138 lines
5.3 KiB
Bash
Executable File
138 lines
5.3 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# exit script when command fails
|
|
set -e
|
|
|
|
# Communityconfig
|
|
CommunityDomain="fff.community"
|
|
CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48"
|
|
MasterFileRemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/db.fff.community"
|
|
|
|
# Serverconfig
|
|
export DNSSCRIPT_CONTACT_EMAIL=info.freifunk-herpf.de.
|
|
# DNSSCRIPT_SERVER_NAME must be the server given in community zone files NS entry
|
|
export DNSSCRIPT_SERVER_NAME=dns.herpf.fff.community
|
|
UpdateScriptsFolder="/usr/lib/ffdns/"
|
|
ZoneFilesFolder="/etc/bind/fff/"
|
|
BindIncludeFileFolder="/etc/bind/"
|
|
|
|
# -1 -> disable bind restarting/reloading
|
|
# 0 -> Debian (and like) systemctl [reload|restart] bind9
|
|
# 1 -> use rndc to [reload zone|restart] (recommended; rndc needs setup first)
|
|
# 2 -> OpenWRT /etc/init.d/named [reload|restart]
|
|
#
|
|
# Set -1 for first run to prevent exiting on error and let the script generate the config and zonefiles
|
|
# after first run edit your config and set appropriate value
|
|
export DNSSCRIPT_BIND_RELOAD_VER=0
|
|
|
|
# only necessary when rndc is used
|
|
InternalViews="icvpn-internal-view icvpn-internal-dns64-view"
|
|
ExternalView="external-view"
|
|
|
|
# TTL Refresh Retry Expire Minimum
|
|
TTLReReExMi="3600 2000 6400 2419200 86400"
|
|
|
|
# ForwardZones: "<Zone>/<Zonendatei>" ; optionaly multiple " ""<ZoneX>/<ZonendateiX>" no spaces in full filename
|
|
ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.""$CommunityDomain"
|
|
|
|
|
|
#############################################################
|
|
cd "$UpdateScriptsFolder"
|
|
. ./dns-functions.sh
|
|
|
|
MasterFile="$ZoneFilesFolder""db.""$CommunityDomain"
|
|
BindInternalConfTmp="/tmp/""$CommunityDomain""-internal.conf"
|
|
BindExternalConfTmp="/tmp/""$CommunityDomain""-external.conf"
|
|
BindIcvpnAclTmp="/tmp/icvpn-acl.conf"
|
|
BindInternalConf="$BindIncludeFileFolder""$CommunityDomain""-internal.conf"
|
|
BindExternalConf="$BindIncludeFileFolder""$CommunityDomain""-external.conf"
|
|
BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf"
|
|
|
|
PreFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
|
curl -s -S "$MasterFileRemoteLocation" --output "$MasterFile"
|
|
PostFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
|
|
|
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ]; then
|
|
ReloadZone "$CommunityDomain" "$InternalViews"
|
|
fi
|
|
|
|
rm -f "$BindInternalConfTmp"
|
|
rm -f "$BindExternalConfTmp"
|
|
InsertZoneToIncludeFile "$CommunityDomain" "$ZoneFilesFolder""db.""$CommunityDomain" "$BindExternalConfTmp"
|
|
|
|
for Subnet in $CommunitySubnets; do
|
|
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
|
for RDomain in $ReverseDomains; do
|
|
./update-rdnszone.sh "$RDomain" "$ForwardZones" "$ZoneFilesFolder" "$TTLReReExMi" "$InternalViews"
|
|
InsertZoneToIncludeFile "$RDomain" "$ZoneFilesFolder""$(GetReverseZoneFileFromZone "${RDomain%*.}")" "$BindInternalConfTmp"
|
|
done
|
|
done
|
|
|
|
InternFile="$MasterFile"
|
|
ExternFile="$ZoneFilesFolder""dbextern.""$CommunityDomain"
|
|
Domain="$CommunityDomain"
|
|
./update-extzone.sh "$InternFile" "$ExternFile" "$Domain" "$ExternalView"
|
|
|
|
# set shorter TTL for Hoods
|
|
TTLReReExMi="420 360 180 1800 360"
|
|
|
|
Hoods="$(GetOwnHoods "$CommunityDomain" "$MasterFile")"
|
|
|
|
for Hood in $Hoods; do
|
|
HoodSubDomain="${Hood%%\#*}"
|
|
Subnets="$(echo "${Hood#*\#}" | sed -e 's/#/ /g')"
|
|
HoodZoneFile="$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain"
|
|
if [ ! -f "$HoodZoneFile" ]; then
|
|
{
|
|
echo "\$TTL ${TTLReReExMi%% *}"
|
|
echo "$HoodSubDomain"".""$CommunityDomain"". ${TTLReReExMi%% *} IN SOA $DNSSCRIPT_SERVER_NAME""."" $DNSSCRIPT_CONTACT_EMAIL 1 ${TTLReReExMi#* }"
|
|
echo "$HoodSubDomain"".""$CommunityDomain"". ${TTLReReExMi%% *} IN NS $DNSSCRIPT_SERVER_NAME""."""
|
|
GetOwnGlueRecords "$CommunityDomain" "$MasterFile"
|
|
} > "$HoodZoneFile"
|
|
fi
|
|
./update-hoodzone.sh "$HoodZoneFile" "$HoodSubDomain"".""$CommunityDomain" "$Subnets" "$InternalViews"
|
|
InsertZoneToIncludeFile "$HoodSubDomain"".""$CommunityDomain" "$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain" "$BindExternalConfTmp"
|
|
|
|
HoodForwardZones="$ForwardZones $HoodSubDomain"".""$CommunityDomain""/""$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain"
|
|
for Subnet in $Subnets; do
|
|
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
|
for RDomain in $ReverseDomains; do
|
|
./update-rdnszone.sh "$RDomain" "$HoodForwardZones" "$ZoneFilesFolder" "$TTLReReExMi" "$InternalViews"
|
|
InsertZoneToIncludeFile "$RDomain" "$ZoneFilesFolder""$(GetReverseZoneFileFromZone "${RDomain%*.}")" "$BindInternalConfTmp"
|
|
done
|
|
done
|
|
|
|
InternFile="$ZoneFilesFolder""db.""$HoodSubDomain"".""$CommunityDomain"
|
|
ExternFile="$ZoneFilesFolder""dbextern.""$HoodSubDomain"".""$CommunityDomain"
|
|
Domain="$HoodSubDomain"".""$CommunityDomain"
|
|
./update-extzone.sh "$InternFile" "$ExternFile" "$Domain" "$ExternalView"
|
|
done
|
|
|
|
sed -i "1i include \"""$BindExternalConf""\";\n" "$BindInternalConfTmp"
|
|
./update-public-acl.sh "$BindIcvpnAclTmp"
|
|
|
|
|
|
ReConfigBind=1
|
|
UpdateBindConfig() {
|
|
if [ -f "$1" ] && ! cmp -s "$1" "$2"; then
|
|
mv "$1" "$2"
|
|
ReConfigBind=0
|
|
else
|
|
rm -f "$1"
|
|
fi
|
|
}
|
|
|
|
UpdateBindConfig "$BindIcvpnAclTmp" "$BindIcvpnAcl"
|
|
UpdateBindConfig "$BindInternalConfTmp" "$BindInternalConf"
|
|
UpdateBindConfig "$BindExternalConfTmp" "$BindExternalConf"
|
|
|
|
if [ $ReConfigBind -eq 0 ]; then
|
|
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then
|
|
systemctl restart bind9
|
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then
|
|
rndc reconfig
|
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then
|
|
/etc/init.d/named restart
|
|
fi
|
|
fi
|