145 lines
5.6 KiB
Bash
Executable File
145 lines
5.6 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# exit script when command fails
|
|
set -e
|
|
|
|
# Communityconfig
|
|
CommunityDomain="fff.community"
|
|
CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48"
|
|
RemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/"
|
|
|
|
# Serverconfig
|
|
export DNSSCRIPT_CONTACT_EMAIL=info.freifunk-herpf.de.
|
|
# DNSSCRIPT_SERVER_NAME must be the server given in community zone files NS entry
|
|
export DNSSCRIPT_SERVER_NAME=dns.herpf.fff.community
|
|
UpdateScriptsFolder="/usr/lib/ffdns/"
|
|
ZoneFilesFolder="/etc/bind/fff/"
|
|
BindIncludeFileFolder="/etc/bind/"
|
|
|
|
# -1 -> disable bind [restart|reload]
|
|
# 0 -> Debian (and like) systemctl [reload|restart] bind9
|
|
# 1 -> use rndc to [reload zone|reconfig] (recommended; rndc needs setup first)
|
|
# 2 -> OpenWRT /etc/init.d/named [reload|restart]
|
|
export DNSSCRIPT_BIND_RELOAD_VER=0
|
|
|
|
# only necessary when rndc is used
|
|
InternalViews="icvpn-internal-view icvpn-internal-dns64-view"
|
|
ExternalView="external-view"
|
|
|
|
# TTL Refresh Retry Expire Minimum
|
|
TTLReReExMi="3600 2000 6400 2419200 86400"
|
|
|
|
# ForwardZones: "<Zone>/<Zonendatei>" ; optionaly multiple " ""<ZoneX>/<ZonendateiX>" no spaces in full filename
|
|
ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.""$CommunityDomain"
|
|
|
|
|
|
#############################################################
|
|
cd "$UpdateScriptsFolder"
|
|
|
|
. ./dns-functions.sh
|
|
|
|
MasterFile="$ZoneFilesFolder""db.""$CommunityDomain"
|
|
BindInternalConfTmp="/tmp/""$CommunityDomain""-internal.conf"
|
|
BindExternalConfTmp="/tmp/""$CommunityDomain""-external.conf"
|
|
BindIcvpnAclTmp="/tmp/icvpn-acl.conf"
|
|
BindInternalConf="$BindIncludeFileFolder""$CommunityDomain""-internal.conf"
|
|
BindExternalConf="$BindIncludeFileFolder""$CommunityDomain""-external.conf"
|
|
BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf"
|
|
|
|
PreFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
|
curl -s -S -f "$RemoteLocation""db.""$CommunityDomain" --output "$MasterFile"
|
|
PostFetchMasterSerial="$(GetZoneFileSerial "$MasterFile")"
|
|
|
|
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ]; then
|
|
ReloadZone "$CommunityDomain" "$InternalViews"
|
|
fi
|
|
|
|
rm -f "$BindInternalConfTmp"
|
|
rm -f "$BindExternalConfTmp"
|
|
InsertZoneToIncludeFile "$CommunityDomain" "$MasterFile" "$BindInternalConfTmp"
|
|
InsertZoneToIncludeFile "$CommunityDomain" "$ZoneFilesFolder""dbextern.""$CommunityDomain" "$BindExternalConfTmp"
|
|
|
|
for Subnet in $CommunitySubnets; do
|
|
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
|
for RDomain in $ReverseDomains; do
|
|
ReverseZoneFile="$(GetReverseZoneFileFromZone "${RDomain%*.}")"
|
|
! curl -s -f "$RemoteLocation""static.""$ReverseZoneFile" \
|
|
--output "$ZoneFilesFolder""static.""$ReverseZoneFile" && \
|
|
rm -f "$ZoneFilesFolder""static.""$ReverseZoneFile"
|
|
./update-rdnszone.sh "$RDomain" "$ForwardZones" "$ZoneFilesFolder""$ReverseZoneFile" "$TTLReReExMi" "$InternalViews"
|
|
InsertZoneToIncludeFile "$RDomain" "$ZoneFilesFolder""$ReverseZoneFile" "$BindInternalConfTmp"
|
|
done
|
|
done
|
|
|
|
ExternFile="$ZoneFilesFolder""dbextern.""$CommunityDomain"
|
|
./update-extzone.sh "$MasterFile" "$ExternFile" "$CommunityDomain" "$ExternalView"
|
|
|
|
# set shorter TTL for Hoods
|
|
TTLReReExMi="420 360 180 1800 360"
|
|
|
|
Hoods="$(GetOwnHoods "$CommunityDomain" "$MasterFile")"
|
|
|
|
for Hood in $Hoods; do
|
|
HoodDomain="${Hood%%\#*}"".""$CommunityDomain"
|
|
Subnets="$(echo "${Hood#*\#}" | sed -e 's/#/ /g')"
|
|
HoodZoneFile="$ZoneFilesFolder""db.""$HoodDomain"
|
|
if [ ! -f "$HoodZoneFile" ]; then
|
|
{
|
|
echo "\$TTL ${TTLReReExMi%% *}"
|
|
echo "@ IN SOA $DNSSCRIPT_SERVER_NAME""."" $DNSSCRIPT_CONTACT_EMAIL ("
|
|
echo " 1 ; Serial"
|
|
echo " ""$(echo "$TTLReReExMi" | awk '{print $2}')"" ; Refresh"
|
|
echo " ""$(echo "$TTLReReExMi" | awk '{print $3}')"" ; Retry"
|
|
echo " ""$(echo "$TTLReReExMi" | awk '{print $4}')"" ; Expire"
|
|
echo " ""$(echo "$TTLReReExMi" | awk '{print $5}')"" ) ; Negative Cache TTL"
|
|
echo ";"
|
|
echo "@ IN NS $DNSSCRIPT_SERVER_NAME""."""
|
|
GetOwnGlueRecords "$CommunityDomain" "$MasterFile"
|
|
echo ";"
|
|
} > "$HoodZoneFile"
|
|
fi
|
|
./update-hoodzone.sh "$HoodZoneFile" "$HoodDomain" "$Subnets" "$InternalViews"
|
|
|
|
InsertZoneToIncludeFile "$HoodDomain" "$HoodZoneFile" "$BindInternalConfTmp"
|
|
InsertZoneToIncludeFile "$HoodDomain" "$ZoneFilesFolder""dbextern.""$HoodDomain" "$BindExternalConfTmp"
|
|
|
|
HoodForwardZones="$ForwardZones $HoodDomain""/""$HoodZoneFile"
|
|
for Subnet in $Subnets; do
|
|
ReverseDomains="$(GetReverseDomains "$Subnet")"
|
|
for RDomain in $ReverseDomains; do
|
|
ReverseZoneFileFullPath="$ZoneFilesFolder""$(GetReverseZoneFileFromZone "${RDomain%*.}")"
|
|
./update-rdnszone.sh "$RDomain" "$HoodForwardZones" "$ReverseZoneFileFullPath" "$TTLReReExMi" "$InternalViews"
|
|
InsertZoneToIncludeFile "$RDomain" "$ReverseZoneFileFullPath" "$BindInternalConfTmp"
|
|
done
|
|
done
|
|
|
|
ExternFile="$ZoneFilesFolder""dbextern.""$HoodDomain"
|
|
./update-extzone.sh "$HoodZoneFile" "$ExternFile" "$HoodDomain" "$ExternalView"
|
|
done
|
|
|
|
./update-public-acl.sh "$BindIcvpnAclTmp"
|
|
|
|
ReConfigBind=1
|
|
UpdateBindConfig() {
|
|
if [ -f "$1" ] && ! cmp -s "$1" "$2"; then
|
|
mv "$1" "$2"
|
|
ReConfigBind=0
|
|
else
|
|
rm -f "$1"
|
|
fi
|
|
}
|
|
|
|
UpdateBindConfig "$BindIcvpnAclTmp" "$BindIcvpnAcl"
|
|
UpdateBindConfig "$BindInternalConfTmp" "$BindInternalConf"
|
|
UpdateBindConfig "$BindExternalConfTmp" "$BindExternalConf"
|
|
|
|
if [ $ReConfigBind -eq 0 ] || [ -f "/tmp/dnsscript-forcereconf" ]; then
|
|
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then
|
|
systemctl restart bind9
|
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then
|
|
rndc reconfig
|
|
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then
|
|
/etc/init.d/named restart
|
|
fi
|
|
rm -f "/tmp/dnsscript-forcereconf"
|
|
fi |