external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-22 02:17:26 +00:00
Code Issues Releases Wiki Activity

move the server: block of nsd.conf out of the management daemon and into the setup scripts

Browse Source
This commit is contained in:
Joshua Tauberer 2015-05-04 11:19:48 +00:00
parent a07de38e80
commit 8886c9b6bc
2 changed files with 33 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
management/dns_update.py
View File

@ -432,25 +432,9 @@ $TTL 1800 ; default time to live
######################################################################## ########################################################################
def write_nsd_conf(zonefiles, additional_records, env): def write_nsd_conf(zonefiles, additional_records, env):
# Basic header. # Write the list of zones to a configuration file.
nsdconf = """ nsd_conf_file = "/etc/nsd/zones.conf"
server: nsdconf = ""
hide-version: yes
# identify the server (CH TXT ID.SERVER entry).
identity: ""
# The directory for zonefile: files.
zonesdir: "/etc/nsd/zones"
"""
# Since we have bind9 listening on localhost for locally-generated
# DNS queries that require a recursive nameserver, and the system
# might have other network interfaces for e.g. tunnelling, we have
# to be specific about the network interfaces that nsd binds to.
for ipaddr in (env.get("PRIVATE_IP", "") + " " + env.get("PRIVATE_IPV6", "")).split(" "):
if ipaddr == "": continue
nsdconf += " ip-address: %s\n" % ipaddr
# Append the zones. # Append the zones.
for domain, zonefile in zonefiles: for domain, zonefile in zonefiles:
@ -472,16 +456,17 @@ zone:
provide-xfr: %s NOKEY provide-xfr: %s NOKEY
""" % (ipaddr, ipaddr) """ % (ipaddr, ipaddr)
# Check if the file is changing. If it isn't changing,
# Check if the nsd.conf is changing. If it isn't changing,
# return False to flag that no change was made. # return False to flag that no change was made.
with open("/etc/nsd/nsd.conf") as f: if os.path.exists(nsd_conf_file):
if f.read() == nsdconf: with open(nsd_conf_file) as f:
return False if f.read() == nsdconf:
return False
with open("/etc/nsd/nsd.conf", "w") as f: # Write out new contents and return True to signal that
# configuration changed.
with open(nsd_conf_file, "w") as f:
f.write(nsdconf) f.write(nsdconf)
return True return True
######################################################################## ########################################################################

22
setup/dns.sh
View File

@ -22,6 +22,28 @@ apt_install nsd ldnsutils openssh-client
mkdir -p /var/run/nsd mkdir -p /var/run/nsd
cat > /etc/nsd/nsd.conf << EOF;
# No not edit. Overwritten by Mail-in-a-Box setup.
server:
hide-version: yes
# identify the server (CH TXT ID.SERVER entry).
identity: ""
# The directory for zonefile: files.
zonesdir: "/etc/nsd/zones"
EOF
# Since we have bind9 listening on localhost for locally-generated
# DNS queries that require a recursive nameserver, and the system
# might have other network interfaces for e.g. tunnelling, we have
# to be specific about the network interfaces that nsd binds to.
for ip in $PRIVATE_IP $PRIVATE_IPV6; do
echo " ip-address: $ip" >> /etc/nsd/nsd.conf;
done
echo "include: /etc/nsd/zones.conf" >> /etc/nsd/nsd.conf;
# Create DNSSEC signing keys. # Create DNSSEC signing keys.
mkdir -p "$STORAGE_ROOT/dns/dnssec"; mkdir -p "$STORAGE_ROOT/dns/dnssec";