1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-22 02:17:26 +00:00
mailinabox/scripts/dns_update.sh

107 lines
2.8 KiB
Bash
Executable File

# Create nsd.conf and zone files, and updates the OpenDKIM signing tables.
source /etc/mailinabox.conf
PUBLIC_IP=`cat $STORAGE_ROOT/dns/our_ip`
PRIMARY_HOSTNAME=`cat $STORAGE_ROOT/dns/primary_hostname`
# Ensure a zone file exists for every domain name of a mail user.
for mail_user in `tools/mail.py user`; do
domain=`echo $mail_user | sed s/.*@//`
if [ ! -f $STORAGE_ROOT/dns/$domain.txt ]; then
echo "" > $STORAGE_ROOT/dns/$domain.txt;
fi
done
# Create the top of nsd.conf.
cat > /etc/nsd3/nsd.conf << EOF;
server:
hide-version: yes
# identify the server (CH TXT ID.SERVER entry).
identity: ""
# The directory for zonefile: files.
zonesdir: "/etc/nsd3/zones"
# ZONES
EOF
# For every zone file in our dns directory, build a proper zone
# file and mention it in nsd.conf. And add information to the
# OpenDKIM signing tables.
mkdir -p /etc/nsd3/zones;
truncate --size 0 /etc/opendkim/KeyTable
truncate --size 0 /etc/opendkim/SigningTable
for fn in $STORAGE_ROOT/dns/*.txt; do
fn2=`basename $fn`
zone=`echo $fn2 | sed "s/.txt\$//"`
# If the zone file exists, increment the serial number.
# TODO: This needs to be done better so that the existing serial number is
# persisted in the storage area.
serial=`date +"%Y%m%d00"`
if [ -f /etc/nsd3/zones/$fn2 ]; then
existing_serial=`grep "serial number" /etc/nsd3/zones/$fn2 | sed "s/; serial number//"`
if [ ! -z "$existing_serial" ]; then
serial=`echo $existing_serial + 1 | bc`
fi
fi
cat > /etc/nsd3/zones/$fn2 << EOF;
\$ORIGIN $zone. ; default zone domain
\$TTL 86400 ; default time to live
@ IN SOA ns1.$zone. domain_contact.$zone. (
$serial ; serial number
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.$zone.
NS ns2.$zone.
IN A $PUBLIC_IP
MX 10 mail.$zone.
300 TXT "v=spf1 mx -all"
ns1 IN A $PUBLIC_IP
ns2 IN A $PUBLIC_IP
mail IN A $PUBLIC_IP
www IN A $PUBLIC_IP
EOF
# If OpenDKIM is set up, append that information to the zone.
if [ -f "$STORAGE_ROOT/mail/dkim/mail.txt" ]; then
cat "$STORAGE_ROOT/mail/dkim/mail.txt" >> /etc/nsd3/zones/$fn2;
fi
cat >> /etc/nsd3/nsd.conf << EOF;
zone:
name: $zone
zonefile: $fn2
EOF
# OpenDKIM
# For every domain, we sign against the key listed in PRIMARY_HOSTNAME's DNS,
# in case the user is just delegating MX and hasn't set the DKIM info on the
# main DNS record.
echo "$zone $PRIMARY_HOSTNAME:mail:$STORAGE_ROOT/mail/dkim/mail.private" >> /etc/opendkim/KeyTable
echo "*@$zone $zone" >> /etc/opendkim/SigningTable
done
# Kick nsd.
service nsd3 rebuild
service nsd3 restart # ensure it is running
# Kick opendkim.
service opendkim restart