diff options
| author | Andrew Cady <d@jerkface.net> | 2020-05-29 08:49:19 -0400 |
|---|---|---|
| committer | Andrew Cady <d@jerkface.net> | 2020-05-29 09:15:47 -0400 |
| commit | f8dbf7aef4f1b1648bd2980b62f2ef57d653e800 (patch) | |
| tree | 6faa684ec4b4d82a9d2bf33c1576287ad1066668 /etc | |
| parent | a35e328ca65bef9796e956fd6148ba770e93f03f (diff) | |
renames
Diffstat (limited to 'etc')
| -rwxr-xr-x | etc/powerdns/add-zone | 42 | ||||
| -rwxr-xr-x | etc/powerdns/dyndns-command.sh | 92 | ||||
| -rwxr-xr-x | etc/powerdns/fixperms.sh | 5 | ||||
| -rw-r--r-- | etc/powerdns/named.conf | 10 | ||||
| -rw-r--r-- | etc/powerdns/pdns.conf | 17 | ||||
| -rw-r--r-- | etc/powerdns/pdns.d/bind.conf | 2 | ||||
| -rw-r--r-- | etc/powerdns/pdns.d/pdns.local.conf | 3 | ||||
| -rw-r--r-- | etc/powerdns/pdns.d/pdns.local.gsqlite3.conf | 8 | ||||
| -rw-r--r-- | etc/powerdns/powerdns.sqlite3 | 0 | ||||
| -rw-r--r-- | etc/sources.list.d/pdns.list | 1 |
10 files changed, 180 insertions, 0 deletions
diff --git a/etc/powerdns/add-zone b/etc/powerdns/add-zone new file mode 100755 index 0000000..d7f6a13 --- /dev/null +++ b/etc/powerdns/add-zone | |||
| @@ -0,0 +1,42 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | |||
| 3 | usage() { echo "Usage: $0 <database.sqlite3> <domain>" >&2; exit ${1:-1}; } | ||
| 4 | |||
| 5 | check_args() | ||
| 6 | { | ||
| 7 | [ $# = 2 ] || usage 1 | ||
| 8 | database=$1 | ||
| 9 | domain=$2 | ||
| 10 | |||
| 11 | [ -f "$database" ] || exit 1 | ||
| 12 | [ -r "$database" ] || exit 2 | ||
| 13 | |||
| 14 | case "$domain" in | ||
| 15 | -h|--help) exec 2>&1; usage 0 ;; | ||
| 16 | *\'*) usage 1 ;; | ||
| 17 | '') usage 1 ;; | ||
| 18 | *.) usage 1 ;; | ||
| 19 | *.*) ;; | ||
| 20 | *) [ "$ALLOW_TLD_ZONE" ] || usage 1 ;; | ||
| 21 | esac | ||
| 22 | } | ||
| 23 | |||
| 24 | add_zone() | ||
| 25 | { | ||
| 26 | local database="$1" domain="$2" soa | ||
| 27 | soa="$domain hostmaster.$domain 1 10800 3600 604800 3600" | ||
| 28 | sqlite3 "$database" <<END | ||
| 29 | begin; | ||
| 30 | delete from domains where name='$domain' and type='NATIVE'; | ||
| 31 | insert into domains (name, type) values ('$domain', 'NATIVE'); | ||
| 32 | |||
| 33 | insert into records (domain_id, name, content, type, ttl, prio) | ||
| 34 | select id, '$domain', '$soa', 'SOA', 600, 1 | ||
| 35 | from domains where name='$domain'; | ||
| 36 | commit; | ||
| 37 | END | ||
| 38 | } | ||
| 39 | |||
| 40 | check_args "$@" | ||
| 41 | |||
| 42 | add_zone "$@" | ||
diff --git a/etc/powerdns/dyndns-command.sh b/etc/powerdns/dyndns-command.sh new file mode 100755 index 0000000..375d50b --- /dev/null +++ b/etc/powerdns/dyndns-command.sh | |||
| @@ -0,0 +1,92 @@ | |||
| 1 | #!/bin/bash | ||
| 2 | |||
| 3 | die() { printf '%s\n' "$*" >&2; exit 1; } | ||
| 4 | |||
| 5 | sql_string() | ||
| 6 | { | ||
| 7 | printf '%s' "'${1//\'/\'\'}'" | ||
| 8 | } | ||
| 9 | |||
| 10 | powerdns_sqlite_add_replace_record() | ||
| 11 | { | ||
| 12 | local sql_new_domain="$(sql_string "$1.$3")" | ||
| 13 | local sql_ip_address="$(sql_string "$2")" | ||
| 14 | local sql_domain="$(sql_string "$3")" | ||
| 15 | local record_type="$(sql_string "$4")" | ||
| 16 | |||
| 17 | DBDIR=/etc/powerdns | ||
| 18 | DBNAME=powerdns.sqlite3 | ||
| 19 | DB=$DBDIR/$DBNAME | ||
| 20 | |||
| 21 | test -r $DB && test -w $DB || die "Wrong permissions on $DB" | ||
| 22 | test -r $DBDIR && test -w $DBDIR || die "Wrong permissions on $DBDIR" | ||
| 23 | |||
| 24 | sqlite3 $DB <<END | ||
| 25 | ${SQL_ECHO:+.echo on} | ||
| 26 | BEGIN; | ||
| 27 | DELETE FROM records WHERE type=$record_type AND name=$sql_new_domain; | ||
| 28 | |||
| 29 | INSERT INTO records | ||
| 30 | |||
| 31 | (domain_id, | ||
| 32 | name, | ||
| 33 | type, | ||
| 34 | content, | ||
| 35 | ttl, | ||
| 36 | prio) | ||
| 37 | |||
| 38 | SELECT | ||
| 39 | id, | ||
| 40 | $sql_new_domain, | ||
| 41 | $record_type, | ||
| 42 | $sql_ip_address, | ||
| 43 | 3600, | ||
| 44 | 0 | ||
| 45 | FROM domains | ||
| 46 | WHERE name=$sql_domain; | ||
| 47 | COMMIT; | ||
| 48 | END | ||
| 49 | } | ||
| 50 | |||
| 51 | add() | ||
| 52 | { | ||
| 53 | local record_type | ||
| 54 | case "$2" in | ||
| 55 | *.*.*.*) record_type=A ;; | ||
| 56 | *:*) record_type=AAAA ;; | ||
| 57 | *) exit 1 ;; | ||
| 58 | esac | ||
| 59 | |||
| 60 | powerdns_sqlite_add_replace_record "$1" "$2" "$domain" "$record_type" \ | ||
| 61 | && printf '%s %s\n' "$1.$domain $2" | ||
| 62 | } | ||
| 63 | |||
| 64 | main() | ||
| 65 | { | ||
| 66 | add "$subdomain" "$ip_address" | ||
| 67 | |||
| 68 | set -- $SSH_ORIGINAL_COMMAND | ||
| 69 | while [ $# -ge 2 ]; do | ||
| 70 | d=$1 | ||
| 71 | ip=$2 | ||
| 72 | shift 2 | ||
| 73 | |||
| 74 | case "$d" in | ||
| 75 | *.*) continue;; | ||
| 76 | esac | ||
| 77 | |||
| 78 | add "$d.$subdomain" "$ip" | ||
| 79 | done | ||
| 80 | } | ||
| 81 | |||
| 82 | PEM_DEST=$HOME/public_rsync | ||
| 83 | |||
| 84 | PATH=$HOME/bin:$PATH | ||
| 85 | |||
| 86 | eval "$(samizdat-ssh-uid --copy-pem "$PEM_DEST")" | ||
| 87 | |||
| 88 | domain=${SSH_CLIENT_DOMAIN} | ||
| 89 | subdomain=${SSH_CLIENT_FINGERPRINT} | ||
| 90 | ip_address=${SSH_CLIENT%% *} | ||
| 91 | |||
| 92 | main "$@" | ||
diff --git a/etc/powerdns/fixperms.sh b/etc/powerdns/fixperms.sh new file mode 100755 index 0000000..4879313 --- /dev/null +++ b/etc/powerdns/fixperms.sh | |||
| @@ -0,0 +1,5 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | set -ex | ||
| 3 | set -- /etc/powerdns /etc/powerdns/powerdns.sqlite3* | ||
| 4 | chown pdns.dyndns "$@" | ||
| 5 | chmod ug+rw "$@" | ||
diff --git a/etc/powerdns/named.conf b/etc/powerdns/named.conf new file mode 100644 index 0000000..7b8f760 --- /dev/null +++ b/etc/powerdns/named.conf | |||
| @@ -0,0 +1,10 @@ | |||
| 1 | # Debian default: supermaster created zones are written here: | ||
| 2 | include "/var/lib/powerdns/supermaster.conf"; | ||
| 3 | |||
| 4 | # Example for a manually configured slave zone: | ||
| 5 | # | ||
| 6 | # zone "example.net" { | ||
| 7 | # file "/var/lib/powerdns/zones.slave.d/example.net.zone"; | ||
| 8 | # type slave; | ||
| 9 | # masters { 192.0.2.53; }; | ||
| 10 | # }; | ||
diff --git a/etc/powerdns/pdns.conf b/etc/powerdns/pdns.conf new file mode 100644 index 0000000..50ffa39 --- /dev/null +++ b/etc/powerdns/pdns.conf | |||
| @@ -0,0 +1,17 @@ | |||
| 1 | # config-dir=/etc/powerdns | ||
| 2 | # include-dir=/etc/powerdns/pdns.d | ||
| 3 | |||
| 4 | local-address=0.0.0.0 | ||
| 5 | setgid=pdns | ||
| 6 | setuid=pdns | ||
| 7 | |||
| 8 | launch=tinydns | ||
| 9 | tinydns-dbfile=/etc/powerdns/tinydns.cdb | ||
| 10 | |||
| 11 | launch+=gsqlite3 | ||
| 12 | gsqlite3-database=/etc/powerdns/powerdns.sqlite3 | ||
| 13 | gsqlite3-dnssec=yes | ||
| 14 | |||
| 15 | master | ||
| 16 | daemon=yes | ||
| 17 | guardian=yes | ||
diff --git a/etc/powerdns/pdns.d/bind.conf b/etc/powerdns/pdns.d/bind.conf new file mode 100644 index 0000000..01775c1 --- /dev/null +++ b/etc/powerdns/pdns.d/bind.conf | |||
| @@ -0,0 +1,2 @@ | |||
| 1 | launch+=bind | ||
| 2 | bind-config=/etc/powerdns/named.conf | ||
diff --git a/etc/powerdns/pdns.d/pdns.local.conf b/etc/powerdns/pdns.d/pdns.local.conf new file mode 100644 index 0000000..3616b88 --- /dev/null +++ b/etc/powerdns/pdns.d/pdns.local.conf | |||
| @@ -0,0 +1,3 @@ | |||
| 1 | # Here come the local changes the user made, like configuration of | ||
| 2 | # the several backends that exist. | ||
| 3 | |||
diff --git a/etc/powerdns/pdns.d/pdns.local.gsqlite3.conf b/etc/powerdns/pdns.d/pdns.local.gsqlite3.conf new file mode 100644 index 0000000..ccde43f --- /dev/null +++ b/etc/powerdns/pdns.d/pdns.local.gsqlite3.conf | |||
| @@ -0,0 +1,8 @@ | |||
| 1 | # Configuration for gsqlite | ||
| 2 | # | ||
| 3 | # Launch gsqlite3 | ||
| 4 | launch+=gsqlite3 | ||
| 5 | |||
| 6 | # Database location | ||
| 7 | gsqlite3-database=/var/lib/powerdns/pdns.sqlite3 | ||
| 8 | gsqlite3-dnssec=on | ||
diff --git a/etc/powerdns/powerdns.sqlite3 b/etc/powerdns/powerdns.sqlite3 new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/etc/powerdns/powerdns.sqlite3 | |||
diff --git a/etc/sources.list.d/pdns.list b/etc/sources.list.d/pdns.list new file mode 100644 index 0000000..795d281 --- /dev/null +++ b/etc/sources.list.d/pdns.list | |||
| @@ -0,0 +1 @@ | |||
| deb http://repo.powerdns.com/debian stretch-auth-42 main | |||