ius/dnstools: comparison sbin/update-serial

equal deleted inserted replaced

-:5578cb7933c1
+:d8fa60488868
+#!/usr/bin/perl -w
+#    Copyright (C) 2011 Matthias Förste
+#    Copyright (C) 2010, 2011 Heiko Schlittermann
+#    Copyright (C) 2010 Andre Süß
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    Matthias Förste <foerste@schlittermann.de>
+=encoding utf8
+=cut
+use v5.10;
+use strict;
+use warnings;
+use Pod::Usage;
+use Getopt::Long;
+use File::Temp;
+use IO::File;
+use POSIX qw(strftime);
+use if $ENV{DEBUG} => "Smart::Comments";
+use DNStools::Config qw(get_config);
+use DNStools::UpdateSerial;
+my %opt;
+MAIN: {
+GetOptions(
+"sign-alert-time=i" => \$opt{sign_alert_time},
+"key-counter-end=i" => \$opt{key_counter_end},
+"h|help"            => sub { pod2usage(-exit => 0, -verbose => 1) },
+"m|man"             => sub {
+pod2usage(
+-exit => 0,
+-verbose   => 2,
+# "system('perldoc -V &>/dev/null')" appears shorter, but may not
+# do what you expect ( it still returns 0 on debian squeeze with
+# dash as system shell even if cannot find the command in $PATH)
+-noperldoc => system('perldoc -V >/dev/null 2>&1')
+);
+}
+) or pod2usage;
+# merge the config and the defined options from commandline
+my @configs = ( "dnstools.conf", "$ENV{HOME}/.dnstools.conf",
+"/etc/dnstools.conf");
+unshift @configs, $ENV{DNSTOOLS_CONF} if defined $ENV{DNSTOOLS_CONF};
+%config = get_config @configs, \%opt;
+my @candidates = @ARGV ? zones(@ARGV) : changed_zones;
+push @candidates, update_index($config{indexzone});
+push @candidates, signature_expired($config{sign_alert_time});
+my @need_rollover = need_rollover;
+my @done_rollover = done_rollover;
+push @candidates, begin_rollover(@need_rollover);
+push @candidates, end_rollover(@done_rollover);
+foreach my $zone (uniq(@candidates)) {
+#        say "XXX: candidate $zone";
+update_serial($zone);
+sign($zone) if dnssec_enabled($zone, "$config{master_dir}/$config{indexzone}/$config{indexzone}");
+#        say "XXX: $zone should be signed" if dnssec_enabled($zone, "$config{master_dir}/$config{indexzone}/$config{indexzone}");
+}
+file_entry;
+mk_zone_conf($config{bind_dir}, $config{zone_conf_dir});
+server_reload;
+}
+__END__
+=pod
+=head1 NAME
+update-serial - updates the serial numbers and re-signs the zone files
+=head1 SYNOPSIS
+update-serial [options] [zone...]
+=head1 DESCRIPTION
+B<update-serial> scans the configured directories for modified zone files. On any
+file found it increments the serial number and signs the zone, if approbiate.
+=head1 OPTIONS
+=over
+=item B<--sign-alert-time> I<days>
+TODO
+=item B<--key-counter-end> I<integer>
+Maximum number if key usages.
+=back
+The common options B<-h>|B<--help>|B<-m>|B<--man> are supported.
+=head1 AUTHORS
+Matthias Förste L<<foerste@schlittermann.de>>, Heiko Schlittermann L<<hs@schlittermann.de>>, Andre Süss L<<andre.suess@pipkin.cc>>
+=cut
+# vim:sts=4 sw=4 aw ai sm:

changeset 131	d8fa60488868
parent 128	ce219be2c383
child 136	43e9d618af43