adding dnssec support
This commit is contained in:
29
DDNS.pm
29
DDNS.pm
@ -8,7 +8,7 @@ use Memoize;
|
|||||||
|
|
||||||
memoize('_gethosts');
|
memoize('_gethosts');
|
||||||
|
|
||||||
our $VERSION = '0.2';
|
our $VERSION = '0.3';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my $me = shift;
|
my $me = shift;
|
||||||
@ -24,7 +24,7 @@ sub _validateTypeOrDie {
|
|||||||
my ($t) = @_;
|
my ($t) = @_;
|
||||||
|
|
||||||
die "Invalid type"
|
die "Invalid type"
|
||||||
unless ($t =~ /^_(vhosts|pureslave|custom)$/);
|
unless ($t =~ /^_(vhosts|pureslave|custom|dnssec)$/);
|
||||||
}
|
}
|
||||||
|
|
||||||
sub _fqdn {
|
sub _fqdn {
|
||||||
@ -127,6 +127,7 @@ sub _gethosts {
|
|||||||
# Find the type of domin that $dom is. If we don't find it, return
|
# Find the type of domin that $dom is. If we don't find it, return
|
||||||
# undef. (The domain $dom ends in a dot; the DNS info we find won't;
|
# undef. (The domain $dom ends in a dot; the DNS info we find won't;
|
||||||
# hence the concat of the extra "." after the lc.)
|
# hence the concat of the extra "." after the lc.)
|
||||||
|
# (Skip _dnssec records in this check.)
|
||||||
sub type {
|
sub type {
|
||||||
my ($this, $dom) = @_;
|
my ($this, $dom) = @_;
|
||||||
|
|
||||||
@ -135,7 +136,8 @@ sub type {
|
|||||||
my @vh = $this->get();
|
my @vh = $this->get();
|
||||||
foreach my $i (@vh) {
|
foreach my $i (@vh) {
|
||||||
if (lc($i->{zone})."." eq lc($dom)) {
|
if (lc($i->{zone})."." eq lc($dom)) {
|
||||||
return $i->{type};
|
return $i->{type}
|
||||||
|
unless ($i->{type} eq '_dnssec');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -148,8 +150,10 @@ sub add {
|
|||||||
_validateOrDie($dom);
|
_validateOrDie($dom);
|
||||||
my $fqdn = _fqdn($dom, $type);
|
my $fqdn = _fqdn($dom, $type);
|
||||||
|
|
||||||
if (my $type = $this->type($dom)) {
|
if (my $existingtype = $this->type($dom)) {
|
||||||
die "Domain $dom already exists [of type $type]";
|
die "Domain $dom already exists [of type $existingtype]"
|
||||||
|
unless ($existingtype eq '_dnssec' ||
|
||||||
|
$type eq '_dnssec');
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->__docmd("update add $fqdn 60 TXT $master");
|
$this->__docmd("update add $fqdn 60 TXT $master");
|
||||||
@ -180,4 +184,19 @@ sub cleanup {
|
|||||||
system("/usr/local/bin/sync-master-vhosts");
|
system("/usr/local/bin/sync-master-vhosts");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub is_dnssec {
|
||||||
|
my ($this, $dom) = @_;
|
||||||
|
|
||||||
|
$dom =~ s/^(.+)\.$/$1/; # remove trailing dot
|
||||||
|
|
||||||
|
my @h = $this->_gethosts('_dnssec');
|
||||||
|
foreach my $i (@h) {
|
||||||
|
if (lc($i->{zone}) eq $dom) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@ -21,6 +21,8 @@ WriteMakefile(
|
|||||||
'bin/list-all',
|
'bin/list-all',
|
||||||
'bin/is-managed',
|
'bin/is-managed',
|
||||||
'bin/validate-master',
|
'bin/validate-master',
|
||||||
|
'bin/add-dnssec',
|
||||||
|
'bin/del-ddnssec',
|
||||||
],
|
],
|
||||||
'AUTHOR' => 'Jorj Bauer <jorj@jorj.org>',
|
'AUTHOR' => 'Jorj Bauer <jorj@jorj.org>',
|
||||||
);
|
);
|
||||||
|
|||||||
@ -37,8 +37,12 @@ if ($changecount) {
|
|||||||
# If we made any changes, then generate the full vhost list
|
# If we made any changes, then generate the full vhost list
|
||||||
my ($fh, $path) = tempfile();
|
my ($fh, $path) = tempfile();
|
||||||
foreach my $i (sort {$a->{zone} cmp $b->{zone}} @vh) {
|
foreach my $i (sort {$a->{zone} cmp $b->{zone}} @vh) {
|
||||||
|
if ($ddns->is_dnssec($i->{zone})) {
|
||||||
|
print $fh "zone \"$i->{zone}\" { type master; file \"/var/lib/bind/vhost/db.$i->{zone}.signed\"; };\n";
|
||||||
|
} else {
|
||||||
print $fh "zone \"$i->{zone}\" { type master; file \"/var/lib/bind/vhost/db.$i->{zone}\"; };\n";
|
print $fh "zone \"$i->{zone}\" { type master; file \"/var/lib/bind/vhost/db.$i->{zone}\"; };\n";
|
||||||
}
|
}
|
||||||
|
}
|
||||||
close $fh;
|
close $fh;
|
||||||
print "Installing new vhost list\n";
|
print "Installing new vhost list\n";
|
||||||
system("install -o bind -g bind $path /var/lib/bind/vhost.zones.9");
|
system("install -o bind -g bind $path /var/lib/bind/vhost.zones.9");
|
||||||
|
|||||||
@ -53,8 +53,12 @@ sub do_rewrite {
|
|||||||
print "Differences found; rewriting slave file.\n";
|
print "Differences found; rewriting slave file.\n";
|
||||||
|
|
||||||
foreach my $i (sort {$a->{zone} cmp $b->{zone}} @vh) {
|
foreach my $i (sort {$a->{zone} cmp $b->{zone}} @vh) {
|
||||||
|
if ($ddns->is_dnssec($i->{zone})) {
|
||||||
|
print $fh "zone \"$i->{zone}\" { type slave; file \"/var/cache/bind/db.$i->{zone}.signed\"; masters { $i->{master}; }; };\n";
|
||||||
|
} else {
|
||||||
print $fh "zone \"$i->{zone}\" { type slave; file \"/var/cache/bind/db.$i->{zone}\"; masters { $i->{master}; }; };\n";
|
print $fh "zone \"$i->{zone}\" { type slave; file \"/var/cache/bind/db.$i->{zone}\"; masters { $i->{master}; }; };\n";
|
||||||
}
|
}
|
||||||
|
}
|
||||||
close $fh;
|
close $fh;
|
||||||
print "Installing new slave host list\n";
|
print "Installing new slave host list\n";
|
||||||
system("install -o bind -g bind $path /etc/bind/martnet.slave.zones.9");
|
system("install -o bind -g bind $path /etc/bind/martnet.slave.zones.9");
|
||||||
|
|||||||
Reference in New Issue
Block a user