interval: {timeout}s - cache: {cache}')
 
     while True:
         update_fqdn(firewall, 'firewall')
diff --git a/src/systemd/vyos-domain-resolver.service b/src/systemd/vyos-domain-resolver.service
index e63ae5e34..87a4748f4 100644
--- a/src/systemd/vyos-domain-resolver.service
+++ b/src/systemd/vyos-domain-resolver.service
@@ -6,7 +6,9 @@ ConditionPathExistsGlob=/run/use-vyos-domain-resolver*
 [Service]
 Type=simple
 Restart=always
-ExecStart=/usr/bin/python3 -u /usr/libexec/vyos/vyos-domain-resolver.py
+ExecStart=/usr/bin/python3 -u /usr/libexec/vyos/services/vyos-domain-resolver
+SyslogIdentifier=vyos-domain-resolver
+SyslogFacility=daemon
 StandardError=journal
 StandardOutput=journal