terom@2: #!/bin/bash terom@2: # vim: set ft=sh : terom@2: terom@2: set -ue terom@2: terom@52: # resolve $0 -> bin/update terom@28: self=$0 terom@28: while [ -L $self ]; do terom@31: tgt=$(readlink $self) terom@31: terom@31: if [ "${tgt:0:1}" == "/" ]; then terom@31: self=$tgt terom@31: else terom@31: self=$(dirname $self)/$tgt terom@31: fi terom@28: done terom@28: terom@44: # Our bin dir, with scripts terom@28: BIN=$(dirname $self) terom@2: terom@52: # code root terom@52: CODE=$(dirname $BIN) terom@52: terom@54: # library code terom@52: LIB=$CODE/lib terom@52: terom@52: ## Data paths terom@52: # absolute path to data files; can be changed using -d terom@52: ROOT=$(pwd) terom@52: terom@21: DATA=settings terom@7: ZONES=zones terom@21: SERIALS=$DATA terom@52: terom@62: DHCP=dhcp terom@61: DHCP_DATA=$DATA/dhcp terom@62: terom@62: # global DHCP conf to test terom@62: DHCPD=/usr/sbin/dhcpd terom@62: DHCPD_CONF=/etc/dhcp/dhcpd.conf terom@66: DHCPD_INIT=/etc/init.d/isc-dhcp-server terom@61: terom@52: # hg repo to commit terom@49: REPO=$DATA terom@2: terom@52: ## Settings used in lib terom@52: # Hide files under repo in commit diff output.. terom@50: REPO_HIDE='*.serial' terom@50: terom@52: # XXX: hosts data input charset? terom@2: PROCESS_ARGS='--input-charset latin-1' terom@66: DHCP_FILE_ARGS='--input-charset latin-1' terom@2: terom@52: # External bins terom@10: NAMED_CHECKZONE=/usr/sbin/named-checkzone terom@58: terom@31: HG=/usr/bin/hg terom@58: HG_ARGS=(--config trusted.users=root) terom@58: terom@27: RNDC=/usr/sbin/rndc terom@52: terom@52: # Path to rndc key, must be readable to run.. terom@46: RNDC_KEY=/etc/bind/rndc.key terom@10: terom@52: ## Library includes terom@52: # Command-line argument handling terom@52: source $LIB/update.args terom@7: terom@52: # Logging terom@52: source $LIB/update.logging terom@36: terom@52: # Utility functions terom@52: source $LIB/update.utils terom@13: terom@52: # Dependency-based updates terom@52: source $LIB/update.updates terom@10: terom@54: # Operations; the functions called from run() terom@52: source $LIB/update.operations terom@44: terom@66: ## Flags terom@66: # set by do_reload_zone if zone data has actually been reloaded terom@66: RELOAD_ZONES= terom@21: terom@44: ## Site settings, used as arguments to scripts terom@44: # MX record to generate in hosts --forward-zone terom@44: FORWARD_MX=mail terom@7: terom@44: # IP network to generate reverse records for in --reverse-zone terom@44: REVERSE_ZONE=194.197.235 terom@38: terom@44: # Origin domain to generate reverse records for in --reverse-zone terom@44: REVERSE_DOMAIN=paivola.fi terom@28: terom@44: # Views used terom@44: VIEWS=(internal external) terom@44: terom@44: # Base domain zone for domains terom@44: DOMAIN_BASE=paivola terom@44: terom@44: # List of actual domains used; will be linked to $DOMAIN_BASE terom@44: DOMAINS=(paivola.fi paivola.net paivola.org paivola.info paivola.mobi xn--pivl-load8j.fi) terom@44: terom@69: # Names of dhcp conf file names terom@69: DHCP_CONFS=( $(list_files $DHCP_DATA *.conf) ) terom@54: terom@44: ## Operate! terom@54: # these functions are all defined in lib/update.operations terom@62: terom@62: # Update $ZONES/$DHCP host-files from $DATA terom@61: function run_hosts { terom@44: ## Hosts terom@27: # test terom@13: log "Testing hosts..." terom@44: # data args... terom@44: check_hosts $DATA/paivola.txt --check-exempt ufc terom@7: terom@27: # update terom@7: log "Generating host zones..." terom@44: # hosts data args... terom@38: update_hosts $ZONES/hosts/paivola:internal $DATA/paivola.txt --forward-zone --forward-txt --forward-mx $FORWARD_MX terom@38: update_hosts $ZONES/hosts/paivola:external $DATA/paivola.txt --forward-zone terom@38: update_hosts $ZONES/hosts/194.197.235 $DATA/paivola.txt --reverse-zone $REVERSE_ZONE --reverse-domain $REVERSE_DOMAIN terom@36: terom@36: terom@38: update_hosts $ZONES/hosts/10 $DATA/pvl.txt --reverse-zone 10 --reverse-domain pvl -q terom@38: update_hosts $ZONES/hosts/192.168 $DATA/pvl.txt --reverse-zone 192.168 --reverse-domain pvl -q terom@36: terom@38: # XXX: unsupported --forward-zone with pvl.txt terom@38: # update_hosts $ZONES/hosts/pvl $DATA/pvl.txt --forward-zone terom@38: copy_hosts $ZONES/hosts/pvl $DATA/pvl.txt terom@61: } terom@62: terom@62: # Update $ZONES files terom@61: function run_zones { terom@44: ## Includes terom@38: log "Copying zone includes..." terom@38: # view zone base terom@38: copy_zone includes paivola:internal paivola.zone.internal terom@38: copy_zone includes paivola:external paivola.zone.external terom@38: copy_zone includes paivola.auto paivola.zone.auto terom@38: copy_zone includes paivola.services paivola.zone.services terom@2: terom@44: ## Serials terom@42: log "Updating serials..." terom@18: terom@44: # zone deps... terom@45: # includes... terom@45: update_serial pvl $ZONES/hosts/pvl $DATA/pvl.zone terom@45: update_serial 10 $ZONES/hosts/10 $DATA/10.zone terom@45: update_serial 192.168 $ZONES/hosts/192.168 $DATA/192.168.zone terom@36: terom@45: update_serial paivola $ZONES/hosts/paivola:* $DATA/paivola.zone \ terom@44: $ZONES/includes/paivola:* \ terom@44: $ZONES/includes/paivola.* terom@42: terom@45: update_serial 194.197.235 $ZONES/hosts/194.197.235 $DATA/194.197.235.zone terom@13: terom@44: ## Zones terom@38: log "Updating zones..." terom@38: # view zone base terom@38: update_zone internal pvl terom@38: update_zone internal paivola terom@38: update_zone external paivola terom@10: terom@38: update_zone internal 10 terom@38: update_zone internal 192.168 terom@36: terom@38: update_zone common 194.197.235 terom@38: link_zone internal 194.197.235 terom@38: link_zone external 194.197.235 terom@36: terom@44: ## Test terom@10: log "Testing zones..." terom@38: # view zone origin terom@38: check_zone internal paivola paivola.fi terom@38: check_zone external paivola paivola.fi terom@36: terom@38: check_zone internal 10 10.in-addr.arpa terom@38: check_zone internal 192.168 192.168.in-addr.arpa terom@38: check_zone common 194.197.235 235.197.194.in-addr.arpa terom@10: terom@44: ## Domains... terom@44: log "Linking domains..." terom@44: for view in "${VIEWS[@]}"; do terom@44: for zone in "${DOMAINS[@]}"; do terom@44: # link terom@44: link_zone $view $zone $DOMAIN_BASE terom@30: terom@44: # test terom@44: check_zone $view $zone $zone terom@44: done terom@30: done terom@61: } terom@44: terom@62: # Update $DHCP files from $DATA/dhcp terom@62: function run_dhcp { terom@69: log_debug "DHCP_CONFS: ${DHCP_CONFS[*]}" terom@69: terom@64: log "Copying DHCP configs..." terom@63: for conf in "${DHCP_CONFS[@]}"; do terom@70: # XXX: ei toimi, koska conf:it riippuu toisistaan include:ien takia terom@70: # check_dhcp_conf $conf terom@70: terom@63: # conf base terom@64: copy_dhcp_conf $conf terom@62: done terom@62: terom@62: log "Testing dhcp..." terom@70: # checks the whole dhcpd.conf, with all includes.. terom@62: check_dhcp terom@62: } terom@62: terom@66: # Runs DHCP checks, once DNS hosts have been updated terom@66: function run_dhcp_check { terom@66: log "Testing dhcp hosts..." terom@66: for conf in "${DHCP_CONFS[@]}"; do terom@66: check_dhcp_hosts $DHCP/$conf.conf terom@66: done terom@66: } terom@66: terom@61: function run_deploy { terom@61: ## Reload zones terom@61: log "Reload zones..." terom@61: reload_zones terom@44: terom@66: ## DHCP terom@66: run_dhcp_check terom@66: terom@66: log "Reload dhcp..." terom@66: reload_dhcp terom@66: terom@44: ## Commit terom@44: log "Commit data..." terom@44: commit_data terom@44: } terom@44: terom@44: ## Main entry point terom@44: function main { terom@44: # test tty terom@44: [ -t 1 ] && IS_TTY=y terom@44: terom@44: parse_args "$@" terom@44: terom@62: ## Input dirs terom@44: [ -d $ROOT/$DATA ] || die "Missing data: $ROOT/$DATA" terom@44: terom@44: ## Output dirs terom@62: for dir in $DHCP $ZONES; do terom@62: ensure_dir $dir terom@62: done terom@62: terom@44: for dir in "common" "hosts" "includes" "${VIEWS[@]}"; do terom@62: ensure_dir $ZONES/$dir terom@30: done terom@30: terom@44: ## Go terom@61: run_hosts terom@61: run_zones terom@62: run_dhcp terom@61: run_deploy terom@2: } terom@2: terom@7: main "$@"