Newer
Older
#!/bin/bash
source {dnssec_conffile}
pardomain="${1::-1}"
if [ ! -d $backuppath ]; then mkdir -p $backuppath; fi
#connect to database for testing
mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
if [ "$mysqlcheck" = 0 ];then
echo "$0 could not connect to database"
cd $curdir
exit 0
fi
if [ ! -f .dsset-$pardomain ] ; then
{ispconfig_install_dir}/server/scripts/dnssec-create.sh $pardomain.
fi
mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select id,serial from dns_soa where active='Y' and origin='$pardomain.';" | awk {' print $1":"$2 '}`
echo $mysqlcheck
zoneid=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $1 '}`
domain=$pardomain
serial=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $2 '}`
fserial=`/usr/sbin/named-checkzone $domain $bindpath/$filespre$domain | egrep -ho '[0-9]{10}'`
includecheck=`cat $bindpath/$filespre$domain |grep "INCLUDE" |wc -l`
if [ ! $includecheck = 2 ] ;then
echo "">> $bindpath/pri.$domain
for key in `ls $bindpath/K$pardomain.+*.key`; do
echo "Including $key..."
echo "\$INCLUDE $key">> $bindpath/pri.$domain
done
else
echo "Includes are there. Why ever..."
fi
/usr/sbin/dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o $domain -t $filespre$domain
mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; update dns_soa set serial='$fserial' where origin='$domain.'; update dns_rr set serial='$fserial' WHERE zone=$zoneid"
echo "DNSSEC for $pardomain has been configured"
cd $curdir
exit 0