#!/usr/bin/env bash script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/${script_name%%.*}.conf" LOCK_DIR="/tmp/$(basename $0).$$.LOCK" log_file="${LOCK_DIR}/${script_name%%.*}.log" # ---------- # Base Function(s) # ---------- usage() { [[ -n "$1" ]] && error "$1" [[ $terminal ]] && echo -e " \033[1mUsage:\033[m $(basename $0) [OPTION [OPTION .. \033[1mDescription\033[m \033[1mOptions\033[m \033[1mFiles\033[m $conf_file: Configuration file \033[1mExample:\033[m $(basename $0) .. $(basename $0) .. " clean_up 1 } clean_up() { # Perform program exit housekeeping rm -rf "$LOCK_DIR" blank_line exit $1 } echononl(){ if $terminal ; then echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n " $*\\c" 1>&2 else echo -e -n " $*" 1>&2 fi rm /tmp/shprompt$$ fi } fatal(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mFatal\033[m ]: $*" echo "" echo -e " \033[31m\033[1mScript was interupted\033[m!" else echo " [ Fatal ]: $*" echo "" echo " Script was terminated...." fi echo "" clean_up 1 } error (){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mError\033[m ]: $*" else echo " [ Error ]: $*" fi echo "" } warn (){ if $terminal ; then echo "" echo -e " [ \033[33m\033[1mWarning\033[m ]: $*" echo "" fi } info (){ if $terminal ; then echo "" echo -e " [ \033[32m\033[1mInfo\033[m ]: $*" echo "" fi } ok (){ if $terminal ; then echo "" echo -e " [ \033[32m\033[1mOk\033[m ] $*" echo "" fi } echo_done() { if $terminal ; then echo -e "\033[95G[ \033[32mdone\033[m ]" fi } echo_ok() { if $terminal ; then echo -e "\033[95G[ \033[32mok\033[m ]" fi } echo_warn() { if $terminal ; then echo -e "\033[95G[ \033[33mwarn\033[m ]" fi } echo_failed(){ if $terminal ; then echo -e "\033[95G[ \033[1;31mfailed\033[m ]" fi } echo_skipped() { if $terminal ; then echo -e "\033[95G[ \033[90m\033[1mskipped\033[m ]" fi } echo_wait(){ if $terminal ; then echo -en "\033[95G[ \033[5m\033[1m...\033[m ]" fi } trim() { local var="$*" var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters echo -n "$var" } blank_line() { if $terminal ; then echo "" fi } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # - Create lock directory '$LOCK_DIR" # mkdir "$LOCK_DIR" # ---------- # - Some checks .. # ---------- # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else terminal=false fi # ------------- # - Default values # ------------- # - Give your default values here # - DEFAULT_DNS_DKIM_ZONE_MASTER_SERVER="b.ns.oopen.de" DEFAULT_TTL="3600" DEFAULT_KEY_ALGO="hmac-sha256" DEFAULT_KEY_NAME="update-dkim" DEFAULT_DKIM_TYPE="DKIM1" DEFAULT_KEY_TYPE="rsa" DEFAULT_DKIM_SELECTOR="" if [[ -f "$conf_file" ]]; then source "$conf_file" else warn "No configuration file '$conf_file' present.\n Loading default values.." fi if [[ -n "$(trim "$DNS_DKIM_ZONE_MASTER_SERVER")" ]] ; then DEFAULT_DNS_DKIM_ZONE_MASTER_SERVER="${DNS_DKIM_ZONE_MASTER_SERVER}" DNS_DKIM_ZONE_MASTER_SERVER="" fi if [[ -n "$(trim "$KEY_ALGO")" ]] ; then DEFAULT_KEY_ALGO="${KEY_ALGO}" KEY_ALGO="" fi if [[ -n "$(trim "$KEY_NAME")" ]] ; then DEFAULT_KEY_NAME="${KEY_NAME}" KEY_NAME="" fi if [[ -n "$(trim "$KEY_SECRET")" ]] ; then DEFAULT_KEY_SECRET="${KEY_SECRET}" KEY_SECRET="" fi if $terminal ; then echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert a domain name for which DKIM support should be configured." echo "" echo "" echononl " DKIM domain: " read DKIM_DOMAIN while [ "X$DKIM_DOMAIN" = "X" ] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " DKIM domain: " read DKIM_DOMAIN done DEFAULT_DKIM_UPDATE_ZONE="_domainkey.${DKIM_DOMAIN}" echo -e "\033[32m--\033[m" echo "" echo " Insert zone which should be updated with the new DKIM key." echo "" echo "" echononl " DKIM Zone [${DEFAULT_DKIM_UPDATE_ZONE}]: " read DKIM_UPDATE_ZONE if [[ "X$DKIM_UPDATE_ZONE" = "X" ]] ; then DKIM_UPDATE_ZONE="${DEFAULT_DKIM_UPDATE_ZONE}" fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert DKIM selector" echo "" echo "" echononl " DKIM selector: " read DKIM_SELECTOR while [ "X$DKIM_SELECTOR" = "X" ] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " DKIM selector: " read DKIM_SELECTOR done echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert DKIM Key" echo "" echo "" echononl " DKIM Key: " read DKIM_KEY while [ "X$DKIM_KEY" = "X" ] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " DKIM Key: " read DKIM_KEY done echo "" echo -e "\033[32m--\033[m" echo "" echo -e " Insert DNS master server for domain \033[1m$DKIM_UPDATE_ZONE\033[m" echo "" echo "" if [[ -n "${DEFAULT_DNS_DKIM_ZONE_MASTER_SERVER}" ]] ; then echononl " DNS master server [${DEFAULT_DNS_DKIM_ZONE_MASTER_SERVER}]: " read DNS_DKIM_ZONE_MASTER_SERVER if [[ "X$DNS_DKIM_ZONE_MASTER_SERVER" = "X" ]] ; then DNS_DKIM_ZONE_MASTER_SERVER="${DEFAULT_DNS_DKIM_ZONE_MASTER_SERVER}" fi else echononl " DNS master server: " read DNS_DKIM_ZONE_MASTER_SERVER while [[ "X$DNS_DKIM_ZONE_MASTER_SERVER" = "X" ]] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " DNS master server: " read KEY_SECRET done fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert Key name" echo "" echo "" echononl " Key name [${DEFAULT_KEY_NAME}]: " read KEY_NAME if [[ "X$KEY_NAME" = "X" ]] ; then KEY_NAME="${DEFAULT_KEY_NAME}" fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert Key secret" echo "" echo "" if [[ -n "${DEFAULT_KEY_SECRET}" ]] ; then echononl " Key secret [${DEFAULT_KEY_SECRET}]: " read KEY_SECRET if [[ "X$KEY_SECRET" = "X" ]] ; then KEY_SECRET="${DEFAULT_KEY_SECRET}" fi else echononl " Key secret: " read KEY_SECRET while [[ "X$KEY_SECRET" = "X" ]] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " Key secret: " read KEY_SECRET done fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Specifies the algorithm to use for the TSIG key." echo "" if [[ "hmac-md5" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [1] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [1] hmac-md5" fi if [[ "hmac-sha1" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [2] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [2] hmac-sha1" fi if [[ "hmac-sha224" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [3] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [3] hmac-sha224" fi if [[ "hmac-sha256" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [4] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [4] hmac-sha256" fi if [[ "hmac-sha384" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [5] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [5] hmac-sha384" fi if [[ "hmac-sha512" = "${DEFAULT_KEY_ALGO}" ]] ; then echo -e " [6] \033[37m\033[1m${DEFAULT_KEY_ALGO}\033[m" else echo " [6] hmac-sha512" fi echo "" echo " Type a number or press to choose highlighted value" echo "" echononl " Key algorithm [${DEFAULT_KEY_ALGO}]: " while [[ "$KEY_ALGO" != "hmac-md5" ]] \ && [[ "$KEY_ALGO" != "hmac-sha1" ]] \ && [[ "$KEY_ALGO" != "hmac-sha224" ]] \ && [[ "$KEY_ALGO" != "hmac-sha256" ]] \ && [[ "$KEY_ALGO" != "hmac-sha384" ]] \ && [[ "$KEY_ALGO" != "hmac-sha512" ]] ; do read OPTION case $OPTION in 1) KEY_ALGO="hmac-md5" ;; 2) KEY_ALGO="hmac-sha1" ;; 3) KEY_ALGO="hmac-sha224" ;; 4) KEY_ALGO="hmac-sha256" ;; 5) KEY_ALGO="hmac-sha384" ;; 6) KEY_ALGO="hmac-sha512" ;; '') KEY_ALGO="${DEFAULT_KEY_ALGO}" ;; *) echo "" echo -e " \033[33m\033[1mFalsche Eingabe ! [ 1 = hmac-md5 | 2 = hmac-sha1 | .. ]\033[m" echo "" echononl " Key algorithm [hmac-sha256]:" ;; esac done echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert DKIM Type (i.e. 'DKIM1')" echo "" echo "" echononl " Key name [${DEFAULT_DKIM_TYPE}]: " read DKIM_TYPE if [[ "X$DKIM_TYPE" = "X" ]] ; then DKIM_TYPE="${DEFAULT_DKIM_TYPE}" fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert Key Type (i.e. 'rsa')" echo "" echo "" echononl " Key type [${DEFAULT_KEY_TYPE}]: " read KEY_TYPE if [[ "X$KEY_TYPE" = "X" ]] ; then KEY_TYPE="${DEFAULT_KEY_TYPE}" fi echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert TTL for dns entry" echo "" echo "" echononl " TTL [${DEFAULT_TTL}]: " read TTL if [[ "X$TTL" = "X" ]] ; then TTL="${DEFAULT_TTL}" fi fi if [[ -z "$(trim "${DKIM_DOMAIN}")" ]]; then fatal "Variable \033[1mDKIM_DOMAIN\033[m not set!" fi if [[ -z "$(trim "${DKIM_UPDATE_ZONE}")" ]]; then fatal "Variable \033[1mDKIM_UPDATE_ZONE\033[m not set!" fi if [[ -z "$(trim "${DKIM_SELECTOR}")" ]]; then fatal "Variable \033[1mDKIM_SELECTOR\033[m not set!" fi if [[ -z "$(trim "${DKIM_KEY}")" ]]; then fatal "\033[1mDKIM_KEY\033[m not given!" fi if [[ -z "$(trim "${KEY_SECRET}")" ]]; then fatal "Variable \033[1mKEY_SECRET\033[m not set!" fi blank_line blank_line declare -i length_dkim_key=${#DKIM_KEY} _intro="v=${DKIM_TYPE}; k=${KEY_TYPE}; p=" declare -i length_intro=${#_intro} declare -i total_length=$((length_intro + length_dkim_key)) echononl "Create (splitted) 'p' value of DNS record.." if [[ ${total_length} -gt 255 ]] ; then TMP_DKIM_KEY="$DKIM_KEY" p_val="" _length=64 declare -i index=1 while [ -n "$TMP_DKIM_KEY" ]; do if [[ index -eq 1 ]]; then p_val="\"${TMP_DKIM_KEY:0:$_length}\"" else p_val+=" \"${TMP_DKIM_KEY:0:$_length}\"" fi TMP_DKIM_KEY="${TMP_DKIM_KEY:$_length}" (( ++index )) done echo_done txt_val="\"v=${DKIM_TYPE}; k=${KEY_TYPE}; s=email; p=\" ${p_val}" else echo_skipped p_val="${DKIM_KEY}" txt_val="\"${_intro}${p_val}\"" fi if $terminal ; then echo "" echo "" echo -e " \033[1m----------\033[m" echo " DKIM Domain......................: $DKIM_DOMAIN" echo " DKIM Selector....................: $DKIM_SELECTOR" echo " DKIM Key.........................: ${DKIM_KEY:0:15}..${DKIM_KEY:$(expr ${#DKIM_KEY} - 15)}" echo "" echo " Domain used for DKIM TXT record..: $DKIM_UPDATE_ZONE" echo " Secret for the update key........: $KEY_SECRET" echo " Algorithm used for the TSIG key..: $KEY_ALGO" echo " Name of the TSIG key.............: $KEY_NAME" echo "" echo " DNS Master Server................: $DNS_DKIM_ZONE_MASTER_SERVER" if [[ -z "$TTL" ]] || [[ "${TTL,,}" = "none" ]] ; then echo -e " TTL for the DKIM TXT Record......: \033[33m- Not set -\033[m" else echo " TTL for the DKIM TXT Record......: $TTL" fi echo "" echo " DKIM Type........................: $DKIM_TYPE" echo " Key Type.........................: $KEY_TYPE" echo " DKIM Key.........................: $DKIM_KEY" echo -e " \033[1m----------\033[m" echo "" echo -e " DNS Record to add:\n\n\033[33m${DKIM_SELECTOR}.${DKIM_UPDATE_ZONE}. ${TTL} IN TXT ${txt_val}\033[m" echo "" echo -e "\n\n The following 'nsupdate'command will be used:" cat < $log_file 2>&1 server $DNS_DKIM_ZONE_MASTER_SERVER zone $DKIM_UPDATE_ZONE key ${KEY_ALGO}:$KEY_NAME $KEY_SECRET update delete ${DKIM_SELECTOR}.${DKIM_UPDATE_ZONE}. update add ${DKIM_SELECTOR}.${DKIM_UPDATE_ZONE}. ${TTL} IN TXT ${txt_val} send EOF if [[ $? -eq 0 ]] ; then echo_ok else echo_failed cat < - \033[1mrndc freeze ${DKIM_UPDATE_ZONE}\033[m rndc thaw