terom@525: #!/bin/bash terom@525: # vim: set ft=sh : terom@525: terom@525: set -ue terom@525: terom@575: # resolve $0 -> bin/update terom@551: self=$0 terom@551: while [ -L $self ]; do terom@554: tgt=$(readlink $self) terom@554: terom@554: if [ "${tgt:0:1}" == "/" ]; then terom@554: self=$tgt terom@554: else terom@554: self=$(dirname $self)/$tgt terom@554: fi terom@551: done terom@551: terom@567: # Our bin dir, with scripts terom@551: BIN=$(dirname $self) terom@525: terom@575: # code root terom@575: CODE=$(dirname $BIN) terom@575: terom@577: # library code terom@575: LIB=$CODE/lib terom@575: terom@575: ## Data paths terom@575: # absolute path to data files; can be changed using -d terom@575: ROOT=$(pwd) terom@575: terom@544: DATA=settings terom@530: ZONES=zones terom@544: SERIALS=$DATA terom@575: terom@585: DHCP=dhcp terom@584: DHCP_DATA=$DATA/dhcp terom@585: terom@585: # global DHCP conf to test terom@585: DHCPD=/usr/sbin/dhcpd terom@585: DHCPD_CONF=/etc/dhcp/dhcpd.conf terom@589: DHCPD_INIT=/etc/init.d/isc-dhcp-server terom@584: terom@575: # hg repo to commit terom@572: REPO=$DATA terom@525: terom@575: ## Settings used in lib terom@575: # Hide files under repo in commit diff output.. terom@573: REPO_HIDE='*.serial' terom@573: terom@575: # XXX: hosts data input charset? terom@525: PROCESS_ARGS='--input-charset latin-1' terom@589: DHCP_FILE_ARGS='--input-charset latin-1' terom@525: terom@575: # External bins terom@533: NAMED_CHECKZONE=/usr/sbin/named-checkzone terom@581: terom@554: HG=/usr/bin/hg terom@581: HG_ARGS=(--config trusted.users=root) terom@581: terom@550: RNDC=/usr/sbin/rndc terom@575: terom@575: # Path to rndc key, must be readable to run.. terom@569: RNDC_KEY=/etc/bind/rndc.key terom@533: terom@575: ## Library includes terom@575: # Command-line argument handling terom@575: source $LIB/update.args terom@530: terom@575: # Logging terom@575: source $LIB/update.logging terom@559: terom@575: # Utility functions terom@575: source $LIB/update.utils terom@536: terom@575: # Dependency-based updates terom@575: source $LIB/update.updates terom@533: terom@577: # Operations; the functions called from run() terom@575: source $LIB/update.operations terom@567: terom@589: ## Flags terom@589: # set by do_reload_zone if zone data has actually been reloaded terom@589: RELOAD_ZONES= terom@544: terom@567: ## Site settings, used as arguments to scripts terom@567: # MX record to generate in hosts --forward-zone terom@567: FORWARD_MX=mail terom@530: terom@567: # IP network to generate reverse records for in --reverse-zone terom@567: REVERSE_ZONE=194.197.235 terom@561: terom@567: # Origin domain to generate reverse records for in --reverse-zone terom@567: REVERSE_DOMAIN=paivola.fi terom@551: terom@567: # Views used terom@567: VIEWS=(internal external) terom@567: terom@567: # Base domain zone for domains terom@567: DOMAIN_BASE=paivola terom@567: terom@567: # List of actual domains used; will be linked to $DOMAIN_BASE terom@567: DOMAINS=(paivola.fi paivola.net paivola.org paivola.info paivola.mobi xn--pivl-load8j.fi) terom@567: terom@586: # Names of dhcp conf files terom@586: DHCP_CONFS=(paivola veturi verstas) terom@577: terom@567: ## Operate! terom@577: # these functions are all defined in lib/update.operations terom@585: terom@585: # Update $ZONES/$DHCP host-files from $DATA terom@584: function run_hosts { terom@567: ## Hosts terom@550: # test terom@536: log "Testing hosts..." terom@567: # data args... terom@567: check_hosts $DATA/paivola.txt --check-exempt ufc terom@530: terom@550: # update terom@530: log "Generating host zones..." terom@567: # hosts data args... terom@561: update_hosts $ZONES/hosts/paivola:internal $DATA/paivola.txt --forward-zone --forward-txt --forward-mx $FORWARD_MX terom@561: update_hosts $ZONES/hosts/paivola:external $DATA/paivola.txt --forward-zone terom@561: update_hosts $ZONES/hosts/194.197.235 $DATA/paivola.txt --reverse-zone $REVERSE_ZONE --reverse-domain $REVERSE_DOMAIN terom@559: terom@559: terom@561: update_hosts $ZONES/hosts/10 $DATA/pvl.txt --reverse-zone 10 --reverse-domain pvl -q terom@561: update_hosts $ZONES/hosts/192.168 $DATA/pvl.txt --reverse-zone 192.168 --reverse-domain pvl -q terom@559: terom@561: # XXX: unsupported --forward-zone with pvl.txt terom@561: # update_hosts $ZONES/hosts/pvl $DATA/pvl.txt --forward-zone terom@561: copy_hosts $ZONES/hosts/pvl $DATA/pvl.txt terom@584: } terom@585: terom@585: # Update $ZONES files terom@584: function run_zones { terom@567: ## Includes terom@561: log "Copying zone includes..." terom@561: # view zone base terom@561: copy_zone includes paivola:internal paivola.zone.internal terom@561: copy_zone includes paivola:external paivola.zone.external terom@561: copy_zone includes paivola.auto paivola.zone.auto terom@561: copy_zone includes paivola.services paivola.zone.services terom@525: terom@567: ## Serials terom@565: log "Updating serials..." terom@541: terom@567: # zone deps... terom@568: # includes... terom@568: update_serial pvl $ZONES/hosts/pvl $DATA/pvl.zone terom@568: update_serial 10 $ZONES/hosts/10 $DATA/10.zone terom@568: update_serial 192.168 $ZONES/hosts/192.168 $DATA/192.168.zone terom@559: terom@568: update_serial paivola $ZONES/hosts/paivola:* $DATA/paivola.zone \ terom@567: $ZONES/includes/paivola:* \ terom@567: $ZONES/includes/paivola.* terom@565: terom@568: update_serial 194.197.235 $ZONES/hosts/194.197.235 $DATA/194.197.235.zone terom@536: terom@567: ## Zones terom@561: log "Updating zones..." terom@561: # view zone base terom@561: update_zone internal pvl terom@561: update_zone internal paivola terom@561: update_zone external paivola terom@533: terom@561: update_zone internal 10 terom@561: update_zone internal 192.168 terom@559: terom@561: update_zone common 194.197.235 terom@561: link_zone internal 194.197.235 terom@561: link_zone external 194.197.235 terom@559: terom@567: ## Test terom@533: log "Testing zones..." terom@561: # view zone origin terom@561: check_zone internal paivola paivola.fi terom@561: check_zone external paivola paivola.fi terom@559: terom@561: check_zone internal 10 10.in-addr.arpa terom@561: check_zone internal 192.168 192.168.in-addr.arpa terom@561: check_zone common 194.197.235 235.197.194.in-addr.arpa terom@533: terom@567: ## Domains... terom@567: log "Linking domains..." terom@567: for view in "${VIEWS[@]}"; do terom@567: for zone in "${DOMAINS[@]}"; do terom@567: # link terom@567: link_zone $view $zone $DOMAIN_BASE terom@553: terom@567: # test terom@567: check_zone $view $zone $zone terom@567: done terom@553: done terom@584: } terom@567: terom@585: # Update $DHCP files from $DATA/dhcp terom@585: function run_dhcp { terom@587: log "Copying DHCP configs..." terom@586: for conf in "${DHCP_CONFS[@]}"; do terom@586: # conf base terom@586: check_dhcp_conf $conf terom@587: copy_dhcp_conf $conf terom@585: done terom@585: terom@585: log "Testing dhcp..." terom@586: # this is partially redundant with the above check_dhcp_hosts, but doesn't matter terom@585: check_dhcp terom@585: } terom@585: terom@589: # Runs DHCP checks, once DNS hosts have been updated terom@589: function run_dhcp_check { terom@589: log "Testing dhcp hosts..." terom@589: for conf in "${DHCP_CONFS[@]}"; do terom@589: check_dhcp_hosts $DHCP/$conf.conf terom@589: done terom@589: } terom@589: terom@584: function run_deploy { terom@584: ## Reload zones terom@584: log "Reload zones..." terom@584: reload_zones terom@567: terom@589: ## DHCP terom@589: run_dhcp_check terom@589: terom@589: log "Reload dhcp..." terom@589: reload_dhcp terom@589: terom@567: ## Commit terom@567: log "Commit data..." terom@567: commit_data terom@567: } terom@567: terom@567: ## Main entry point terom@567: function main { terom@567: # test tty terom@567: [ -t 1 ] && IS_TTY=y terom@567: terom@567: parse_args "$@" terom@567: terom@585: ## Input dirs terom@567: [ -d $ROOT/$DATA ] || die "Missing data: $ROOT/$DATA" terom@567: terom@567: ## Output dirs terom@585: for dir in $DHCP $ZONES; do terom@585: ensure_dir $dir terom@585: done terom@585: terom@567: for dir in "common" "hosts" "includes" "${VIEWS[@]}"; do terom@585: ensure_dir $ZONES/$dir terom@553: done terom@553: terom@567: ## Go terom@584: run_hosts terom@584: run_zones terom@585: run_dhcp terom@584: run_deploy terom@525: } terom@525: terom@530: main "$@"