Update to be compatible with Ubuntu 12 and newer

This commit is contained in:
Alice Chen 2014-10-09 23:47:43 -07:00
parent 929ef89a40
commit 0e61e8274c
5 changed files with 21 additions and 15 deletions

View File

@ -70,7 +70,7 @@ def do_dns_update(env, force=False):
additional_records = get_custom_dns_config(env)
# Write zone files.
os.makedirs('/etc/nsd/zones', exist_ok=True)
os.makedirs('/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones', exist_ok=True)
updated_domains = []
for i, (domain, zonefile) in enumerate(zonefiles):
# Build the records to put in the zone.
@ -78,7 +78,7 @@ def do_dns_update(env, force=False):
# See if the zone has changed, and if so update the serial number
# and write the zone file.
if not write_nsd_zone(domain, "/etc/nsd/zones/" + zonefile, records, env, force):
if not write_nsd_zone(domain, "/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile, records, env, force):
# Zone was not updated. There were no changes.
continue
@ -119,7 +119,7 @@ def do_dns_update(env, force=False):
# Kick nsd if anything changed.
if len(updated_domains) > 0:
shell('check_call', ["/usr/sbin/service", "nsd", "restart"])
shell('check_call', ["/usr/sbin/service", env.get("NSD_PACKAGE", "nsd"), "restart"])
# Write the OpenDKIM configuration tables.
if write_opendkim_tables(zonefiles, env):
@ -465,8 +465,8 @@ server:
identity: ""
# The directory for zonefile: files.
zonesdir: "/etc/nsd/zones"
"""
nsdconf += ' zonesdir: "/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones"'
# Since we have bind9 listening on localhost for locally-generated
# DNS queries that require a recursive nameserver, and the system
@ -499,11 +499,11 @@ zone:
# Check if the nsd.conf is changing. If it isn't changing,
# return False to flag that no change was made.
with open("/etc/nsd/nsd.conf") as f:
with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/nsd.conf") as f:
if f.read() == nsdconf:
return False
with open("/etc/nsd/nsd.conf", "w") as f:
with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/nsd.conf", "w") as f:
f.write(nsdconf)
return True
@ -562,7 +562,7 @@ def sign_zone(domain, zonefile, env):
"-n",
# zonefile to sign
"/etc/nsd/zones/" + zonefile,
"/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile,
# keys to sign with (order doesn't matter -- it'll figure it out)
dnssec_keys["KSK"],
@ -577,7 +577,7 @@ def sign_zone(domain, zonefile, env):
# We want to be able to validate DS records too, but multiple forms may be valid depending
# on the digest type. So we'll write all (both) valid records. Only one DS record should
# actually be deployed. Preferebly the first.
with open("/etc/nsd/zones/" + zonefile + ".ds", "w") as f:
with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile + ".ds", "w") as f:
for digest_type in ('2', '1'):
rr_ds = shell('check_output', ["/usr/bin/ldns-key2ds",
"-n", # output to stdout

View File

@ -213,7 +213,7 @@ def check_dnssec(domain, env, dns_zonefiles, is_checking_primary=False):
# See if the domain has a DS record set at the registrar. The DS record may have
# several forms. We have to be prepared to check for any valid record. We've
# pre-generated all of the valid digests --- read them in.
ds_correct = open('/etc/nsd/zones/' + dns_zonefiles[domain] + '.ds').read().strip().split("\n")
ds_correct = open('/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones/' + dns_zonefiles[domain] + '.ds').read().strip().split("\n")
digests = { }
for rr_ds in ds_correct:
ds_keytag, ds_alg, ds_digalg, ds_digest = rr_ds.split("\t")[4].split(" ")

View File

@ -27,11 +27,9 @@ fi
# * ldnsutils: Helper utilities for signing DNSSEC zones.
# * openssh-client: Provides ssh-keyscan which we use to create SSHFP records.
apt_install nsd ldnsutils openssh-client
apt_install $NSD_PACKAGE ldnsutils openssh-client
# Prepare nsd's configuration.
mkdir -p /var/run/nsd
mkdir -p /var/run/$NSD_PACKAGE
# Create DNSSEC signing keys.

View File

@ -8,8 +8,8 @@ if [[ $EUID -ne 0 ]]; then
fi
# Check that we are running on Ubuntu 14.04 LTS (or 14.04.xx).
if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" != "Ubuntu 14.04 LTS" ]; then
echo "Mail-in-a-Box only supports being installed on Ubuntu 14.04, sorry. You are running:"
if [ `lsb_release -d | sed 's/.*:\sUbuntu *//' | cut -d'.' -f1` -lt 12 ]; then
echo "Mail-in-a-Box only supports being installed on Ubuntu 12 and newer, sorry. You are running:"
echo
lsb_release -d | sed 's/.*:\s*//'
echo

View File

@ -8,6 +8,13 @@ source setup/functions.sh # load our functions
# machine with enough memory? If not, this shows an error and exits.
source setup/preflight.sh
# if Ubuntu major version is less than 14 use nsd3 package
if [ `lsb_release -d | sed 's/.*:\sUbuntu *//' | cut -d'.' -f1` -lt 14 ]; then
NSD_PACKAGE="nsd3"
else
NSD_PACKAGE="nsd"
fi
# Ensure Python reads/writes files in UTF-8. If the machine
# triggers some other locale in Python, like ASCII encoding,
# Python may not be able to read/write files. Here and in
@ -109,6 +116,7 @@ PUBLIC_IPV6=$PUBLIC_IPV6
PRIVATE_IP=$PRIVATE_IP
PRIVATE_IPV6=$PRIVATE_IPV6
CSR_COUNTRY=$CSR_COUNTRY
NSD_PACKAGE=$NSD_PACKAGE
EOF
# Start service configuration.