create_opendkim_key.sh: add support for creating missing _domainkey zone.
This commit is contained in:
parent
350d05bb8f
commit
593e906704
@ -7,12 +7,12 @@
|
|||||||
# DNS Server
|
# DNS Server
|
||||||
# ----------
|
# ----------
|
||||||
|
|
||||||
# - dns_server
|
# - dns_dkim_zone_master_server
|
||||||
# -
|
# -
|
||||||
# - The DNS Server who is serving the update zone and is used
|
# - The DNS Server who is serving the update zone and is used
|
||||||
# - for the dynamic updates (nsupdate)
|
# - for the dynamic updates (nsupdate)
|
||||||
# -
|
# -
|
||||||
dns_server="b.ns.oopen.de"
|
#dns_dkim_zone_master_server=""
|
||||||
|
|
||||||
# - update_dns
|
# - update_dns
|
||||||
# -
|
# -
|
||||||
@ -109,7 +109,7 @@ dns_server="b.ns.oopen.de"
|
|||||||
# - Script increases the serial for a given domain or a given
|
# - Script increases the serial for a given domain or a given
|
||||||
# - hostname's concerning domain.
|
# - hostname's concerning domain.
|
||||||
# -
|
# -
|
||||||
# - Defaults to /root/bin/bind/bind_set_new_serial.sh
|
# - Defaults to '/root/bin/bind/bind_set_new_serial.sh'
|
||||||
# -
|
# -
|
||||||
#set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
#set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
||||||
|
|
||||||
@ -117,7 +117,25 @@ dns_server="b.ns.oopen.de"
|
|||||||
# -
|
# -
|
||||||
# - Script adds DKIM subdomain delegation for a given domain
|
# - Script adds DKIM subdomain delegation for a given domain
|
||||||
# -
|
# -
|
||||||
#create_dkim_delegation_script="bind_create_dkim_delegation.sh"
|
# - Defaults to '/root/bin/bind/bind_create_dkim_delegation.sh'
|
||||||
|
# -
|
||||||
|
#create_dkim_delegation_script="/root/bin/bind/bind_create_dkim_delegation.sh"
|
||||||
|
|
||||||
|
# - add_dkim_zone_master_script
|
||||||
|
# -
|
||||||
|
# - Script adds zone _domainkey.<dkim domain> as master zone
|
||||||
|
# -
|
||||||
|
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_master.sh'
|
||||||
|
# -
|
||||||
|
#add_dkim_zone_master_script="/root/bin/bind/bind_add_dkim_zone_master.sh"
|
||||||
|
|
||||||
|
# - add_dkim_zone_slave_script
|
||||||
|
# -
|
||||||
|
# - Script adds zone _domainkey.<dkim domain> as slave zone
|
||||||
|
# -
|
||||||
|
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_slave.sh'
|
||||||
|
# -
|
||||||
|
#add_dkim_zone_slave_script="/root/bin/bind/bind_add_dkim_zone_slave.sh"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -26,7 +26,8 @@ DEFAULT_dns_ssh_key="/root/.ssh/id_rsa-opendkim"
|
|||||||
|
|
||||||
DEFAULT_set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
DEFAULT_set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
||||||
DEFAULT_create_dkim_delegation_script="/root/bin/bind/bind_create_dkim_delegation.sh"
|
DEFAULT_create_dkim_delegation_script="/root/bin/bind/bind_create_dkim_delegation.sh"
|
||||||
#DEFAULT_
|
DEFAULT_add_dkim_zone_master_script="/root/bin/bind/bind_add_dkim_zone_master.sh"
|
||||||
|
DEFAULT_add_dkim_zone_slave_script="/root/bin/bind/bind_add_dkim_zone_slave.sh"
|
||||||
|
|
||||||
opendkim_dir="/etc/opendkim"
|
opendkim_dir="/etc/opendkim"
|
||||||
|
|
||||||
@ -204,27 +205,27 @@ info (){
|
|||||||
|
|
||||||
echo_done() {
|
echo_done() {
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo -e "\033[75G[ \033[32mdone\033[m ]"
|
echo -e "\033[80G[ \033[32mdone\033[m ]"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
echo_ok() {
|
echo_ok() {
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo -e "\033[75G[ \033[32mok\033[m ]"
|
echo -e "\033[80G[ \033[32mok\033[m ] "
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
echo_failed(){
|
echo_failed(){
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
|
echo -e "\033[80G[ \033[1;31mfailed\033[m ]"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
echo_skipped() {
|
echo_skipped() {
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
|
echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
echo_wait(){
|
echo_wait(){
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo -en "\033[75G[ \033[5m\033[1m...\033[m ]"
|
echo -en "\033[80G[ \033[5m\033[1m...\033[m ]"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -346,7 +347,7 @@ while getopts bd:D:hns:t:z: opt ; do
|
|||||||
case $opt in
|
case $opt in
|
||||||
b) BATCH_MODE=true ;;
|
b) BATCH_MODE=true ;;
|
||||||
d) dkim_domain=$OPTARG ;;
|
d) dkim_domain=$OPTARG ;;
|
||||||
D) dns_server=$OPTARG ;;
|
D) dns_dkim_zone_master_server=$OPTARG ;;
|
||||||
h) usage ;;
|
h) usage ;;
|
||||||
n) update_dns=false ;;
|
n) update_dns=false ;;
|
||||||
s) key_secret=$OPTARG ;;
|
s) key_secret=$OPTARG ;;
|
||||||
@ -496,9 +497,12 @@ fi
|
|||||||
if $update_dns && [[ -z "$ttl" ]]; then
|
if $update_dns && [[ -z "$ttl" ]]; then
|
||||||
ttl="$DEFAULT_ttl"
|
ttl="$DEFAULT_ttl"
|
||||||
fi
|
fi
|
||||||
if $update_dns && [[ -z "$dns_server" ]]; then
|
if $update_dns && [[ -z "$dns_dkim_zone_master_server" ]]; then
|
||||||
fatal "No DNS server for updating given!"
|
fatal "No DNS server for updating given!"
|
||||||
fi
|
fi
|
||||||
|
if [[ -z "$(dig +short ${dkim_domain} NS)" ]] ; then
|
||||||
|
fatal "No Nameserver for domain '${dkim_domain}' found!"
|
||||||
|
fi
|
||||||
|
|
||||||
if $update_dns ; then
|
if $update_dns ; then
|
||||||
cname_record="*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}."
|
cname_record="*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}."
|
||||||
@ -512,6 +516,8 @@ fi
|
|||||||
#Scripts envoked at DNS Server
|
#Scripts envoked at DNS Server
|
||||||
[[ -z "$set_new_serial_script" ]] && set_new_serial_script="$DEFAULT_set_new_serial_script"
|
[[ -z "$set_new_serial_script" ]] && set_new_serial_script="$DEFAULT_set_new_serial_script"
|
||||||
[[ -z "$create_dkim_delegation_script" ]] && create_dkim_delegation_script="$DEFAULT_create_dkim_delegation_script"
|
[[ -z "$create_dkim_delegation_script" ]] && create_dkim_delegation_script="$DEFAULT_create_dkim_delegation_script"
|
||||||
|
[[ -z "$add_dkim_zone_master_script" ]] && add_dkim_zone_master_script="$DEFAULT_add_dkim_zone_master_script"
|
||||||
|
[[ -z "$add_dkim_zone_slave_script" ]] && add_dkim_zone_slave_script="$DEFAULT_add_dkim_zone_slave_script"
|
||||||
|
|
||||||
blank_line
|
blank_line
|
||||||
|
|
||||||
@ -530,7 +536,7 @@ if $terminal ; then
|
|||||||
echo -e " Create/Update DKIM TXT record....: \033[33mNo\033[m"
|
echo -e " Create/Update DKIM TXT record....: \033[33mNo\033[m"
|
||||||
fi
|
fi
|
||||||
echo ""
|
echo ""
|
||||||
echo " DNS Server.......................: $dns_server"
|
echo " DNS Master Server................: $dns_dkim_zone_master_server"
|
||||||
if [[ -z "$ttl" ]] || [[ "${ttl,,}" = "none" ]] ; then
|
if [[ -z "$ttl" ]] || [[ "${ttl,,}" = "none" ]] ; then
|
||||||
echo -e " TTL for the DKIM TXT Record......: \033[33m- Not set -\033[m"
|
echo -e " TTL for the DKIM TXT Record......: \033[33m- Not set -\033[m"
|
||||||
else
|
else
|
||||||
@ -558,6 +564,16 @@ if $terminal && ! $BATCH_MODE ; then
|
|||||||
fatal "Abort by user request - Answer as not 'YES'"
|
fatal "Abort by user request - Answer as not 'YES'"
|
||||||
fi
|
fi
|
||||||
echo ""
|
echo ""
|
||||||
|
else
|
||||||
|
declare -i _count=0
|
||||||
|
declare -i _stop=${#dkim_domain}+2
|
||||||
|
echo ""
|
||||||
|
echo "*${dkim_domain}*"
|
||||||
|
while [[ $_count -lt $_stop ]] ; do
|
||||||
|
echo -n "="
|
||||||
|
((_count++))
|
||||||
|
done
|
||||||
|
echo ""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@ -566,7 +582,19 @@ key_dir=${key_base_dir}/${dkim_domain}
|
|||||||
dkim_domain_shortname="${dkim_domain%.*}"
|
dkim_domain_shortname="${dkim_domain%.*}"
|
||||||
|
|
||||||
declare -a generated_files_arr=()
|
declare -a generated_files_arr=()
|
||||||
|
|
||||||
|
declare -a dns_dkim_zone_slave_server_arr=()
|
||||||
|
for _server in $(dig +short ${dkim_domain} NS) ; do
|
||||||
|
# - Eliminate trailing '.' character(s)
|
||||||
|
# -
|
||||||
|
_server="${_server%"${_server##*[!\.]}"}"
|
||||||
|
|
||||||
|
[[ "$_server" = "$dns_dkim_zone_master_server" ]] && continue
|
||||||
|
dns_dkim_zone_slave_server_arr+=("$_server")
|
||||||
|
done
|
||||||
|
|
||||||
_create_delegation=false
|
_create_delegation=false
|
||||||
|
_create_dkim_zone=false
|
||||||
|
|
||||||
_wait=false
|
_wait=false
|
||||||
if $update_dns && [[ "$dkim_domain" != "$update_zone" ]] ; then
|
if $update_dns && [[ "$dkim_domain" != "$update_zone" ]] ; then
|
||||||
@ -592,7 +620,13 @@ if $update_dns && [[ "$dkim_domain" != "$update_zone" ]] ; then
|
|||||||
if ! $_create_delegation ; then
|
if ! $_create_delegation ; then
|
||||||
_tmp_string="; ----- Delegation DKIM Keys ${dkim_domain}"
|
_tmp_string="; ----- Delegation DKIM Keys ${dkim_domain}"
|
||||||
for _server in $(dig +short ${dkim_domain} NS) ; do
|
for _server in $(dig +short ${dkim_domain} NS) ; do
|
||||||
_tmp_string="$_tmp_string\n${update_zone}. IN NS $_server"
|
|
||||||
|
|
||||||
|
# - Eliminate trailing '.' character(s)
|
||||||
|
# -
|
||||||
|
_server="${_server%"${_server##*[!\.]}"}"
|
||||||
|
|
||||||
|
_tmp_string="$_tmp_string\n${update_zone}. IN NS ${_server}."
|
||||||
done
|
done
|
||||||
|
|
||||||
|
|
||||||
@ -620,6 +654,7 @@ if $_create_delegation ; then
|
|||||||
# - Generate Subdomain delegation for zone update_zone
|
# - Generate Subdomain delegation for zone update_zone
|
||||||
# -
|
# -
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
|
echo ""
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " \033[32mGenerate Subdomain delegation for zone \033[37m\033[1m${update_zone}\033[m"
|
echo -e " \033[32mGenerate Subdomain delegation for zone \033[37m\033[1m${update_zone}\033[m"
|
||||||
echo ""
|
echo ""
|
||||||
@ -637,6 +672,7 @@ if $_create_delegation ; then
|
|||||||
# - Check if Nameserver is accessable via ssh
|
# - Check if Nameserver is accessable via ssh
|
||||||
# -
|
# -
|
||||||
echononl "Check if Nameserver '$_dns_master' is accessable via ssh .."
|
echononl "Check if Nameserver '$_dns_master' is accessable via ssh .."
|
||||||
|
echo_wait
|
||||||
ssh -q -p $dns_ssh_port \
|
ssh -q -p $dns_ssh_port \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
@ -650,7 +686,9 @@ if $_create_delegation ; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# - Check if Script '$set_new_serial_script' is accessable via ssh .."
|
# - Check if Script '$set_new_serial_script' is accessable via ssh .."
|
||||||
echononl "Check if Script '$set_new_serial_script' .."
|
# -
|
||||||
|
echononl "Check Script '$set_new_serial_script' .."
|
||||||
|
echo_wait
|
||||||
ssh -q -p $dns_ssh_port \
|
ssh -q -p $dns_ssh_port \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
@ -664,7 +702,9 @@ if $_create_delegation ; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# - Check if Script '$create_dkim_delegation_script' is accessable via ssh .."
|
# - Check if Script '$create_dkim_delegation_script' is accessable via ssh .."
|
||||||
echononl "Check if Script '$create_dkim_delegation_script'.."
|
# -
|
||||||
|
echononl "Check Script '$create_dkim_delegation_script'.."
|
||||||
|
echo_wait
|
||||||
ssh -q -p $dns_ssh_port \
|
ssh -q -p $dns_ssh_port \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
@ -679,7 +719,9 @@ if $_create_delegation ; then
|
|||||||
|
|
||||||
blank_line
|
blank_line
|
||||||
|
|
||||||
|
_delegation_created=false
|
||||||
echononl "Create NS Record (delegation) for '$update_zone'.."
|
echononl "Create NS Record (delegation) for '$update_zone'.."
|
||||||
|
echo_wait
|
||||||
ssh -q -p $dns_ssh_port \
|
ssh -q -p $dns_ssh_port \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
@ -693,7 +735,6 @@ if $_create_delegation ; then
|
|||||||
else
|
else
|
||||||
echo ""
|
echo ""
|
||||||
echo " [ Info ] DKIM subdomain delegation for ${update_zone} already exists."
|
echo " [ Info ] DKIM subdomain delegation for ${update_zone} already exists."
|
||||||
echo ""
|
|
||||||
|
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
@ -703,9 +744,9 @@ if $_create_delegation ; then
|
|||||||
else
|
else
|
||||||
echo ""
|
echo ""
|
||||||
echo " [ Info ] DKIM subdomain delegation for ${update_zone} successfully added."
|
echo " [ Info ] DKIM subdomain delegation for ${update_zone} successfully added."
|
||||||
echo ""
|
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
_delegation_created=true
|
||||||
;;
|
;;
|
||||||
11) $terminal && echo_failed
|
11) $terminal && echo_failed
|
||||||
fatal "No zonefile for domain '$dkim_domain' found!"
|
fatal "No zonefile for domain '$dkim_domain' found!"
|
||||||
@ -729,6 +770,8 @@ if $_create_delegation ; then
|
|||||||
|
|
||||||
|
|
||||||
echononl "Increase serial an reload zone ($dkim_domain).."
|
echononl "Increase serial an reload zone ($dkim_domain).."
|
||||||
|
echo_wait
|
||||||
|
if $_delegation_created ; then
|
||||||
ssh -q -p $dns_ssh_port \
|
ssh -q -p $dns_ssh_port \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
@ -742,7 +785,6 @@ if $_create_delegation ; then
|
|||||||
else
|
else
|
||||||
echo ""
|
echo ""
|
||||||
echo " [ Info ] Serial is replaced and Zone is reloaded (${update_zone})."
|
echo " [ Info ] Serial is replaced and Zone is reloaded (${update_zone})."
|
||||||
echo ""
|
|
||||||
|
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
@ -772,18 +814,201 @@ if $_create_delegation ; then
|
|||||||
;;
|
;;
|
||||||
|
|
||||||
esac
|
esac
|
||||||
|
else
|
||||||
|
echo_skipped
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
fi # if $_create_delegation
|
||||||
|
|
||||||
if [[ -z "$(dig +short ${update_zone}. NS)" ]] ; then
|
|
||||||
fatal "No NS Record found for zone \033[1m${update_zone}.\033[m"
|
# - Check if zonefile creation is needed
|
||||||
|
# -
|
||||||
|
for _server in ${dns_dkim_zone_slave_server_arr[@]} ; do
|
||||||
|
if [[ -z "$(dig +short @$_server ${update_zone}. NS)" ]] ; then
|
||||||
|
_create_dkim_zone=true
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
if ! $_create_dkim_zone && [[ -z "$(dig +short @$dns_dkim_zone_master_server +short ${update_zone}. NS)" ]] ; then
|
||||||
|
_create_dkim_zone=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if $_create_dkim_zone ; then
|
||||||
|
|
||||||
|
blank_line
|
||||||
|
|
||||||
|
# - Check if Script '$add_dkim_zone_master_script' is accessable via ssh .."
|
||||||
|
# -
|
||||||
|
echononl "Check Script '$add_dkim_zone_master_script'.."
|
||||||
|
echo_wait
|
||||||
|
ssh -q -p $dns_ssh_port \
|
||||||
|
-o BatchMode=yes \
|
||||||
|
-o StrictHostKeyChecking=no \
|
||||||
|
-i $dns_ssh_key \
|
||||||
|
$dns_ssh_user@$dns_dkim_zone_master_server "sudo $add_dkim_zone_master_script check" > /dev/null 2>&1
|
||||||
|
if [[ $? -gt 0 ]] ;then
|
||||||
|
echo_failed
|
||||||
|
fatal "Script '$add_dkim_zone_master_script' is NOT accessable via ssh!"
|
||||||
|
else
|
||||||
|
echo_ok
|
||||||
|
fi
|
||||||
|
|
||||||
|
# - Check if Script '$add_dkim_zone_slave_script' is accessable on slave servers
|
||||||
|
# -
|
||||||
|
for _server in ${dns_dkim_zone_slave_server_arr[@]} ; do
|
||||||
|
echononl "Check Script '$add_dkim_zone_master_script'at $_server .."
|
||||||
|
echo_wait
|
||||||
|
ssh -q -p $dns_ssh_port \
|
||||||
|
-o BatchMode=yes \
|
||||||
|
-o StrictHostKeyChecking=no \
|
||||||
|
-i $dns_ssh_key \
|
||||||
|
$dns_ssh_user@$_server "sudo $add_dkim_zone_slave_script check" > /dev/null 2>&1
|
||||||
|
if [[ $? -gt 0 ]] ;then
|
||||||
|
echo_failed
|
||||||
|
fatal "Script '$add_dkim_zone_master_script' is NOT accessable via ssh!"
|
||||||
|
else
|
||||||
|
echo_ok
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
blank_line
|
||||||
|
|
||||||
|
# - Create zone zone $update_zone at dns master
|
||||||
|
# -
|
||||||
|
if $terminal ; then
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo -e " \033[32mCreate zone \033[37m\033[1m${update_zone}\033[m at dns master."
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
echononl "Create zone '${update_zone}' at dns master '${_dns_master}'.."
|
||||||
|
echo_wait
|
||||||
|
ssh -q -p $dns_ssh_port \
|
||||||
|
-o BatchMode=yes \
|
||||||
|
-o StrictHostKeyChecking=no \
|
||||||
|
-i $dns_ssh_key \
|
||||||
|
$dns_ssh_user@$dns_dkim_zone_master_server "sudo $add_dkim_zone_master_script $dkim_domain" > /dev/null 2>&1
|
||||||
|
ret_val=$?
|
||||||
|
case $ret_val in
|
||||||
|
0) $terminal && echo_ok
|
||||||
|
if $terminal ; then
|
||||||
|
info "Master zone \033[1m${update_zone}\033[m and zone file created."
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo " [ Info ] Master zone '${update_zone}'and zone file created."
|
||||||
|
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
1) $terminal && echo_ok
|
||||||
|
if $terminal ; then
|
||||||
|
info "Master zone \033[1m${update_zone}\033[m already exists, zone file created."
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo " [ Info ] Master zone '${update_zone}' already exists, zone file created."
|
||||||
|
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
2) $terminal && echo_skipped
|
||||||
|
if $terminal ; then
|
||||||
|
info "Master zone \033[1m${update_zone}\033[m and zone file already exists."
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo " [ Info ] Master zone '${update_zone}' and zone file already exists."
|
||||||
|
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
10) $terminal && echo_failed
|
||||||
|
fatal "Missing option for zone definition!"
|
||||||
|
;;
|
||||||
|
15) $terminal && echo_failed
|
||||||
|
fatal "DKIM domain '$dkim_domain' not supported by this nameserver!"
|
||||||
|
;;
|
||||||
|
20) $terminal && echo_failed
|
||||||
|
fatal "Adding Zone definition for '${update_zone}' failed!"
|
||||||
|
;;
|
||||||
|
21) $terminal && echo_failed
|
||||||
|
fatal "Adding Zonefile for '${update_zone}' failed!"
|
||||||
|
;;
|
||||||
|
22) $terminal && echo_failed
|
||||||
|
fatal "Change owner for newly created zonefile failed!"
|
||||||
|
;;
|
||||||
|
23) $terminal && echo_failed
|
||||||
|
fatal "Reload bind configuration failed!"
|
||||||
|
;;
|
||||||
|
99) $terminal && echo_failed
|
||||||
|
fatal "Fatal error!"
|
||||||
|
;;
|
||||||
|
*) $terminal && echo_failed
|
||||||
|
fatal "Unknown exit code from remote script \"$create_dkim_delegation_script\"!"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
# - Create zone $update_zone ar dns slave(s)
|
||||||
|
# -
|
||||||
|
if $terminal ; then
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo -e " \033[32mCreate zone \033[37m\033[1m${update_zone}\033[m at dns slave(s)."
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
|
||||||
|
for _server in ${dns_dkim_zone_slave_server_arr[@]} ; do
|
||||||
|
echononl "Create zone '${update_zone}' at dns slave '${_server}'.."
|
||||||
|
echo_wait
|
||||||
|
ssh -q -p $dns_ssh_port \
|
||||||
|
-o BatchMode=yes \
|
||||||
|
-o StrictHostKeyChecking=no \
|
||||||
|
-i $dns_ssh_key \
|
||||||
|
$dns_ssh_user@$_server "sudo $add_dkim_zone_slave_script $dkim_domain" > /dev/null 2>&1
|
||||||
|
ret_val=$?
|
||||||
|
case $ret_val in
|
||||||
|
0) $terminal && echo_ok
|
||||||
|
if $terminal ; then
|
||||||
|
info "Slave zone \033[1m${update_zone}\033[m at '${_server}' configured."
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo " [ Info ] Slave zone '${update_zone}' at '${_server}' configured."
|
||||||
|
|
||||||
|
fi
|
||||||
|
echononl "Sleeping 5 seconds.."
|
||||||
|
echo_wait
|
||||||
|
echo_ok
|
||||||
|
sleep 5
|
||||||
|
;;
|
||||||
|
1) $terminal && echo_skipped
|
||||||
|
if $terminal ; then
|
||||||
|
info "Slave zone \033[1m${update_zone}\033[m already exists at '${_server}'."
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo " [ Info ] Slave zone '${update_zone}' already exists '${_server}'."
|
||||||
|
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
15) $terminal && echo_failed
|
||||||
|
fatal "Variable for DNS Master Server (DKIM_DNS_MASTER) not present!"
|
||||||
|
;;
|
||||||
|
21) $terminal && echo_failed
|
||||||
|
fatal "Adding Slave Zone '${update_zone}' at '${_server}' failed!"
|
||||||
|
;;
|
||||||
|
23) $terminal && echo_failed
|
||||||
|
fatal "Reload bind configuration failed!"
|
||||||
|
;;
|
||||||
|
99) $terminal && echo_failed
|
||||||
|
fatal "Fatal error!"
|
||||||
|
;;
|
||||||
|
*) $terminal && echo_failed
|
||||||
|
fatal "Unknown exit code from remote script \"$create_dkim_delegation_script\"!"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# - Generate private/public keys
|
# - Generate private/public keys
|
||||||
# -
|
# -
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
|
echo ""
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " \033[32mGenerate Generate private/public keys\033[m"
|
echo -e " \033[32mGenerate Generate private/public keys\033[m"
|
||||||
echo ""
|
echo ""
|
||||||
@ -931,13 +1156,13 @@ if $update_dns ; then
|
|||||||
# -
|
# -
|
||||||
if $terminal ; then
|
if $terminal ; then
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " \033[32mUpdate DNS Server \033[37m\033[1m${dns_server}\033[m"
|
echo -e " \033[32mUpdate DNS Server \033[37m\033[1m${dns_dkim_zone_master_server}\033[m"
|
||||||
echo ""
|
echo ""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echononl " Update zone '$update_zone' .."
|
echononl " Update zone '$update_zone' .."
|
||||||
cat <<EOF | nsupdate -v > $log_file 2>&1
|
cat <<EOF | nsupdate -v > $log_file 2>&1
|
||||||
server $dns_server
|
server $dns_dkim_zone_master_server
|
||||||
zone $update_zone
|
zone $update_zone
|
||||||
key ${key_algo}:$key_name $key_secret
|
key ${key_algo}:$key_name $key_secret
|
||||||
update delete ${dkim_domain}.${update_zone}.
|
update delete ${dkim_domain}.${update_zone}.
|
||||||
@ -1021,6 +1246,7 @@ if $terminal ; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
echononl " Restart OpenDKIM.."
|
echononl " Restart OpenDKIM.."
|
||||||
|
echo_wait
|
||||||
if $systemd_supported ; then
|
if $systemd_supported ; then
|
||||||
systemctl restart opendkim > $log_file 2>&1
|
systemctl restart opendkim > $log_file 2>&1
|
||||||
if [[ $? -eq 0 ]] ; then
|
if [[ $? -eq 0 ]] ; then
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user