Refactoring; don't populate keys obsoloted more than 2 days; delete bind journal when out-of-sync (only with rndc); populate DS Entries for sub-sub-domains
Signed-off-by: Blackyfff <blackyfff@noreply.git.freifunk-franken.de>
This commit is contained in:
parent
8f24ca4f96
commit
8fb4e6b8a2
|
@ -199,8 +199,18 @@ GetOwnKeysForZone () {
|
||||||
Domain="$2"
|
Domain="$2"
|
||||||
if [ -n "$DNSSECKeyFolder" ];then
|
if [ -n "$DNSSECKeyFolder" ];then
|
||||||
for OwnKeyFile in "$DNSSECKeyFolder""K""$Domain"".+"*".key"; do
|
for OwnKeyFile in "$DNSSECKeyFolder""K""$Domain"".+"*".key"; do
|
||||||
sed -ne '/^;/d;s/^'"$Domain"'\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]\s\+\(.*\)$/_dnsseckeys\.'"$Domain"'\.\tIN TXT\t\"\2\"/p' "$OwnKeyFile" | \
|
Removed="$(sed -ne 's/^; Delete: \(\S\{12\}\).*/\1/p' "$OwnKeyFile")"
|
||||||
NormalizeZoneFileFormatting
|
if [ -n "$Removed" ]; then
|
||||||
|
Removed="$(date -u -d "$Removed" '+%s')"
|
||||||
|
CurDate="$(date -u '+%s')"
|
||||||
|
if [ $((CurDate - Removed)) -le 172800 ]; then
|
||||||
|
Removed=""
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -z "$Removed" ]; then
|
||||||
|
sed -ne '/^;/d;s/^'"$Domain"'\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]\s\+\(.*\)$/_dnsseckeys\.'"$Domain"'\.\tIN TXT\t\"\2\"/p' "$OwnKeyFile" | \
|
||||||
|
NormalizeZoneFileFormatting
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -215,24 +225,26 @@ UpdateDNSSECEntryCache () {
|
||||||
|
|
||||||
mkdir -p "$ZoneTempFolder"
|
mkdir -p "$ZoneTempFolder"
|
||||||
for KeyFile in "$ZoneTempFolder"*; do
|
for KeyFile in "$ZoneTempFolder"*; do
|
||||||
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
|
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||||
mv "$KeyFile" "$ZoneTempFolder""Old""${KeyFile##*""$ZoneTempFolder""}"
|
mv "$KeyFile" "$ZoneTempFolder""Old""${KeyFile##*$ZoneTempFolder}"
|
||||||
done
|
|
||||||
for Nameserver in $Nameservers; do
|
|
||||||
if [ "$Nameserver" == "$DNSSCRIPT_SERVER_NAME" ]; then
|
|
||||||
DNSKEYS="$( GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" )"
|
|
||||||
else
|
|
||||||
DNSKEYS="$(delv @"$Nameserver" _dnsseckeys."$Domain" TXT 2>/dev/null | \
|
|
||||||
sed -ne '/^;/d;s/^.*\sIN\s\+TXT\s\+"\(.*\)"$/'"$Domain"'.\tIN DNSKEY\t\1/p' | \
|
|
||||||
NormalizeZoneFileFormatting )"
|
|
||||||
fi
|
|
||||||
if [ -n "$DNSKEYS" ] && [ "$DNSKEYS" != "$(cat "$ZoneTempFolder""OldKeys.""$Nameserver" 2>/dev/null)" ]; then
|
|
||||||
echo "$DNSKEYS" > "$ZoneTempFolder""Keys.""$Nameserver"
|
|
||||||
UpdateMaster=1
|
|
||||||
elif [ -f "$ZoneTempFolder""OldKeys.""$Nameserver" ]; then
|
|
||||||
mv "$ZoneTempFolder""OldKeys.""$Nameserver" "$ZoneTempFolder""Keys.""$Nameserver"
|
|
||||||
fi
|
|
||||||
done
|
done
|
||||||
|
if [ -n "$DNSSECKeyFolder" ]; then
|
||||||
|
for Nameserver in $Nameservers; do
|
||||||
|
if [ "$Nameserver" = "$DNSSCRIPT_SERVER_NAME" ]; then
|
||||||
|
DNSKEYS="$( GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" )"
|
||||||
|
else
|
||||||
|
DNSKEYS="$(delv @"$Nameserver" _dnsseckeys."$Domain" TXT 2>/dev/null | \
|
||||||
|
sed -ne '/^;/d;s/^.*\sIN\s\+TXT\s\+"\(.*\)"$/'"$Domain"'.\tIN DNSKEY\t\1/p' | \
|
||||||
|
NormalizeZoneFileFormatting )"
|
||||||
|
fi
|
||||||
|
if [ -n "$DNSKEYS" ] && [ "$DNSKEYS" != "$(cat "$ZoneTempFolder""OldKeys.""$Nameserver" 2>/dev/null)" ]; then
|
||||||
|
echo "$DNSKEYS" > "$ZoneTempFolder""Keys.""$Nameserver"
|
||||||
|
UpdateMaster=1
|
||||||
|
elif [ -f "$ZoneTempFolder""OldKeys.""$Nameserver" ]; then
|
||||||
|
mv "$ZoneTempFolder""OldKeys.""$Nameserver" "$ZoneTempFolder""Keys.""$Nameserver"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
SEDDomain="$(SEDifyHostname "$Domain")"
|
SEDDomain="$(SEDifyHostname "$Domain")"
|
||||||
ChildServers="$( sed -ne '/^\s*\(@\|'"$SEDDomain"'\.\)\s/!s/^\s*\(\S\+\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\);\?.*$/\1#\3/p' "$CachedZoneFile" | \
|
ChildServers="$( sed -ne '/^\s*\(@\|'"$SEDDomain"'\.\)\s/!s/^\s*\(\S\+\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\);\?.*$/\1#\3/p' "$CachedZoneFile" | \
|
||||||
|
@ -258,20 +270,27 @@ UpdateDNSSECEntryCache () {
|
||||||
done
|
done
|
||||||
|
|
||||||
for KeyFile in "$ZoneTempFolder""Old"*; do
|
for KeyFile in "$ZoneTempFolder""Old"*; do
|
||||||
[ "$KeyFile" == "$ZoneTempFolder""Old*" ] || \
|
[ "$KeyFile" = "$ZoneTempFolder""Old*" ] || \
|
||||||
rm -f "$KeyFile"
|
rm -f "$KeyFile"
|
||||||
done
|
done
|
||||||
echo "$UpdateMaster"
|
echo "$UpdateMaster"
|
||||||
}
|
}
|
||||||
ReloadZone() {
|
ReloadZone() {
|
||||||
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then
|
if [ -n "$2" ]; then
|
||||||
systemctl reload bind9 >/dev/null
|
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then
|
||||||
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then
|
systemctl reload bind9 >/dev/null
|
||||||
for Zone in $2; do
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then
|
||||||
rndc reload "$1" IN "$Zone" >/dev/null || touch "/tmp/dnsscript-forcereconf"
|
for Zone in $2; do
|
||||||
done
|
rndc reload "$1" IN "$Zone" 2>"/tmp/dnsscript_rndcerr" >/dev/null || \
|
||||||
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then
|
touch "/tmp/dnsscript-forcereconf"
|
||||||
/etc/init.d/named reload >/dev/null
|
if [ -n "$3" ] && grep -q "failed: out of range" "/tmp/dnsscript_rndcerr"; then
|
||||||
|
rm -f "$3""db.""$Zone"".""$1".*
|
||||||
|
fi
|
||||||
|
rm -f "/tmp/dnsscript_rndcerr"
|
||||||
|
done
|
||||||
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then
|
||||||
|
/etc/init.d/named reload >/dev/null
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ rm -f "$TempFolder""$ExternalView"".conf"
|
||||||
|
|
||||||
CachedMasterFile="$TempFolder""cache/db.""$MasterDomain"
|
CachedMasterFile="$TempFolder""cache/db.""$MasterDomain"
|
||||||
PreFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
|
PreFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
|
||||||
$(curl -s -S -f "$RemoteLocation""db.""$MasterDomain" --output "$CachedMasterFile" && [ -f "$CachedMasterFile" ] && echo "" >> "$CachedMasterFile")
|
curl -s -S -f "$RemoteLocation""db.""$MasterDomain" --output "$CachedMasterFile" && [ -f "$CachedMasterFile" ] && echo "" >> "$CachedMasterFile" || :
|
||||||
PostFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
|
PostFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
|
||||||
[ -n "$SubCommunityDomain" ] || ServeMasterZone="$( GetAllZoneNameservers "$MasterDomain" "$CachedMasterFile" | awk '{for(i=NF;i>0;--i) if($i=="'"$DNSSCRIPT_SERVER_NAME"'") {printf 1}}')"
|
[ -n "$SubCommunityDomain" ] || ServeMasterZone="$( GetAllZoneNameservers "$MasterDomain" "$CachedMasterFile" | awk '{for(i=NF;i>0;--i) if($i=="'"$DNSSCRIPT_SERVER_NAME"'") {printf 1}}')"
|
||||||
if [ -n "$MasterExternDomain" ]; then
|
if [ -n "$MasterExternDomain" ]; then
|
||||||
|
@ -54,13 +54,61 @@ else
|
||||||
ServeExtZone=""
|
ServeExtZone=""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
UpdateExternal() {
|
||||||
|
CachedZoneFile="$TempFolder""cache/db.""$InternalDomain""E"
|
||||||
|
|
||||||
|
UpdateExternView=0
|
||||||
|
if [ -n "$ExternalView" ] || [ -n "$ExternDomain" ]; then
|
||||||
|
SerialExtern="$(GetZoneFileSerial "$ExternalZoneFile")"
|
||||||
|
if [ $((SerialIntern)) -gt $((SerialExtern)) ]; then
|
||||||
|
sed -e '/^[^;]*\s\(10\.\|[fF][cdCD][0-9a-fA-F]\{2\}:\)\S*\s*\(;.*\)\?$/d; \
|
||||||
|
s/^[^;^@]*\s\+\([^;]*\)\s[Ii][Nn]\s\+[Ss][Oo][Aa]\s/@ \1 IN SOA /g' "$InternalZoneFile" \
|
||||||
|
> "$ExternalZoneFile"
|
||||||
|
UpdateExternView=1
|
||||||
|
ReloadZone "$InternalDomain" "$ExternalView" "$ZoneFilesFolder"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$ExternDomain" ]; then
|
||||||
|
ExtDomainFile="$ZoneFilesFolder""db.""$FirstInternal"".""$ExternDomain"
|
||||||
|
ZoneTempFolder="$TempFolder""cache/""$ExternDomain""/"
|
||||||
|
cp -f "$ExternalZoneFile" "$CachedZoneFile"
|
||||||
|
[ -z "$DNSSECKeyFolder" ] || sed -i -e '/^\s*_dnsseckeys\./d' "$CachedZoneFile"
|
||||||
|
[ -n "$(sed -e '/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\)\s/!d' "$CachedZoneFile")" ] || \
|
||||||
|
sed -i -e 's/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\)\s\+\S\+\s\+\S\+\s/\1 '"$DNSSCRIPT_SERVER_NAME"'. '"$DNSSCRIPT_CONTACT_EMAIL"' /g' "$CachedZoneFile"
|
||||||
|
|
||||||
|
sed -i -e '/^\s*\S\+\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Ss]\s/d' "$CachedZoneFile"
|
||||||
|
|
||||||
|
UpdateExternDomain="$(UpdateDNSSECEntryCache "$ExternDomain" "$ZoneTempFolder" "$CachedZoneFile" "$DNSSECKeyFolder")"
|
||||||
|
if [ $UpdateExternView -ne 0 ] || [ $UpdateExternDomain -ne 0 ]; then
|
||||||
|
for KeyFile in "$ZoneTempFolder"*; do
|
||||||
|
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||||
|
cat "$KeyFile" >> "$CachedZoneFile"
|
||||||
|
done
|
||||||
|
LocalExtDomainMasterSerial="$(GetZoneFileSerial "$ExtDomainFile")"
|
||||||
|
|
||||||
|
if [ $((SerialIntern)) -le $((LocalExtDomainMasterSerial)) ]; then
|
||||||
|
LocalExtDomainMasterSerial=$((LocalExtDomainMasterSerial+1))
|
||||||
|
sed -i -e 's/^\(\s*\)'"$SerialIntern"'\(\s*;\s*[Ss]erial.*\)$/\1'"$LocalExtDomainMasterSerial"'\3/g' "$CachedZoneFile"
|
||||||
|
sed -i -e 's/^\(\s*\S\+\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\s\+\S\+\s\+\S\+\s\+\)'"$SerialIntern"'\(\s\+.*\)$/\1'"$LocalExtDomainMasterSerial"'\3/g' "$CachedZoneFile"
|
||||||
|
fi
|
||||||
|
mv "$CachedZoneFile" "$ExtDomainFile"
|
||||||
|
ReloadZone "$ExternDomain" "$InternalViews" "$ZoneFilesFolder"
|
||||||
|
ReloadZone "$ExternDomain" "$ExternalView" "$ZoneFilesFolder"
|
||||||
|
fi
|
||||||
|
|
||||||
|
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$ExternDomain" "$ExtDomainFile" "$TempFolder" "$DNSSECPolicy"
|
||||||
|
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "$ExternDomain" "$ExtDomainFile" "$TempFolder" "$DNSSECPolicy"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
|
if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
|
||||||
sed -i -e '/^\s*_dnsseckeys\./d' "$CachedMasterFile"
|
sed -i -e '/^\s*_dnsseckeys\./d' "$CachedMasterFile"
|
||||||
FileForExternGeneration="$CachedMasterFile"
|
FileForExternGeneration="$CachedMasterFile"
|
||||||
if [ -n "$ExternalView" ]; then
|
if [ -n "$ExternalView" ]; then
|
||||||
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$MasterDomain"
|
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$MasterDomain"
|
||||||
else
|
else
|
||||||
ExternFile="$ZoneFilesFolder""db.""$MasterExternDomain"
|
ExternFile="$ZoneFilesFolder""db.extern.""$MasterDomain"
|
||||||
fi
|
fi
|
||||||
LocalMasterSerial=$((PostFetchMasterSerial))
|
LocalMasterSerial=$((PostFetchMasterSerial))
|
||||||
if [ -n "$ServeMasterZone" ]; then
|
if [ -n "$ServeMasterZone" ]; then
|
||||||
|
@ -72,7 +120,7 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
|
||||||
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ $UpdateMaster -ne 0 ]; then
|
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ $UpdateMaster -ne 0 ]; then
|
||||||
cp -f "$CachedMasterFile" "$CachedMasterFile""I"
|
cp -f "$CachedMasterFile" "$CachedMasterFile""I"
|
||||||
for KeyFile in "$ZoneTempFolder"*; do
|
for KeyFile in "$ZoneTempFolder"*; do
|
||||||
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
|
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||||
cat "$KeyFile" >> "$CachedMasterFile""I"
|
cat "$KeyFile" >> "$CachedMasterFile""I"
|
||||||
done
|
done
|
||||||
LocalMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
LocalMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
||||||
|
@ -85,71 +133,21 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
|
||||||
LocalMasterSerial=$((PostFetchMasterSerial))
|
LocalMasterSerial=$((PostFetchMasterSerial))
|
||||||
fi
|
fi
|
||||||
mv "$CachedMasterFile""I" "$MasterFile"
|
mv "$CachedMasterFile""I" "$MasterFile"
|
||||||
ReloadZone "$MasterDomain" "$InternalViews"
|
ReloadZone "$MasterDomain" "$InternalViews" "$ZoneFilesFolder"
|
||||||
|
|
||||||
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$MasterDomain" "$MasterFile" "$TempFolder" "$DNSSECPolicy"
|
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$MasterDomain" "$MasterFile" "$TempFolder" "$DNSSECPolicy"
|
||||||
fi
|
fi
|
||||||
for Subnet in $CommunitySubnets; do
|
|
||||||
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
|
||||||
for RDomain in $ReverseDomains; do
|
|
||||||
ReverseZoneFile="$(GetReverseZoneFileFromZone "${RDomain%*.}")"
|
|
||||||
! curl -s -f "$RemoteLocation""static.""$ReverseZoneFile" \
|
|
||||||
--output "$ZoneFilesFolder""static.""$ReverseZoneFile" && \
|
|
||||||
rm -f "$ZoneFilesFolder""static.""$ReverseZoneFile"
|
|
||||||
./update-rdnszone.sh "$RDomain" "$ForwardZones" "$ZoneFilesFolder""$ReverseZoneFile" "$TTLReReExMi" "$InternalViews"
|
|
||||||
for IView in $InternalViews; do
|
|
||||||
InsertZoneToIncludeFile "${RDomain%*.}" "$ZoneFilesFolder""$ReverseZoneFile" "$TempFolder""$IView"".conf"
|
|
||||||
done
|
|
||||||
done
|
|
||||||
done
|
|
||||||
if [ -n "$ExternalView" ]; then
|
if [ -n "$ExternalView" ]; then
|
||||||
InsertZoneToIncludeFile "$MasterDomain" "$ExternFile" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
|
InsertZoneToIncludeFile "$MasterDomain" "$ExternFile" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
UpdateExternView=0
|
InternalZoneFile="$FileForExternGeneration"
|
||||||
if [ -n "$ExternalView" ] || [ -n "$ServeExtZone" ]; then
|
ExternalZoneFile="$ExternFile"
|
||||||
SerialExtern="$(GetZoneFileSerial "$ExternFile")"
|
InternalDomain="$MasterDomain"
|
||||||
if [ $((LocalMasterSerial)) -gt $((SerialExtern)) ]; then
|
ExternDomain="$MasterExternDomain"
|
||||||
sed -e '/^[^;]*\s\(10\.\|[fF][cdCD][0-9a-fA-F]\{2\}:\)\S*\s*\(;.*\)\?$/d; \
|
SerialIntern="$LocalMasterSerial"
|
||||||
s/^[^;^@]*\s\+\([^;]*\)\s[Ii][Nn]\s\+[Ss][Oo][Aa]\s/@ \1 IN SOA /g' "$FileForExternGeneration" \
|
UpdateExternal
|
||||||
> "$ExternFile"
|
|
||||||
UpdateExternView=1
|
|
||||||
[ -z "$ExternalView" ] || ReloadZone "$MasterDomain" "$ExternalView"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -n "$ServeExtZone" ]; then
|
|
||||||
MasterExtDomainFile="$ZoneFilesFolder""db.""$FirstInternal"".""$MasterExternDomain"
|
|
||||||
ZoneTempFolder="$TempFolder""cache/""$MasterExternDomain""/"
|
|
||||||
cp -f "$ExternFile" "$CachedMasterFile""E"
|
|
||||||
sed -i -e '/^\s*_dnsseckeys\./d' "$CachedMasterFile""E"
|
|
||||||
[ -n "$(sed -e '/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\)\s/!d' "$CachedMasterFile""E")" ] || \
|
|
||||||
sed -i -e 's/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\)\s\+\S\+\s\+\S\+\s/\1 '"$DNSSCRIPT_SERVER_NAME"'. '"$DNSSCRIPT_CONTACT_EMAIL"' /g' "$CachedMasterFile""E"
|
|
||||||
|
|
||||||
sed -i -e 's/^\s*'"$CommunityExternPrefix"'\s/@ /g;/^\s*@\s\+[Ii][Nn]\s\+[Dd][Ss]\s/d' "$CachedMasterFile""E"
|
|
||||||
|
|
||||||
UpdateExternDomain="$(UpdateDNSSECEntryCache "$MasterExternDomain" "$ZoneTempFolder" "$CachedMasterFile""E" "$DNSSECKeyFolder")"
|
|
||||||
if [ $UpdateExternView -ne 0 ] || [ $UpdateExternDomain -ne 0 ]; then
|
|
||||||
for KeyFile in "$ZoneTempFolder"*; do
|
|
||||||
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
|
|
||||||
cat "$KeyFile" >> "$CachedMasterFile""E"
|
|
||||||
done
|
|
||||||
LocalExtDomainMasterSerial="$(GetZoneFileSerial "$MasterExtDomainFile")"
|
|
||||||
|
|
||||||
if [ $((LocalMasterSerial)) -le $((LocalExtDomainMasterSerial)) ]; then
|
|
||||||
LocalExtDomainMasterSerial=$((LocalExtDomainMasterSerial+1))
|
|
||||||
sed -i -e 's/^\(\s*\)'"$LocalMasterSerial"'\(\s*;\s*[Ss]erial.*\)$/\1'"$LocalExtDomainMasterSerial"'\3/g' "$CachedMasterFile""E"
|
|
||||||
sed -i -e 's/^\(\s*\S\+\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\s\+\S\+\s\+\S\+\s\+\)'"$LocalMasterSerial"'\(\s\+.*\)$/\1'"$LocalExtDomainMasterSerial"'\3/g' "$CachedMasterFile""E"
|
|
||||||
fi
|
|
||||||
mv "$CachedMasterFile""E" "$MasterExtDomainFile"
|
|
||||||
ReloadZone "$MasterExternDomain" "$InternalViews"
|
|
||||||
[ -z "$ExternalView" ] || ReloadZone "$MasterExternDomain" "$ExternalView"
|
|
||||||
fi
|
|
||||||
|
|
||||||
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$MasterExternDomain" "$MasterExtDomainFile" "$TempFolder" "$DNSSECPolicy"
|
|
||||||
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "$MasterExternDomain" "$MasterExtDomainFile" "$TempFolder" "$DNSSECPolicy"
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "$MasterFile" ]; then
|
if [ -z "$MasterFile" ]; then
|
||||||
|
@ -157,11 +155,25 @@ if [ -z "$MasterFile" ]; then
|
||||||
cp -f "$CachedMasterFile" "$MasterFile"
|
cp -f "$CachedMasterFile" "$MasterFile"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
for Subnet in $CommunitySubnets; do
|
||||||
|
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
||||||
|
for RDomain in $ReverseDomains; do
|
||||||
|
ReverseZoneFile="$(GetReverseZoneFileFromZone "${RDomain%*.}")"
|
||||||
|
! curl -s -f "$RemoteLocation""static.""$ReverseZoneFile" \
|
||||||
|
--output "$ZoneFilesFolder""static.""$ReverseZoneFile" && \
|
||||||
|
rm -f "$ZoneFilesFolder""static.""$ReverseZoneFile"
|
||||||
|
./update-rdnszone.sh "$RDomain" "$ForwardZones" "$ZoneFilesFolder""$ReverseZoneFile" "$TTLReReExMi" "$InternalViews"
|
||||||
|
for IView in $InternalViews; do
|
||||||
|
InsertZoneToIncludeFile "${RDomain%*.}" "$ZoneFilesFolder""$ReverseZoneFile" "$TempFolder""$IView"".conf"
|
||||||
|
done
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
# set shorter TTL for Hoods
|
# set shorter TTL for Hoods
|
||||||
TTLReReExMi="420 360 180 1800 360"
|
TTLReReExMi="420 360 180 1800 360"
|
||||||
|
|
||||||
Hoods="$(GetOwnHoods "$MasterDomain" "$MasterFile")"
|
Hoods="$(GetOwnHoods "$MasterDomain" "$MasterFile")"
|
||||||
|
DNSSECKeyFolder=""
|
||||||
for Hood in $Hoods; do
|
for Hood in $Hoods; do
|
||||||
HoodDomain="${Hood%%\#*}"".""$MasterDomain"
|
HoodDomain="${Hood%%\#*}"".""$MasterDomain"
|
||||||
Subnets="$(echo "${Hood#*\#}" | sed -e 's/#/ /g')"
|
Subnets="$(echo "${Hood#*\#}" | sed -e 's/#/ /g')"
|
||||||
|
@ -181,7 +193,10 @@ for Hood in $Hoods; do
|
||||||
echo ";"
|
echo ";"
|
||||||
} > "$HoodZoneFile"
|
} > "$HoodZoneFile"
|
||||||
fi
|
fi
|
||||||
./update-hoodzone.sh "$HoodZoneFile" "$HoodDomain" "$Subnets" "$InternalViews"
|
ZoneTempFolder="$TempFolder""cache/""$HoodDomain""/"
|
||||||
|
./update-hoodzone.sh "$HoodZoneFile" "$HoodDomain" "$Subnets" "$InternalViews" "$ZoneTempFolder" "$ZoneFilesFolder"
|
||||||
|
|
||||||
|
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$HoodDomain" "$HoodZoneFile" "$TempFolder" "$DNSSECPolicy"
|
||||||
|
|
||||||
HoodForwardZones="$ForwardZones $HoodDomain""/""$HoodZoneFile"
|
HoodForwardZones="$ForwardZones $HoodDomain""/""$HoodZoneFile"
|
||||||
for Subnet in $Subnets; do
|
for Subnet in $Subnets; do
|
||||||
|
@ -201,7 +216,7 @@ for Hood in $Hoods; do
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "$ExternalView" ]; then
|
if [ -n "$ExternalView" ]; then
|
||||||
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$HoodDomain"
|
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$HoodDomain"
|
||||||
elif [ -n "$HoodExternDomain" ]; then
|
elif [ -n "$HoodExternDomain" ]; then
|
||||||
ExternFile="$ZoneFilesFolder""db.""$HoodExternDomain"
|
ExternFile="$ZoneFilesFolder""db.""$HoodExternDomain"
|
||||||
else
|
else
|
||||||
|
@ -209,15 +224,15 @@ for Hood in $Hoods; do
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "$ExternFile" ]; then
|
if [ -n "$ExternFile" ]; then
|
||||||
./update-extzone.sh "$HoodZoneFile" "$ExternFile" "$HoodDomain" "$ExternalView" "$HoodExternDomain" "$InternalViews"
|
if [ -n "$ExternalView" ]; then
|
||||||
fi
|
InsertZoneToIncludeFile "$HoodDomain" "$ExternFile" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
|
||||||
|
fi
|
||||||
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$HoodDomain" "$HoodZoneFile" "$TempFolder" "$DNSSECPolicy"
|
InternalZoneFile="$HoodZoneFile"
|
||||||
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "$HoodDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
|
ExternalZoneFile="$ExternFile"
|
||||||
|
InternalDomain="$HoodDomain"
|
||||||
if [ -n "$HoodExternDomain" ]; then
|
ExternDomain="$HoodExternDomain"
|
||||||
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "${Hood%%\#*}"".""$MasterExternDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
|
SerialIntern="$(GetZoneFileSerial "$InternalZoneFile")"
|
||||||
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "${Hood%%\#*}"".""$MasterExternDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
|
UpdateExternal
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
|
@ -238,7 +253,7 @@ for IView in $InternalViews; do
|
||||||
UpdateBindConfig "$TempFolder""$IView"".conf" "$BindIncludeFileFolder""$IView"".conf"
|
UpdateBindConfig "$TempFolder""$IView"".conf" "$BindIncludeFileFolder""$IView"".conf"
|
||||||
done
|
done
|
||||||
if [ -n "$ExternalView" ]; then
|
if [ -n "$ExternalView" ]; then
|
||||||
UpdateBindConfig "$TempFolder""$ExternalView"".conf" "$BindIncludeFileFolder""$ExternalView"".conf"
|
UpdateBindConfig "$TempFolder""$ExternalView"".conf" "$BindIncludeFileFolder""$ExternalView"".conf"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ $ReConfigBind -ne 0 ] || [ -f "/tmp/dnsscript-forcereconf" ]; then
|
if [ $ReConfigBind -ne 0 ] || [ -f "/tmp/dnsscript-forcereconf" ]; then
|
||||||
|
|
|
@ -1,32 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
# SPDX-License-Identifier: GPL-3.0
|
|
||||||
#
|
|
||||||
# freifunk-franken dns-scipts (c) 2021 Blackyfff
|
|
||||||
|
|
||||||
. ./dns-functions.sh
|
|
||||||
|
|
||||||
InternalZoneFile="$1"
|
|
||||||
ExternalZoneFile="$2"
|
|
||||||
ExternalZone="$3"
|
|
||||||
ExternalView="$4"
|
|
||||||
CommunityExternal="$5"
|
|
||||||
InternalViews="$6"
|
|
||||||
|
|
||||||
SerialIntern="$(GetZoneFileSerial "$InternalZoneFile")"
|
|
||||||
SerialExtern="$(GetZoneFileSerial "$ExternalZoneFile")"
|
|
||||||
|
|
||||||
if [ $((SerialIntern)) -gt $((SerialExtern)) ]; then
|
|
||||||
ZoneContent="$(sed -e '/^[^;]*\s\(10\.\|[fF][cdCD][0-9a-fA-F]\{2\}:\)\S*\s*\(;.*\)\?$/d; \
|
|
||||||
s/^[^;^@]*\s\+\([^;]*\)\s[Ii][Nn]\s\+[Ss][Oo][Aa]\s/@ \1 IN SOA /g' "$InternalZoneFile")"
|
|
||||||
|
|
||||||
[ -n "$( echo "$ZoneContent" | sed -e '/^[eE][xX][tT][eE][rR][nN]\s[^;]*\s[Ii][Nn]\s\+[Nn][Ss]/!d')" ] \
|
|
||||||
&& ZoneContent="$(echo "$ZoneContent" | sed -e '/^@\s[^;]*\s[Ii][Nn]\s\+[Nn][Ss]\s/d; \
|
|
||||||
s/^[eE][xX][tT][eE][rR][nN]\s\([^;]*\s[Ii][Nn]\s\+[Nn][Ss]\s.*\)/@ \1/g; \
|
|
||||||
s/^\(@ [^;]* IN SOA\)\s\+\S\+\s\+\S\+\s/\1 '"$DNSSCRIPT_SERVER_NAME"'. '"$DNSSCRIPT_CONTACT_EMAIL"' /g')"
|
|
||||||
echo "$ZoneContent" > "$ExternalZoneFile"
|
|
||||||
[ -z "$ExternalView" ] || ReloadZone "$ExternalZone" "$ExternalView"
|
|
||||||
if [ -n "$CommunityExternal" ]; then
|
|
||||||
ReloadZone "$CommunityExternal" "$InternalViews"
|
|
||||||
[ -z "$ExternalView" ] || ReloadZone "$CommunityExternal" "$ExternalView"
|
|
||||||
fi
|
|
||||||
fi
|
|
19
usr/lib/ffdns/update-hoodzone.sh
Executable file → Normal file
19
usr/lib/ffdns/update-hoodzone.sh
Executable file → Normal file
|
@ -10,7 +10,8 @@ HoodZoneFile="$1"
|
||||||
Domain="$2"
|
Domain="$2"
|
||||||
Subnets="$3"
|
Subnets="$3"
|
||||||
View="$4"
|
View="$4"
|
||||||
|
ZoneTempFolder="$5"
|
||||||
|
ZoneFilesFolder="$6"
|
||||||
|
|
||||||
DomainReg=".""$Domain"
|
DomainReg=".""$Domain"
|
||||||
DomainReg="$(echo "$DomainReg" | sed -e 's/\./\\\./g')"
|
DomainReg="$(echo "$DomainReg" | sed -e 's/\./\\\./g')"
|
||||||
|
@ -33,7 +34,7 @@ if [ -f "/tmp/dhcp.leases" ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for Leasefile in /tmp/hosts/*; do
|
for Leasefile in /tmp/hosts/*; do
|
||||||
if [ -n "${Leasefile##*/tmp/hosts/\*}" ]; then
|
if [ -n "${Leasefile##*/tmp/hosts/\*}" ] && [ -n "${Leasefile##*fffmanage}" ]; then
|
||||||
NewLeases="$(echo "$NewLeases"; sed -ne 's/^\s*\([0-9.]*\)\s\+\([_0-9a-zA-Z-]\+\)'"$DomainReg"'.*/\2 IN A \1/p' "$Leasefile")"
|
NewLeases="$(echo "$NewLeases"; sed -ne 's/^\s*\([0-9.]*\)\s\+\([_0-9a-zA-Z-]\+\)'"$DomainReg"'.*/\2 IN A \1/p' "$Leasefile")"
|
||||||
NewLeases="$(echo "$NewLeases"; sed -ne 's/^\s*\([0-9a-fA-F:]*\)\s\+\([_0-9a-zA-Z-]\+\)'"$DomainReg"'.*/\2 IN AAAA \1/p' "$Leasefile")"
|
NewLeases="$(echo "$NewLeases"; sed -ne 's/^\s*\([0-9a-fA-F:]*\)\s\+\([_0-9a-zA-Z-]\+\)'"$DomainReg"'.*/\2 IN AAAA \1/p' "$Leasefile")"
|
||||||
fi
|
fi
|
||||||
|
@ -43,9 +44,13 @@ NewLeases="$(echo "$NewLeases" |
|
||||||
sed -ne 's/^\(\(\(\S\+\)'"$DomainReg"'\)\|\(\S\+\)\)\(.*\)$/\3\4\5/p' |
|
sed -ne 's/^\(\(\(\S\+\)'"$DomainReg"'\)\|\(\S\+\)\)\(.*\)$/\3\4\5/p' |
|
||||||
awk '!a[$0]++' |
|
awk '!a[$0]++' |
|
||||||
# uncomment and duplicate to secure static DNS-Entries
|
# uncomment and duplicate to secure static DNS-Entries
|
||||||
# sed -e '/^dns\s\+.*/d' |
|
sed -e '/^dns\s\+.*/d' |
|
||||||
|
sed -e '/^gw01\s\+.*/d' |
|
||||||
NormalizeZoneFileFormatting)"
|
NormalizeZoneFileFormatting)"
|
||||||
if [ "$NewLeases" != "$OldLeases" ]; then
|
|
||||||
|
UpdateZone="$(UpdateDNSSECEntryCache "$Domain" "$ZoneTempFolder" "$HoodZoneFile")"
|
||||||
|
|
||||||
|
if [ "$NewLeases" != "$OldLeases" ] || [ $UpdateZone -ne 0 ]; then
|
||||||
NewSerial="$(GetZoneFileSerial "$HoodZoneFile")"
|
NewSerial="$(GetZoneFileSerial "$HoodZoneFile")"
|
||||||
NewSerial=$((NewSerial+1))
|
NewSerial=$((NewSerial+1))
|
||||||
sed -i -e 's/^\(\s*\)\(\S\+\)\(\s*;\s*Serial.*\)/\1'"$NewSerial"'\3/g' "$HoodZoneFile"
|
sed -i -e 's/^\(\s*\)\(\S\+\)\(\s*;\s*Serial.*\)/\1'"$NewSerial"'\3/g' "$HoodZoneFile"
|
||||||
|
@ -54,5 +59,9 @@ if [ "$NewLeases" != "$OldLeases" ]; then
|
||||||
echo ";### Leases ###"
|
echo ";### Leases ###"
|
||||||
echo "$NewLeases"
|
echo "$NewLeases"
|
||||||
} >> "$HoodZoneFile"
|
} >> "$HoodZoneFile"
|
||||||
ReloadZone "$Domain" "$View"
|
for KeyFile in "$ZoneTempFolder"*; do
|
||||||
|
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||||
|
cat "$KeyFile" >> "$HoodZoneFile"
|
||||||
|
done
|
||||||
|
ReloadZone "$Domain" "$View" "$ZoneFilesFolder"
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in New Issue
Block a user