#!/bin/sh # exit script when command fails set -e # Communityconfig CommunityDomain="fff.community" CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48" MasterFileRemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/db.fff.community" # Serverconfig export DNSSCRIPT_CONTACT_EMAIL=info.freifunk-herpf.de. # DNSSCRIPT_SERVER_NAME must be the server given in community zone files NS entry export DNSSCRIPT_SERVER_NAME=dns.herpf.fff.community UpdateScriptsFolder="/usr/lib/ffdns/" ZoneFilesFolder="/etc/bind/fff/" BindIncludeFileFolder="/etc/bind/" # -1 -> disable bind restarting/reloading # 0 -> Debian (and like) systemctl [reload|restart] bind9 # 1 -> use rndc to [reload zone|restart] (recommended; rndc needs setup first) # 2 -> OpenWRT /etc/init.d/named [reload|restart] # # Set -1 for first run to prevent exiting on error and let the script generate the config and zonefiles # after first run edit your config and set appropriate value export DNSSCRIPT_BIND_RELOAD_VER=0 # only necessary when rndc is used InternalViews="icvpn-internal-view icvpn-internal-dns64-view" ExternalView="external-view" # TTL Refresh Retry Expire Minimum TTLReReExMi="3600 2000 6400 2419200 86400" # ForwardZones: "/" ; optionaly multiple " ""/" no spaces in full filename ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.""$CommunityDomain" ############################################################# cd "$UpdateScriptsFolder" . ./dns-functions.sh MasterFile="$ZoneFilesFolder""db.""$CommunityDomain" BindInternalConfTmp="/tmp/""$CommunityDomain""-internal.conf" BindExternalConfTmp="/tmp/""$CommunityDomain""-external.conf" BindIcvpnAclTmp="/tmp/icvpn-acl.conf" BindInternalConf="$BindIncludeFileFolder""$CommunityDomain""-internal.conf" BindExternalConf="$BindIncludeFileFolder""$CommunityDomain""-external.conf" BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf" PreFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")" curl -s -S "$MasterFileRemoteLocation" --output "$MasterFile" PostFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")" if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ]; then ReloadZone "$CommunityDomain" "$InternalViews" fi rm -f "$BindInternalConfTmp" rm -f "$BindExternalConfTmp" InsertZoneToIncludeFile "$CommunityDomain" "$ZoneFilesFolder""db.""$CommunityDomain" "$BindExternalConfTmp" for Subnet in $CommunitySubnets; do ReverseDomains="$(GetReverseDomains "$Subnet")" for RDomain in $ReverseDomains; do ./update-rdnszone.sh "$RDomain" "$ForwardZones" "$ZoneFilesFolder" "$TTLReReExMi" "$InternalViews" InsertZoneToIncludeFile "$RDomain" "$ZoneFilesFolder""$(GetReverseZoneFileFromZone "${RDomain%*.}")" "$BindInternalConfTmp" done done InternFile="$MasterFile" ExternFile="$ZoneFilesFolder""dbextern.""$CommunityDomain" Domain="$CommunityDomain" ./update-extzone.sh "$InternFile" "$ExternFile" "$Domain" "$ExternalView" # set shorter TTL for Hoods TTLReReExMi="420 360 180 1800 360" Hoods="$(GetOwnHoods "$CommunityDomain" "$MasterFile")" for Hood in $Hoods; do HoodSubDomain="${Hood%%\#*}" Subnets="$(echo "${Hood#*\#}" | sed -e 's/#/ /g')" HoodZoneFile="$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain" if [ ! -f "$HoodZoneFile" ]; then { echo "\$TTL ${TTLReReExMi%% *}" echo "$HoodSubDomain"".""$CommunityDomain"". ${TTLReReExMi%% *} IN SOA $DNSSCRIPT_SERVER_NAME""."" $DNSSCRIPT_CONTACT_EMAIL 1 ${TTLReReExMi#* }" echo "$HoodSubDomain"".""$CommunityDomain"". ${TTLReReExMi%% *} IN NS $DNSSCRIPT_SERVER_NAME"".""" GetOwnGlueRecords "$CommunityDomain" "$MasterFile" } > "$HoodZoneFile" fi ./update-hoodzone.sh "$HoodZoneFile" "$HoodSubDomain"".""$CommunityDomain" "$Subnets" "$InternalViews" InsertZoneToIncludeFile "$HoodSubDomain"".""$CommunityDomain" "$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain" "$BindExternalConfTmp" HoodForwardZones="$ForwardZones $HoodSubDomain"".""$CommunityDomain""/""$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain" for Subnet in $Subnets; do ReverseDomains="$(GetReverseDomains "$Subnet")" for RDomain in $ReverseDomains; do ./update-rdnszone.sh "$RDomain" "$HoodForwardZones" "$ZoneFilesFolder" "$TTLReReExMi" "$InternalViews" InsertZoneToIncludeFile "$RDomain" "$ZoneFilesFolder""$(GetReverseZoneFileFromZone "${RDomain%*.}")" "$BindInternalConfTmp" done done InternFile="$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain" ExternFile="$ZoneFilesFolder""dbextern.""$HoodSubDomain"".""$CommunityDomain" Domain="$HoodSubDomain"".""$CommunityDomain" ./update-extzone.sh "$InternFile" "$ExternFile" "$Domain" "$ExternalView" done sed -i "1i include \"""$BindExternalConf""\";\n" "$BindInternalConfTmp" ./update-public-acl.sh "$BindIcvpnAclTmp" ReConfigBind=1 UpdateBindConfig() { if [ -f "$1" ] && ! cmp -s "$1" "$2"; then mv "$1" "$2" ReConfigBind=0 else rm -f "$1" fi } UpdateBindConfig "$BindIcvpnAclTmp" "$BindIcvpnAcl" UpdateBindConfig "$BindInternalConfTmp" "$BindInternalConf" UpdateBindConfig "$BindExternalConfTmp" "$BindExternalConf" if [ $ReConfigBind -eq 0 ]; then if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then systemctl restart bind9 elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then rndc reconfig elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then /etc/init.d/named restart fi fi