script/postfix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

create_opendkim_key.sh: add suport for subdomains.

Browse Source
This commit is contained in:
Christoph 2019-01-08 03:46:48 +01:00
parent 35bba6994f
commit c45c77cc30
1 changed files with 52 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
create_opendkim_key.sh
View File

@ -500,9 +500,9 @@ fi
if $update_dns && [[ -z "$dns_dkim_zone_master_server" ]]; then if $update_dns && [[ -z "$dns_dkim_zone_master_server" ]]; then
fatal "No DNS server for updating given!" fatal "No DNS server for updating given!"
fi fi
if [[ -z "$(dig +short ${dkim_domain} NS)" ]] ; then #if [[ -z "$(dig +short ${dkim_domain} NS)" ]] ; then
fatal "No Nameserver for domain '${dkim_domain}' found!" # fatal "No Nameserver for domain '${dkim_domain}' found!"
fi #fi
if $update_dns ; then if $update_dns ; then
cname_record="*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}." cname_record="*._domainkey.${dkim_domain}. IN CNAME ${dkim_domain}.${update_zone}."
@ -582,9 +582,38 @@ key_dir=${key_base_dir}/${dkim_domain}
dkim_domain_shortname="${dkim_domain%.*}" dkim_domain_shortname="${dkim_domain%.*}"
declare -a generated_files_arr=() declare -a generated_files_arr=()
declare -a dns_dkim_zone_slave_server_arr=() declare -a dns_dkim_zone_slave_server_arr=()
for _server in $(dig +short ${dkim_domain} NS) ; do _create_delegation=false
_create_dkim_zone=false
# - Some basic checks
# -
if $terminal ; then
echo ""
echo ""
echo -e " \033[32mSome basic checks\033[m"
echo ""
fi
echononl "Determine responsible zone for '${dkim_domain}'.."
found=true
zone=${dkim_domain}
while [[ -z "$(dig +short $zone ns 2>/dev/null)" ]] ; do
zone=${zone#*.}
if [[ ! $zone =~ \. ]]; then
found=false
break
fi
done
if $found ; then
echo_ok
info "Found responsible zone for '${dkim_domain}': \033[37m\033[1m${zone}\033[m"
else
echo_failed
fatal "No responsible zone for '${dkim_domain}' found!"
fi
for _server in $(dig +short ${zone} NS) ; do
# - Eliminate trailing '.' character(s) # - Eliminate trailing '.' character(s)
# - # -
_server="${_server%"${_server##*[!\.]}"}" _server="${_server%"${_server##*[!\.]}"}"
@ -593,8 +622,6 @@ for _server in $(dig +short ${dkim_domain} NS) ; do
dns_dkim_zone_slave_server_arr+=("$_server") dns_dkim_zone_slave_server_arr+=("$_server")
done done
_create_delegation=false
_create_dkim_zone=false
_wait=false _wait=false
if $update_dns && [[ "$dkim_domain" != "$update_zone" ]] ; then if $update_dns && [[ "$dkim_domain" != "$update_zone" ]] ; then
@ -660,15 +687,22 @@ if $_create_delegation ; then
echo "" echo ""
fi fi
echononl "Determin DNS master of '${dkim_domain}'.." echononl "Determin DNS master of '${zone}'.."
_dns_master="$(dig +short ${dkim_domain} SOA 2>/dev/null | awk '{print$1}' | sed 's/\.$//')" _dns_master="$(dig +short ${zone} SOA 2>/dev/null | awk '{print$1}' | sed 's/\.$//')"
if [[ -z "$_dns_master" ]]; then if [[ -z "$_dns_master" ]]; then
echo_failed echo_failed
fatal "Determin DNS master of '${dkim_domain}' failed!" if $terminal ; then
fatal "Determin DNS master of '${zone}' failed!"
else
echo -e " [ Fatal ] Found responsible zone for '${dkim_domain}' (${zone}), but"
echo -e " cannot determin master dns server for '${zone}'!"
clean_up 1
fi
else else
echo_ok echo_ok
fi fi
# - Check if Nameserver is accessable via ssh # - Check if Nameserver is accessable via ssh
# - # -
echononl "Check if Nameserver '$_dns_master' is accessable via ssh .." echononl "Check if Nameserver '$_dns_master' is accessable via ssh .."
@ -856,7 +890,7 @@ if $_create_dkim_zone ; then
# - Check if Script '$add_dkim_zone_slave_script' is accessable on slave servers # - Check if Script '$add_dkim_zone_slave_script' is accessable on slave servers
# - # -
for _server in ${dns_dkim_zone_slave_server_arr[@]} ; do for _server in ${dns_dkim_zone_slave_server_arr[@]} ; do
echononl "Check Script '$add_dkim_zone_master_script'at $_server .." echononl "Check Script '$add_dkim_zone_slave_script' (${_server}).."
echo_wait echo_wait
ssh -q -p $dns_ssh_port \ ssh -q -p $dns_ssh_port \
-o BatchMode=yes \ -o BatchMode=yes \
@ -881,7 +915,7 @@ if $_create_dkim_zone ; then
echo -e " \033[32mCreate zone \033[37m\033[1m${update_zone}\033[m at dns master." echo -e " \033[32mCreate zone \033[37m\033[1m${update_zone}\033[m at dns master."
echo "" echo ""
fi fi
echononl "Create zone '${update_zone}' at dns master '${_dns_master}'.." echononl "Create zone '${update_zone}' at dns master '${dns_dkim_zone_master_server}'.."
echo_wait echo_wait
ssh -q -p $dns_ssh_port \ ssh -q -p $dns_ssh_port \
-o BatchMode=yes \ -o BatchMode=yes \
@ -923,6 +957,12 @@ if $_create_dkim_zone ; then
15) $terminal && echo_failed 15) $terminal && echo_failed
fatal "DKIM domain '$dkim_domain' not supported by this nameserver!" fatal "DKIM domain '$dkim_domain' not supported by this nameserver!"
;; ;;
16) $terminal && echo_failed
fatal "No responsible zone for '$dkim_domain' found!"
;;
17) $terminal && echo_failed
fatal "No responsible nameservers found!"
;;
20) $terminal && echo_failed 20) $terminal && echo_failed
fatal "Adding Zone definition for '${update_zone}' failed!" fatal "Adding Zone definition for '${update_zone}' failed!"
;; ;;