Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash
source {dnssec_conffile}
pardomain="${1::-1}"
echo "$0 $1 $2 $3 $4 results in domain: $pardomain" > /tmp/.last-call-to-dnssec-update
if [ ! -d $backuppath ]; then mkdir -p $backuppath; fi
#connect to database for testing
mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
if [ "$mysqlcheck" = 0 ];then
echo "$0 could not connect to database"
cd $curdir
exit 0
fi
mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select id,serial from dns_soa where active='Y' and origin='$pardomain.';" | awk {' print $1":"$2 '}`
echo $mysqlcheck
zoneid=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $1 '}`
domain=$pardomain
serial=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $2 '}`
fserial=`/usr/sbin/named-checkzone $domain $bindpath/$filespre$domain | egrep -ho '[0-9]{10}'`
includecheck=`cat $bindpath/$filespre$domain |grep "INCLUDE" |wc -l`
if [ ! $includecheck = 2 ] ;then
echo "">> $bindpath/pri.$domain
for key in `ls $bindpath/K$pardomain.+*.key`; do
echo "Including $key..."
echo "\$INCLUDE $key">> $bindpath/pri.$domain
done
else
echo "Includes are there. Why ever..."
fi
/usr/sbin/dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o $domain -t $filespre$domain
mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; update dns_soa set serial='$fserial' where origin='$domain.'; update dns_rr set serial='$fserial' WHERE zone=$zoneid"
echo "DNSSEC for $pardomain has been configured"
cd $curdir
exit 0