diff --git a/conf/create_opendkim_key.conf.sample b/conf/create_opendkim_key.conf.sample new file mode 100644 index 0000000..92770d5 --- /dev/null +++ b/conf/create_opendkim_key.conf.sample @@ -0,0 +1,104 @@ +# --------------------------------------------------------- +# - Parameter Settings for script 'create_opendkim_key.sh'. +# --------------------------------------------------------- + + +# ---------- +# DNS Server +# ---------- + +# - dns_server +# - +# - The DNS Server who is serving the update zone and is used +# - for the dynamic updates (nsupdate) +# - +dns_server="b.ns.oopen.de" + +# - update_dns +# - +# - Possible Values are 'true' or 'false' +# - +#update_dns="" + +# - update_zone +# - +# - Zone containing the DKIM TXT record. +# - +# - Example: +# - update_zone="dkim.oopen.de" +# - +#update_zone="" + +# - TTL +# - +# - TTL for the DKIM TXT Record. +# - +# - Defaults to "360" +#TTL=360 + + +# ---------- +# TSIG Key +# ---------- + +# - key_secret +# - +# - Sectret Key used by 'nsupdate' to create/update the +# - DKIM TXT record. +# - +# - Example: +# - key_secret="EtvvMdW0PXD4GMHP+onuHZ0dT/Z8OSJGlce/xH10OwI=" +# - +#key_secret="" + +# - key_algo +# - +# - The key algorithm used for key creation. Available choices are: hmac-md5, +# - hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512. The +# - default is hmac-sha256. Options are case-insensitive. +# - +# - Example: +# - key_algo="hmac-md5" +# - +# - Defaults to 'hmac-sha256' +# - +#key_algo="hmac-sha256" + +# - key_name +# - +# - Name of the Key +# - +# - Defaults to "$update_zone" +# - +#key_name= + + +# ---------- +# OpenDKIM Installation +# ---------- + +# - opendkim_dir +# - +# - OpenDKIM's etc-directory +# - +# - Defaults to opendkim_dir="/etc/opendkim" +# - +#opendkim_dir="/etc/opendkim" + +# - key_base_dir +# - +# - Defaults to "${opendkim_dir}/keys" +# - +#key_base_dir=${opendkim_dir}/keys + +# - signing_table_file +# - +# - Defaults to "${opendkim_dir}/signing.table" +# - +#signing_table_file="${opendkim_dir}/signing.table" + +# - key_table_file +# - +# - Defaults to "${opendkim_dir}/key.table" +# - +#key_table_file="${opendkim_dir}/key.table" diff --git a/create_opendkim_key.sh b/create_opendkim_key.sh index 6b1266e..6df6d58 100755 --- a/create_opendkim_key.sh +++ b/create_opendkim_key.sh @@ -1,50 +1,119 @@ #!/usr/bin/env bash +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +conf_file="${working_dir}/conf/${script_name%%.*}.conf" + +LOCK_DIR="/tmp/$(basename $0).$$.LOCK" +log_file="${LOCK_DIR}/${script_name%%.*}.log" + # ------------- -# - Settings +# - Default values # ------------- -#_src_base_dir="$(realpath $(dirname $0))" -#conf_file="${_src_base_dir}/conf/install_opendkim.conf" - -log_file="$(mktemp)" +# - Give your default values here +# - +LOGGING=false +BATCH_MODE=false +DEFAULT_key_algo="hmac-sha256" +DEFAULT_ttl=360 opendkim_dir="/etc/opendkim" signing_table_file="${opendkim_dir}/signing.table" key_table_file="${opendkim_dir}/key.table" +key_base_dir=${opendkim_dir}/keys + # ------------- -# --- Some functions +# --- Functions # ------------- usage() { - echo - [ -n "$1" ] && echo -e "Error: $1\n" -cat< - the domain for which DKIM support will be configured. If not give, the domain will be + $(basename $0) [-a ] [-b] [-d ] [-h] [-n] [-s ] + [-z + +\033[1mDescription\033[m + + This script generates DKIM key for a given DKIM domain. If the domain name is not given + at command line by using \033[1m-d\033[m flag, the domain name will be requested + interactively unless flag \033[1m-b\033[m (batch mode) is set. + + Unless flag \033[1m-n\033[m is set, also DNS entry for DKIM is set/updated at zone file + for given update zone (flag \033[1m-z\033[m), So a CNAME record is needed at zone file for the + given DKIM domain. This record looks like: + + \033[1m*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}.\033[m + + +\033[1mOptions\033[m + + -a + Specifies the algorithm to use for the TSIG key. Available choices are: hmac-md5, + hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512. The default is + hmac-sha256. Options are case-insensitive + + -b + Script will run in batch mode, no user interaction is made. Flag \033[1m-n\033[m is + ignored, or in other words: running in batch mode implies updating DNS DKIM record. + Useful for cronjob. + + -d + The domain for which DKIM support will be configured. If not give, the domain will be requested interactivly. + -D + Specifies the domain server where to send the dynamic updates. + -h Prints this help. -EOF -exit 1 + -n + Do \033[1mNOT\033[m set/update DNS TXT record for DKIM domain. The default is + to update DNS entry. + + -s + Give the secret for the key used by nsupdate to create/update the DNS TXT record. + + -z + The zone which is updated with the TXT entry for DKIM by using 'nsupdate'. + +\033[1mFiles\033[m + + $conf_file: Configuration file + +\033[1mExample:\033[m + + Cretate / Update DKIM key for domain \033[1moopen.de\033[m + + $(basename $0) -d oopen.de +" + clean_up 1 + } +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + blank_line + exit $1 +} + + containsElement () { local e for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done @@ -72,98 +141,370 @@ echononl(){ fatal(){ echo "" - echo -e "fatal error: $*" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ] $*" + else + echo -e " [ Fatal ] $*" + fi echo "" - echo -e "\t\033[31m\033[1mInstalllation will be interrupted\033[m\033[m" + if $terminal ; then + echo -e " \033[1mScript terminated\033[m.." + else + echo -e " Script terminated.." + fi echo "" + rm -rf $LOCK_DIR exit 1 } -error(){ +error (){ echo "" - echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ] $*" + else + echo " [ Error ] $*" + fi echo "" } warn (){ - echo "" - echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*" - echo "" + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mWarn\033[m ] $*" + else + echo " [ Warn ] $*" + fi + echo "" + fi } +todo (){ + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mToDo\033[m ] $*" + else + echo " [ ToDo ] $*" + fi + echo "" + fi +} + + info (){ - echo "" - echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*" - echo "" + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[32m\033[1mInfo\033[m ] $*" + else + echo " [ Info ] $*" + fi + echo "" + fi } echo_done() { - echo -e "\033[80G[ \033[32mdone\033[m ]" + if $terminal ; then + echo -e "\033[75G[ \033[32mdone\033[m ]" + fi } echo_ok() { - echo -e "\033[80G[ \033[32mok\033[m ]" -} -echo_warning() { - echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]" + if $terminal ; then + echo -e "\033[75G[ \033[32mok\033[m ]" + fi } echo_failed(){ - echo -e "\033[80G[ \033[1;31mfailed\033[m ]" + if $terminal ; then + echo -e "\033[75G[ \033[1;31mfailed\033[m ]" + fi } echo_skipped() { - echo -e "\033[80G[ \033[37mskipped\033[m ]" + if $terminal ; then + echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" + fi +} +echo_wait(){ + if $terminal ; then + echo -en "\033[75G[ \033[5m\033[1m...\033[m ]" + fi +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + echo -n "$var" } + + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +# - Create lock directory '$LOCK_DIR" +# +mkdir "$LOCK_DIR" + + + # ------------- -# - Some pre-installation tasks +# - Some checks .. # ------------- +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + terminal=false + BATCH_MODE=true +fi + # - Is 'systemd' supported on this system # - -if [ "X`which systemd`" = "X" ]; then - SYSTEMD_EXISTS=false -else - SYSTEMD_EXISTS=true +# -Is systemd supported on this system? +# - +systemd_supported=false +systemd=$(which systemd) +systemctl=$(which systemctl) + +if [[ -n "$systemd" ]] && [[ -n "$systemctl" ]] ; then + systemd_supported=true fi + + +# ========== +# - Begin Main Script +# ========== + +# ---------- +# - Headline +# ---------- + +if $terminal ; then + echo "" + echo -e "\033[1m----------\033[m" + echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" + echo -e "\033[1m----------\033[m" +fi + + +# ---------- +# Read Configurations from $conf_file +# ---------- + +domain="" +update_zone="" +if [[ -f "$conf_file" ]]; then + source "$conf_file" +else + warn "No configuration file '$conf_file' present." +fi + + # ------------- # - Read in Commandline arguments # ------------- -while getopts hd: opt ; do +while getopts bd:D:hns:t:z: opt ; do case $opt in - d) domain=$OPTARG ;; + b) BATCH_MODE=true ;; + d) dkim_domain=$OPTARG ;; + D) dns_server=$OPTARG ;; h) usage ;; + n) update_dns=false ;; + s) key_secret=$OPTARG ;; + t) ttl=$OPTARG ;; + z) update_zone=$OPTARG ;; \?) usage esac done +# - batch mode implies updating DKIM DNS record +# - +if $BATCH_MODE ; then + update_dns=true +fi -clear -echo -echo -if [[ -n "$domain" ]] ; then - echo -e " \033[32mCreate DKIM configuration for domain \033[37m\033[1m$domain\033[m" -else -#echo "" -echo "" -echo -e "\033[32m--\033[m" -echo "" -if [ -z "$domain" ]; then +if [[ -z "$dkim_domain" ]] && ! $BATCH_MODE ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" echo " Insert a domain name for which DKIM support should be configured." echo "" echo "" - domain= - echononl " Domain: " - read domain - while [ "X$domain" = "X" ] ; do + echononl " DKIM domain: " + read dkim_domain + while [ "X$dkim_domain" = "X" ] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" - echononl " Domain: " - read domain + echononl " DKIM domain: " + read dkim_domain done - echo - echo -e " \033[32mCreate DKIM configuration for domain \033[37m\033[1m$domain\033[m" +elif $terminal ; then + echo -e "\033[32m--\033[m" + info "\033[32mCreate DKIM key/configuration for domain \033[37m\033[1m$dkim_domain\033[m" fi + +if [[ -z "$update_dns" ]] ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echononl " Create/Update DKIM DNS record? (yes/no) [yes]: " + read update_dns + if [[ -z "$(trim $update_dns)" ]] ; then + update_dns=true + elif [[ "${update_dns,,}" = "yes" ]] || [[ "${update_dns,,}" = "true" ]] ; then + update_dns=true + else + update_dns=false + fi + blank_line +fi + + +if $update_dns && [[ -z "$update_zone" ]] && ! $BATCH_MODE ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo " Which zone should contain the DKIM TXT record?" + echo "" + echo "" + echononl " update Zone: " + read update_zone + while [ "X$update_zone" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" + echononl " update Zone: " + read update_zone + done +elif $update_dns && $terminal ; then + echo -e "\033[32m--\033[m" + info "Zone \033[37m\033[1m$update_zone\033[m is used for DKIM TXT record" +fi + + +if $update_dns && [[ -z "$key_secret" ]] && ! $BATCH_MODE ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo " Give the secret of the TSIG update key used by nsupdate." + echo "" + echo "" + echononl " Secret update key: " + read key_secret + while [ "X$key_secret" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" + echononl " Secret update key: " + read key_secret + done +fi + + +if $update_dns && [[ -z "$key_algo" ]] && ! $BATCH_MODE ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo " Specifies the algorithm to use for the TSIG key." + echo "" + echo " [1] hmac-md5" + echo " [2] hmac-sha1" + echo " [3] hmac-sha224" + echo -e " [4] \033[37m\033[1mhmac-sha256\033[m" + echo " [5] hmac-sha384" + echo " [6] hmac-sha512" + echo "" + echo " Type a number or press to choose highlighted value" + echo "" + echononl " Key algorithm [hmac-sha256]: " + + while [[ "$key_algo" != "hmac-md5" ]] \ + && [[ "$key_algo" != "hmac-sha1" ]] \ + && [[ "$key_algo" != "hmac-sha224" ]] \ + && [[ "$key_algo" != "hmac-sha256" ]] \ + && [[ "$key_algo" != "hmac-sha384" ]] \ + && [[ "$key_algo" != "hmac-sha512" ]] ; do + read OPTION + case $OPTION in + 1) key_algo="hmac-md5" ;; + 2) key_algo="hmac-sha1" ;; + 3) key_algo="hmac-sha224" ;; + 4) key_algo="hmac-sha256" ;; + '') key_algo="hmac-sha256" ;; + 5) key_algo="hmac-sha384" ;; + 6) key_algo="hmac-sha512" ;; + *) echo "" + echo -e " \033[33m\033[1mFalsche Eingabe ! [ 1 = hmac-md5 | 2 = hmac-sha1 | .. ]\033[m" + echo "" + echononl " Key algorithm [hmac-sha256]:" + ;; + esac + done +fi + +if [[ -z "$dkim_domain" ]] ; then + fatal "Running in batch mode, but no domain was given!" +fi +if $update_dns && [[ -z "$update_zone" ]] ; then + fatal "No update-zone is given!" +fi +if $update_dns && [[ -z "$key_secret" ]] ; then + fatal "No secret for the update key used by nsupdate is given!" +fi +if $update_dns && [[ -z "$key_algo" ]]; then + key_algo="$DEFAULT_key_algo" +fi +if $update_dns && [[ -z "$key_name" ]]; then + key_name="$update_zone" +fi +if $update_dns && [[ -z "$ttl" ]]; then + ttl="$DEFAULT_ttl" +fi +if $update_dns && [[ -z "$dns_server" ]]; then + fatal "No DNS server for updating given!" +fi + +if $update_dns ; then + cname_record="*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}." +fi +blank_line + + +if $terminal ; then + echo "" + echo -e " \033[1m----------\033[m" + echo " DKIM Domain......................: $dkim_domain" + if $update_dns ; then + echo " Create/Update DKIM TXT record....: Yes" + echo " Domain used for DKIM TXT record..: $update_zone" + echo " Secret for the update key........: $key_secret" + echo " Algorithm used for the TSIG key..: $key_algo" + echo " Name of the TSIG key.............: $key_name" + else + echo " Create/Update DKIM TXT record....: No" + fi + echo "" + echo " DNS Server.......................: $dns_server" + echo " TTL for the DKIM TXT Record......: $ttl" + echo "" + echo " OpenDKIM's etc-directory.........: $opendkim_dir" + echo " Key directory....................: ${key_base_dir}/${dkim_domain}" + echo " Signing table file...............: $signing_table_file" + echo " Key table file...................: $key_table_file" + echo -e " \033[1m----------\033[m" + echo "" fi @@ -171,17 +512,30 @@ fi # - Start Configuration # ============= -echo -echo -n " Type upper case 'YES' to start: " -read OK -if [[ "$OK" != "YES" ]] ; then - fatal "Abort by user request - Answer as not 'YES'" +if $terminal && ! $BATCH_MODE ; then + echo + echo -n " Type upper case 'YES' to start: " + read OK + if [[ "$OK" != "YES" ]] ; then + fatal "Abort by user request - Answer as not 'YES'" + fi + echo "" fi time_stamp=$(date +%s) -key_dir=${opendkim_dir}/keys/${domain} -domain_shortname="${domain%.*}" +key_dir=${key_base_dir}/${dkim_domain} +dkim_domain_shortname="${dkim_domain%.*}" + + +# - Generate private/public keys +# - +if $terminal ; then + echo "" + echo -e " \033[32mGenerate Generate private/public keys\033[m" + echo "" +fi + # - Create Key directory for the given domain # - @@ -209,8 +563,8 @@ fi # - The generated TXT record cannot be used directly for # - 'bind' nameservers (TXT recors are restricted to 255 characters) # - -echononl " Generate private key for domain '$domain'.." -opendkim-genkey -D $key_dir -d $domain -b 2048 -r -s $time_stamp > $log_file 2>&1 +echononl " Generate private key for domain '$dkim_domain'.." +opendkim-genkey -D $key_dir -d $dkim_domain -b 2048 -r -s $time_stamp > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else @@ -238,7 +592,7 @@ else fi -echononl " Print out public key key for domain '$domain'.." +echononl " Print out public key key for domain '$dkim_domain'.." openssl rsa -in ${key_dir}/${time_stamp}.private -pubout -out ${key_dir}/${time_stamp}.public > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok @@ -248,11 +602,20 @@ else fi +# - Configure OpenDKIM +# - +if $terminal ; then + echo "" + echo -e " \033[32mConfigure OpenDKIM for domain \033[37m\033[1m$dkim_domain\033[m" + echo "" +fi + + # - Configure/Adjust the signing table # - echononl " Configure/Adjust the signing table.." -if grep -q -E "^\s*\*@$domain\s" $signing_table_file 2>/dev/null ; then - perl -i -n -p -e "s/^\*@$domain\s.*/*@$domain\t$domain_shortname/" $signing_table_file 2> $log_file +if grep -q -E "^\s*\*@$dkim_domain\s" $signing_table_file 2>/dev/null ; then + perl -i -n -p -e "s/^\*@$dkim_domain\s.*/*@$dkim_domain\t$dkim_domain_shortname/" $signing_table_file 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else @@ -260,7 +623,7 @@ if grep -q -E "^\s*\*@$domain\s" $signing_table_file 2>/dev/null ; then error "$(cat $log_file)" fi else - echo -e "*@$domain\t$domain_shortname" >> $signing_table_file 2> $log_file + echo -e "*@$dkim_domain\t$dkim_domain_shortname" >> $signing_table_file 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else @@ -273,8 +636,8 @@ fi # - Configure/Adjust the key table # - echononl " Configure/Adjustkey table" -if grep -q -E "^\s*$domain_shortname\s" $key_table_file 2>/dev/null ; then - perl -i -n -p -e "s#^\s*$domain_shortname\s.*#${domain_shortname}\t\t${domain}:${time_stamp}:${key_dir}/${time_stamp}.private#" $key_table_file 2> $log_file +if grep -q -E "^\s*$dkim_domain_shortname\s" $key_table_file 2>/dev/null ; then + perl -i -n -p -e "s#^\s*$dkim_domain_shortname\s.*#${dkim_domain_shortname}\t\t${dkim_domain}:${time_stamp}:${key_dir}/${time_stamp}.private#" $key_table_file 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else @@ -282,7 +645,7 @@ if grep -q -E "^\s*$domain_shortname\s" $key_table_file 2>/dev/null ; then error "$(cat $log_file)" fi else - echo -e "${domain_shortname}\t\t${domain}:${time_stamp}:${key_dir}/${time_stamp}.private" >> $key_table_file 2> $log_file + echo -e "${dkim_domain_shortname}\t\t${dkim_domain}:${time_stamp}:${key_dir}/${time_stamp}.private" >> $key_table_file 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else @@ -294,15 +657,20 @@ fi # - Generate TXT record for use in bind9 # - -echo -echo -e " \033[32mGenerate TXT record for use in bind9\033[m" +if $terminal ; then + echo "" + echo -e " \033[32mGenerate TXT record for use in bind9\033[m" + echo "" +fi # - Write file with bind9 dekim TXT record # - -echo " Write bind9 dekim TXT record to file" +if $terminal ; then + echo " Write bind9 dekim TXT record to file" +fi echononl " '${key_dir}/${time_stamp}.bind9'" -echo "; ----- DKIM key $time_stamp for ${domain}" > ${key_dir}/${time_stamp}.bind9 -echo -n "${time_stamp}._domainkey.${domain}. 3600 IN TXT ( \"v=DKIM1; k=rsa; s=email; p=\"" >> ${key_dir}/${time_stamp}.bind9 +echo "; ----- DKIM key $time_stamp for ${dkim_domain}" > ${key_dir}/${time_stamp}.bind9 +echo -n "${time_stamp}._domainkey.${dkim_domain}. $ttl IN TXT ( \"v=DKIM1; k=rsa; s=email; p=\"" >> ${key_dir}/${time_stamp}.bind9 while IFS='' read -r _line || [[ -n $_line ]] ; do if echo "$_line" | grep -i -q -E "^---" 2> /dev/null ; then @@ -318,7 +686,10 @@ echo_ok # - Write TXT record as string for 'nsupdate' # - -echo " Write TXT record as string for 'nsupdate' to file" +if $terminal ; then + echo " Write TXT record as string for 'nsupdate' to file" +fi + echononl " '${key_dir}/${time_stamp}.nsupdate'" echo -n "\"v=DKIM1; k=rsa; s=email; p=\"" >> ${key_dir}/${time_stamp}.nsupdate while IFS='' read -r _line || [[ -n $_line ]] ; do @@ -332,20 +703,69 @@ while IFS='' read -r _line || [[ -n $_line ]] ; do done < "${key_dir}/${time_stamp}.public" echo_ok -info "Now you have to add the TXT Record to your zone file.\n\n\t Copy/Paste the following data:\n\n$(cat ${key_dir}/${time_stamp}.bind9)" -echo "" -echo -e "After adjusting your nameserver continue with this script" -echo "" -echo -n "Type to continue: " -read OK -echo + +if $update_dns ; then + + # - Update DNS Server + # - + if $terminal ; then + echo "" + echo -e " \033[32mUpdate DNS Server \033[37m\033[1m${dns_server}\033[m" + echo "" + fi + + echononl " Update zone '$update_zone' .." + cat < $log_file 2>&1 +server $dns_server +zone $update_zone +key ${key_algo}:$key_name $key_secret +update delete ${dkim_domain}.${update_zone}. +update add ${dkim_domain}.${update_zone}. $ttl TXT $(cat ${key_dir}/${time_stamp}.nsupdate) +send +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +fi + + +_wait=false +if ! $update_dns ; then + blank_line + todo "Now you have to add the TXT Record to your zone file.\n\n Copy/Paste the following data:\n\n$(cat ${key_dir}/${time_stamp}.bind9)" + _wait=true +elif [[ "$dkim_domain" != "$update_zone" ]]; then + if [[ -z "$(dig +short ${time_stamp}._domainkey.${dkim_domain}. CNAME)" ]]; then + blank_line + todo "Create a CNAME Record to your zone file.\n\n $cname_record" + _wait=true + fi +fi + +if ! $BATCH_MODE && $_wait ; then + echo "" + echo -e "After adjusting your nameserver continue with this script" + echo "" + echo -n "Type to continue: " + read OK + echo +fi # - Restart OpenDKIM # - +if $terminal ; then + echo "" + echo -e " \033[32m-----\033[m" + echo "" +fi + echononl " Restart OpenDKIM.." -if $SYSTEMD_EXISTS ; then +if $systemd_supported ; then systemctl restart opendkim > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok @@ -366,8 +786,9 @@ fi if [[ -n "$log_file" ]]; then rm -f "$log_file" fi -echo "" -exit 0 + +blank_line +clean_up 0