--- a/dnssec-creatkey Wed Jun 30 13:15:11 2010 +0200
+++ b/dnssec-creatkey Wed Jun 30 16:48:26 2010 +0200
@@ -3,15 +3,20 @@
master_dir=$MASTER_DIR
key_counter_end=$KEY_COUNTER_END
-eingabe=$@
+
+
+#prüft die eingegebnen domains
+for utf8domain in $@
+do
+ domain=$(idn --quiet "$utf8domain")
-function test_zsk_aenderung {
- for domain in $eingabe
- do
- test -d $master_dir/$domain && echo $domain
- done
-}
-
+ if [ -d $master_dir/$domain ]
+ then
+ zsk_aenderung="$zsk_aenderung $domain"
+ else
+ echo $domain ist keine verwaltete Zone
+ fi
+done
function test_zsk_new { # prueft ob es einen ZSK gibt
for zone in $master_dir/*
@@ -41,7 +46,6 @@
done
}
-zsk_aenderung=`test_zsk_aenderung`
zsk_time=`test_zsk_time $key_counter_end`
zsk_new=`test_zsk_new`
ksk_new=`test_ksk_new`
--- a/dnssec-lskey Wed Jun 30 13:15:11 2010 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-#!/bin/bash
-source ./dnstools.conf
-
-master_dir=$MASTER_DIR
-zsklive=$ZSKLIVE # ZSK-Schluessellebensdauer in Tagen
-ksklive=$KSKLIVE # KSK-Schluessellebensdauer in Tagen
-
-
-for domain in $master_dir/*
-do
-
- start_time=`ls $domain/index.zsk -l --time-style=+%s | cut -d' ' -f6`
- z_end_time=$[start_time + $[zsklive * 86400]]
- echo ${domain##/*/} index.zsk `date -d @$z_end_time +%d.%m.%Y` | tr ' ' '\t'
-
- start_time=`ls $domain/index.ksk -l --time-style=+%s | cut -d' ' -f6`
- k_end_time=$[start_time + $[ksklive * 86400]]
- echo ${domain##/*/} index.ksk `date -d @$k_end_time +%d.%m.%Y` | tr ' ' '\t'
-done
-
-
- #echo Ablauf $INDEX `date -d @$ENDTIME +%Y%m%d000000`
-
--- a/dnssec-sign Wed Jun 30 13:15:11 2010 +0200
+++ b/dnssec-sign Wed Jun 30 16:48:26 2010 +0200
@@ -2,6 +2,19 @@
source ./dnstools.conf
master_dir=$MASTER_DIR
+#prüft die eingegebnen domains
+for utf8domain in $@
+do
+ domain=$(idn --quiet "$utf8domain")
+
+ if [ -d $master_dir/$domain ]
+ then
+ zone_aenderung="$zone_aenderung $master_dir/$domain"
+ else
+ echo $domain ist keine verwaltete Zone
+ fi
+done
+
function time_out { #prüft den ablauf der signatur
unowtime=`date +%s`
alerttime=`date -d @$[unowtime - $[ 3600 * $SIGN_ALERT_TIME ] ] +%Y%m%d%H`
@@ -27,30 +40,24 @@
function new_sign { # prüft nach der ersten signatur
for zone in $master_dir/*
do
- if [ `< $zone/keycounter` -le 0 ]
+ if [ -f $zone/keycounter ]
then
- echo $zone
+ if [ `< $zone/keycounter` -le 0 ]
+ then
+ echo $zone
+ fi
fi
done
}
-function aenderung { # manuelle eingabe
- for domain in $@
- do
- test -d $master_dir/$domain && echo $master_dir/$domain
- done
-}
-
-zone_aenderung=`aenderung $@`
zone_new_sign=`new_sign`
zone_time_out=`time_out`
for zone in $zone_aenderung $zone_new_sign $zone_time_out
do
cd $zone
- domain=${zone##/*/}
- dnssec-signzone $domain
+ domain=${zone##/*/}
+ key_counter=`< keycounter`
- key_counter=`< keycounter`
- echo $[ key_counter + 1 ] > keycounter
+ dnssec-signzone $domain && echo $[ key_counter + 1 ] > keycounter
done
--- a/mkdomain Wed Jun 30 13:15:11 2010 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,106 +0,0 @@
-#! /bin/bash
-
-while getopts "d" opt; do
- case $opt in
- d) opt_debug=1;;
- ?) exit 1;;
- esac
-done
-
-if test $# -lt 2; then
- echo "usage: $0 kundennummer domain..." >&2
- exit
-fi
-
-customer="$1"; shift
-start=$(date -I)
-
-# config
-source dnstools.conf
-
-secondary=$SECONDARY
-secondary_ip=${SECONDARY_IP:-$(dig +short $secondary)}
-
-this_host=${THIS_HOST:-$(hostname -f)}
-this_ip=${THIS_IP:-$(hostname -i)}
-this_domain=${THIS_DOMAIN:-$(hostname -d)}
-primary=${PRIMARY:-$this_host}
-
-hostmaster=${HOSTMASTER:-"hostmaster.$this_domain"}
-
-zone_conf_dir=${ZONE_CONF_DIR:-/etc/bind/zones.d}
-master_dir=${MASTER_DIR:-/etc/bind/master}
-
-if [ ! -d $master_dir ]
-then
- echo $master_dir nicht gefunden
- exit 1
-fi
-
-if [ ! -d $zone_conf_dir ]
-then
- echo $zone_conf_dir nicht gefunden
- exit 1
-fi
-
-# debug option
-if test $opt_debug; then
- cat <<xxx
-this host: $this_host [$this_ip]
-this domain: $this_domain
-primary: $primary
-secondary: $secondary [$secondary_ip]
-hostmaster: $hostmaster
-zone config directory: $zone_conf_dir
-xxx
- exit
-fi
-
-for utf8domain in "$@"; do
- domain=$(idn --quiet "$utf8domain")
-
- test -d $master_dir/$domain || mkdir $master_dir/$domain
-
- zonefile=$master_dir/$domain/$domain
- config=$zone_conf_dir/$domain
-
- echo "$domain ($utf8domain)"
-
- test -f $zonefile && { echo "$zonefile exists. Skipping $domain" >&2; continue; }
- test -f $config && { echo "$config exists. Skipping $domain" >&2; continue; }
-
- cat <<xxx >$zonefile
-\$ORIGIN $domain.
-\$TTL 1d
-@ IN SOA $this_host. $hostmaster. (
- $(date +%Y%m%d00) ; serial
- 1d ; refresh
- 2h ; retry
- 7d ; expire
- 1d ; default ttl
-)
-
- IN TXT "invoice: $customer"
- IN TXT "start: $start"
- IN TXT "utf8: $utf8domain"
-
- IN NS $primary.
- IN NS $secondary.
-
-xxx
-
- cat <<xxx >$config
-zone "$domain" {
-// Start: $start
-// Invoice: $customer
-// UTF8: $utf8domain
- type master;
- file "$master_dir/$domain/$domain.signed";
- allow-transfer { $secondary_ip; };
- allow-query { any; };
-};
-
-xxx
-done
-
-
--- a/rmdomain Wed Jun 30 13:15:11 2010 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-ZONE=/etc/bind/master
-CONF=/etc/bind/zones.d
-
-for UTF8DOMAIN in $@
-do
-
- DOMAIN=$(idn --quiet $UTF8DOMAIN )
- echo $DOMAIN
-
- test -d $ZONE/$DOMAIN && rm -r $ZONE/$DOMAIN && echo "-> Zonedatei entfernt"
- test -f $CONF/$DOMAIN && rm $CONF/$DOMAIN && echo "-> Konfiguration entfernt"
-
-done
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/zone-ls Wed Jun 30 16:48:26 2010 +0200
@@ -0,0 +1,31 @@
+#!/bin/bash
+source ./dnstools.conf
+master_dir=$MASTER_DIR
+zsklive=$ZSKLIVE
+ksklive=$KSKLIVE
+
+for zone in $master_dir/*
+do
+
+ domain=${zone##/*/}
+
+ test -f $zone/index.zsk && anzahl_zsk=`wc -l < $zone/index.zsk` || anzahl_zsk="0"
+ test -f $zone/index.ksk && anzahl_ksk=`wc -l < $zone/index.ksk` || anzahl_ksk="0"
+
+ test -f $zone/keycounter && key_counter=`< $zone/keycounter` || key_counter="0"
+
+ if [ -f $zone/$domain.signed ]
+ then
+ endtime1=`cat $zone/$domain.signed | egrep 'DNSKEY' | egrep '[0-9]{14}' | head -n1 | cut -d" " -f5`
+ endtime2=`echo $endtime1 | cut -c 7-8 ; echo $endtime1 | cut -c 5-6 ; echo $endtime1 | cut -c 1-4`
+ else
+ endtime2="0"
+ fi
+
+ ausgabe="$domain:keys-$anzahl_zsk/$anzahl_ksk:ablauf-$endtime2:signiert-$key_counter"
+
+ echo $ausgabe | tr ":" "\t"
+
+done
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/zone-mk Wed Jun 30 16:48:26 2010 +0200
@@ -0,0 +1,106 @@
+#! /bin/bash
+
+while getopts "d" opt; do
+ case $opt in
+ d) opt_debug=1;;
+ ?) exit 1;;
+ esac
+done
+
+if test $# -lt 2; then
+ echo "usage: $0 kundennummer domain..." >&2
+ exit
+fi
+
+customer="$1"; shift
+start=$(date -I)
+
+# config
+source dnstools.conf
+
+secondary=$SECONDARY
+secondary_ip=${SECONDARY_IP:-$(dig +short $secondary)}
+
+this_host=${THIS_HOST:-$(hostname -f)}
+this_ip=${THIS_IP:-$(hostname -i)}
+this_domain=${THIS_DOMAIN:-$(hostname -d)}
+primary=${PRIMARY:-$this_host}
+
+hostmaster=${HOSTMASTER:-"hostmaster.$this_domain"}
+
+zone_conf_dir=${ZONE_CONF_DIR:-/etc/bind/zones.d}
+master_dir=${MASTER_DIR:-/etc/bind/master}
+
+if [ ! -d $master_dir ]
+then
+ echo $master_dir nicht gefunden
+ exit 1
+fi
+
+if [ ! -d $zone_conf_dir ]
+then
+ echo $zone_conf_dir nicht gefunden
+ exit 1
+fi
+
+# debug option
+if test $opt_debug; then
+ cat <<xxx
+this host: $this_host [$this_ip]
+this domain: $this_domain
+primary: $primary
+secondary: $secondary [$secondary_ip]
+hostmaster: $hostmaster
+zone config directory: $zone_conf_dir
+xxx
+ exit
+fi
+
+for utf8domain in "$@"; do
+ domain=$(idn --quiet "$utf8domain")
+
+ test -d $master_dir/$domain || mkdir $master_dir/$domain
+
+ zonefile=$master_dir/$domain/$domain
+ config=$zone_conf_dir/$domain
+
+ echo "$domain ($utf8domain)"
+
+ test -f $zonefile && { echo "$zonefile exists. Skipping $domain" >&2; continue; }
+ test -f $config && { echo "$config exists. Skipping $domain" >&2; continue; }
+
+ cat <<xxx >$zonefile
+\$ORIGIN $domain.
+\$TTL 1d
+@ IN SOA $this_host. $hostmaster. (
+ $(date +%Y%m%d00) ; serial
+ 1d ; refresh
+ 2h ; retry
+ 7d ; expire
+ 1d ; default ttl
+)
+
+ IN TXT "invoice: $customer"
+ IN TXT "start: $start"
+ IN TXT "utf8: $utf8domain"
+
+ IN NS $primary.
+ IN NS $secondary.
+
+xxx
+
+ cat <<xxx >$config
+zone "$domain" {
+// Start: $start
+// Invoice: $customer
+// UTF8: $utf8domain
+ type master;
+ file "$master_dir/$domain/$domain.signed";
+ allow-transfer { $secondary_ip; };
+ allow-query { any; };
+};
+
+xxx
+done
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/zone-rm Wed Jun 30 16:48:26 2010 +0200
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+source dnstools.conf
+
+master_dir=$MASTER_DIR
+conf_dir=$ZONE_CONF_DIR
+
+for utf8domain in $@
+do
+
+ domain=$(idn --quiet $utf8domain )
+ echo $domain
+
+ test -d $master_dir/$domain && rm -r $master_dir/$domain && echo "-> Zonedatei entfernt"
+ test -f $conf_dir/$domain && rm $conf_dir/$domain && echo "-> Konfiguration entfernt"
+
+done