#!/bin/bash
source {dnssec_conffile}
pardomain="${1::-1}"

if [ ! -d $backuppath ]; then mkdir -p $backuppath; fi
#connect to database for testing
mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
if [ "$mysqlcheck" = 0 ];then
 echo "$0 could not connect to database"
 cd $curdir
 exit 0
fi

if [ ! -f .dsset-$pardomain ] ; then
	{ispconfig_install_dir}/server/scripts/dnssec-create.sh $pardomain.
fi

mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select id,serial from dns_soa where active='Y' and origin='$pardomain.';" | awk {' print $1":"$2 '}`
  echo $mysqlcheck
  zoneid=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $1 '}`
  domain=$pardomain
  serial=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $2 '}`
  fserial=`/usr/sbin/named-checkzone $domain $bindpath/$filespre$domain | egrep -ho '[0-9]{10}'`
     includecheck=`cat $bindpath/$filespre$domain |grep "INCLUDE" |wc -l`
      if [ ! $includecheck = 2 ] ;then
	   echo "">> $bindpath/pri.$domain
       for key in `ls $bindpath/K$pardomain.+*.key`; do
		echo "Including $key..."
       echo "\$INCLUDE $key">> $bindpath/pri.$domain
       done
	  else
		echo "Includes are there. Why ever..."
      fi

    /usr/sbin/dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o $domain -t $filespre$domain
    mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; update dns_soa set serial='$fserial' where origin='$domain.'; update dns_rr set serial='$fserial' WHERE zone=$zoneid"

echo "DNSSEC for $pardomain has been configured"
cd $curdir
exit 0