From 4ec1c129c1e115242ccde4aeb3a9ce11d74630d2 Mon Sep 17 00:00:00 2001 From: casjay Date: Tue, 27 Aug 2024 10:57:10 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=97=83=EF=B8=8F=20Committing=20everything?= =?UTF-8?q?=20that=20changed=20=F0=9F=97=83=EF=B8=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit rootfs/tmp/etc/bind/named.conf rootfs/usr/local/etc/docker/init.d/00-named.sh --- rootfs/tmp/etc/bind/named.conf | 6 +++--- rootfs/usr/local/etc/docker/init.d/00-named.sh | 10 +++++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/rootfs/tmp/etc/bind/named.conf b/rootfs/tmp/etc/bind/named.conf index 9862283..05e1100 100644 --- a/rootfs/tmp/etc/bind/named.conf +++ b/rootfs/tmp/etc/bind/named.conf @@ -11,7 +11,7 @@ controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; }; ##################################################################### # access settings acl "all" { 0.0.0.0/0; ::/0; }; -acl "secondary" { DNS_SERVER_SECONDARY; }; +acl "secondary" { REPLACE_DNS_SERVER_SECONDARY; }; acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; }; acl "updates" { key "dhcp-key"; key "certbot."; }; acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; }; @@ -27,9 +27,9 @@ options { max-ncache-ttl 10800; max-udp-size 4096; notify yes; - also-notify { DNS_SERVER_SECONDARY; }; + also-notify { REPLACE_DNS_SERVER_SECONDARY; }; allow-update { updates; }; - allow-update-forwarding { DNS_SERVER_SECONDARY; }; + allow-update-forwarding { REPLACE_DNS_SERVER_SECONDARY; }; allow-transfer { trusted; }; transfer-format many-answers; allow-query { any; }; diff --git a/rootfs/usr/local/etc/docker/init.d/00-named.sh b/rootfs/usr/local/etc/docker/init.d/00-named.sh index 8a9052f..6a6b896 100755 --- a/rootfs/usr/local/etc/docker/init.d/00-named.sh +++ b/rootfs/usr/local/etc/docker/init.d/00-named.sh @@ -236,7 +236,7 @@ __update_conf_files() { # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # custom commands - mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$DATA_DIR/zones" "$DATA_DIR/stats" + mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$VAR_DIR/slaves" "$DATA_DIR/zones" "$DATA_DIR/stats" for logfile in xfer update notify querylog default debug security; do touch "$LOG_DIR/$logfile.log" chmod -Rf 777 "$logfile" @@ -248,12 +248,14 @@ __update_conf_files() { __replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf" + __replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/rndc.key" __replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$CONF_DIR/named.conf" + __replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions if [ -f "$CONF_DIR/custom.conf" ]; then @@ -291,12 +293,13 @@ EOF cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name" if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then if [ "$DNS_TYPE" = "secondary" ]; then + echo "" >"$VAR_DIR/slaves/$file_name" cat <>"$ETC_DIR/named.conf" # ********** begin $domain_name ********** zone "$domain_name" { type slave; masters { $DNS_SERVER_PRIMARY; }; - file "$VAR_DIR/zones/$file_name"; + file "$VAR_DIR/slaves/$file_name"; }; # ********** end $domain_name ********** @@ -307,8 +310,9 @@ EOF zone "$domain_name" { type master; notify yes; - allow-update {key "certbot."; key "dhcp-key"; trusted; }; + also-notify { $DNS_SERVER_SECONDARY; }; allow-transfer { any; key "backup-key"; trusted; }; + allow-update {key "certbot."; key "dhcp-key"; trusted; }; file "$VAR_DIR/zones/$file_name"; }; # ********** end $domain_name **********