diff --git a/etc/ffdns/community.conf b/etc/ffdns/community.conf new file mode 100644 index 0000000..b15cf98 --- /dev/null +++ b/etc/ffdns/community.conf @@ -0,0 +1,13 @@ +### The community domain; must be set even if it is not served by this server +CommunityDomain="fff.community" + +### Subdomain for CommunityDomain only serving non RFC 1918/4193 addresses, otherwise leave empty +CommunityExternPrefix="extern" + +CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48" + +### master file in remote needs to be named: db.$CommunityDomain +RemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/" + +### TTL Refresh Retry Expire Minimum +TTLReReExMi="3600 2000 6400 2419200 86400" \ No newline at end of file diff --git a/etc/ffdns/local.conf b/etc/ffdns/local.conf new file mode 100644 index 0000000..78e13c2 --- /dev/null +++ b/etc/ffdns/local.conf @@ -0,0 +1,38 @@ +### DNSSCRIPT_CONTACT_EMAIL the responsible person can be contacted there; needs zone-file format +#DNSSCRIPT_CONTACT_EMAIL="info.freifunk-herpf.de." +DNSSCRIPT_CONTACT_EMAIL="" + +### DNSSCRIPT_SERVER_NAME must be this server given in community zone files NS entry and/or subdomain entries +### Full Hostname, w/o trailing dot +#DNSSCRIPT_SERVER_NAME="dns.herpf.fff.community" +DNSSCRIPT_SERVER_NAME="" + +ZoneFilesFolder="/etc/bind/fff/" +BindIncludeFileFolder="/etc/bind/" +TempFolder="/tmp/ffdns/" + +### specify the bird/babel or other routing table[s] +### if RoutingTables is empty, the ICVPN-ACL-List will be fetched remotely (for servers that are no gateway) +RoutingTables="10" + +### -1 -> disable bind [restart|reload] +### 0 -> Debian (and like) systemctl [reload|restart] bind9 +### 1 -> use rndc to [reload zone|reconfig] (recommended; rndc needs setup first) +### 2 -> OpenWRT /etc/init.d/named [reload|restart] +DNSSCRIPT_BIND_RELOAD_VER=0 + +# the views specified in named.conf + +### must have at least one entry +InternalViews="icvpn-internal-view icvpn-internal-dns64-view" + +### can be empty +ExternalView="external-view" + +#DNSSEC + +### DNSSECPolicy and Folder specified in named.conf; if no DNSSEC is used leave empty +#DNSSECPolicy="herpf" +DNSSECPolicy="" +#DNSSECKeyFolder="/etc/bind/keys/" +DNSSECKeyFolder="" diff --git a/usr/lib/ffdns/update-dns.sh b/usr/lib/ffdns/update-dns.sh index 9c856fd..056db4f 100644 --- a/usr/lib/ffdns/update-dns.sh +++ b/usr/lib/ffdns/update-dns.sh @@ -8,48 +8,19 @@ # exit script when command fails set -e -# Communityconfig -CommunityDomain="fff.community" -CommunityExternPrefix="extern" -CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48" -RemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/" -DNSSECPolicy="herpf" +. /etc/ffdns/community.conf +. /etc/ffdns/local.conf -# Serverconfig -export DNSSCRIPT_CONTACT_EMAIL=info.freifunk-herpf.de. -# DNSSCRIPT_SERVER_NAME must be the server given in community zone files NS entry (Full Hostname, w/o trailing dot) -export DNSSCRIPT_SERVER_NAME=dns.herpf.fff.community -UpdateScriptsFolder="/usr/lib/ffdns/" -ZoneFilesFolder="/etc/bind/fff/" -BindIncludeFileFolder="/etc/bind/" -DNSSECKeyFolder="/etc/bind/keys/" -TempFolder="/tmp/dnsscripts/" -# specify the bird/babel or other routing table[s] -# if RoutingTables is empty, the ICVPN-ACL-List will be fetched remotely (for servers that are no gateway) -RoutingTables="10" - -# -1 -> disable bind [restart|reload] -# 0 -> Debian (and like) systemctl [reload|restart] bind9 -# 1 -> use rndc to [reload zone|reconfig] (recommended; rndc needs setup first) -# 2 -> OpenWRT /etc/init.d/named [reload|restart] -export DNSSCRIPT_BIND_RELOAD_VER=0 - -InternalViews="icvpn-internal-view icvpn-internal-dns64-view" -ExternalView="external-view" - -# TTL Refresh Retry Expire Minimum -TTLReReExMi="3600 2000 6400 2419200 86400" - -# ForwardZones: "/" ; optionaly multiple " ""/" no spaces in full filename -ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.icvpn-internal-view.""$CommunityDomain" - - -############################################################# -cd "$UpdateScriptsFolder" +export DNSSCRIPT_CONTACT_EMAIL +export DNSSCRIPT_SERVER_NAME +export DNSSCRIPT_BIND_RELOAD_VER +cd /usr/lib/ffdns/ . ./dns-functions.sh FirstInternal="$( echo "$InternalViews" | sed -ne 's/^\(\S\+\)\s.*$/\1/p')" +# ForwardZones: "/" ; optionaly multiple " ""/" no spaces in full filename +ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.""$FirstInternal"".""$CommunityDomain" BindIcvpnAclTmp="$TempFolder""icvpn-acl.conf" BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf" [ -z "$CommunityExternPrefix" ] || CommunityExternDomain="$CommunityExternPrefix"".""$CommunityDomain"