mirror of
https://github.com/casjaysdevdocker/bind
synced 2024-11-22 17:23:13 -05:00
🗃️ Committing everything that changed 🗃️
rootfs/tmp/etc/bind/named.conf rootfs/usr/local/etc/docker/init.d/00-named.sh
This commit is contained in:
parent
4aacfbca5f
commit
4ec1c129c1
@ -11,7 +11,7 @@ controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; };
|
|||||||
#####################################################################
|
#####################################################################
|
||||||
# access settings
|
# access settings
|
||||||
acl "all" { 0.0.0.0/0; ::/0; };
|
acl "all" { 0.0.0.0/0; ::/0; };
|
||||||
acl "secondary" { DNS_SERVER_SECONDARY; };
|
acl "secondary" { REPLACE_DNS_SERVER_SECONDARY; };
|
||||||
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
|
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
|
||||||
acl "updates" { key "dhcp-key"; key "certbot."; };
|
acl "updates" { key "dhcp-key"; key "certbot."; };
|
||||||
acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; };
|
acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; };
|
||||||
@ -27,9 +27,9 @@ options {
|
|||||||
max-ncache-ttl 10800;
|
max-ncache-ttl 10800;
|
||||||
max-udp-size 4096;
|
max-udp-size 4096;
|
||||||
notify yes;
|
notify yes;
|
||||||
also-notify { DNS_SERVER_SECONDARY; };
|
also-notify { REPLACE_DNS_SERVER_SECONDARY; };
|
||||||
allow-update { updates; };
|
allow-update { updates; };
|
||||||
allow-update-forwarding { DNS_SERVER_SECONDARY; };
|
allow-update-forwarding { REPLACE_DNS_SERVER_SECONDARY; };
|
||||||
allow-transfer { trusted; };
|
allow-transfer { trusted; };
|
||||||
transfer-format many-answers;
|
transfer-format many-answers;
|
||||||
allow-query { any; };
|
allow-query { any; };
|
||||||
|
@ -236,7 +236,7 @@ __update_conf_files() {
|
|||||||
|
|
||||||
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
# custom commands
|
# custom commands
|
||||||
mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$DATA_DIR/zones" "$DATA_DIR/stats"
|
mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$VAR_DIR/slaves" "$DATA_DIR/zones" "$DATA_DIR/stats"
|
||||||
for logfile in xfer update notify querylog default debug security; do
|
for logfile in xfer update notify querylog default debug security; do
|
||||||
touch "$LOG_DIR/$logfile.log"
|
touch "$LOG_DIR/$logfile.log"
|
||||||
chmod -Rf 777 "$logfile"
|
chmod -Rf 777 "$logfile"
|
||||||
@ -248,12 +248,14 @@ __update_conf_files() {
|
|||||||
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf"
|
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf"
|
||||||
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf"
|
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf"
|
||||||
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf"
|
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf"
|
||||||
|
__replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf"
|
||||||
|
|
||||||
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/rndc.key"
|
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/rndc.key"
|
||||||
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/named.conf"
|
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/named.conf"
|
||||||
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$CONF_DIR/named.conf"
|
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$CONF_DIR/named.conf"
|
||||||
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$CONF_DIR/named.conf"
|
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$CONF_DIR/named.conf"
|
||||||
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$CONF_DIR/named.conf"
|
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$CONF_DIR/named.conf"
|
||||||
|
__replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf"
|
||||||
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
# define actions
|
# define actions
|
||||||
if [ -f "$CONF_DIR/custom.conf" ]; then
|
if [ -f "$CONF_DIR/custom.conf" ]; then
|
||||||
@ -291,12 +293,13 @@ EOF
|
|||||||
cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
|
cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
|
||||||
if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
|
if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
|
||||||
if [ "$DNS_TYPE" = "secondary" ]; then
|
if [ "$DNS_TYPE" = "secondary" ]; then
|
||||||
|
echo "" >"$VAR_DIR/slaves/$file_name"
|
||||||
cat <<EOF >>"$ETC_DIR/named.conf"
|
cat <<EOF >>"$ETC_DIR/named.conf"
|
||||||
# ********** begin $domain_name **********
|
# ********** begin $domain_name **********
|
||||||
zone "$domain_name" {
|
zone "$domain_name" {
|
||||||
type slave;
|
type slave;
|
||||||
masters { $DNS_SERVER_PRIMARY; };
|
masters { $DNS_SERVER_PRIMARY; };
|
||||||
file "$VAR_DIR/zones/$file_name";
|
file "$VAR_DIR/slaves/$file_name";
|
||||||
};
|
};
|
||||||
# ********** end $domain_name **********
|
# ********** end $domain_name **********
|
||||||
|
|
||||||
@ -307,8 +310,9 @@ EOF
|
|||||||
zone "$domain_name" {
|
zone "$domain_name" {
|
||||||
type master;
|
type master;
|
||||||
notify yes;
|
notify yes;
|
||||||
allow-update {key "certbot."; key "dhcp-key"; trusted; };
|
also-notify { $DNS_SERVER_SECONDARY; };
|
||||||
allow-transfer { any; key "backup-key"; trusted; };
|
allow-transfer { any; key "backup-key"; trusted; };
|
||||||
|
allow-update {key "certbot."; key "dhcp-key"; trusted; };
|
||||||
file "$VAR_DIR/zones/$file_name";
|
file "$VAR_DIR/zones/$file_name";
|
||||||
};
|
};
|
||||||
# ********** end $domain_name **********
|
# ********** end $domain_name **********
|
||||||
|
Loading…
Reference in New Issue
Block a user