casjaysdevdocker/bind
0
0
Fork 0
mirror of https://github.com/casjaysdevdocker/bind synced 2025-11-04 07:02:23 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

🗃️ Committing everything that changed 🗃️

Browse Source 
rootfs/tmp/etc/bind/named.conf
rootfs/usr/local/etc/docker/init.d/00-named.sh
This commit is contained in:
casjay
2024-08-27 10:57:10 -04:00
parent 4aacfbca5f
commit 4ec1c129c1
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rootfs/tmp/etc/bind/named.conf
View File

@@ -11,7 +11,7 @@ controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; };
##################################################################### #####################################################################
# access settings # access settings
acl "all" { 0.0.0.0/0; ::/0; }; acl "all" { 0.0.0.0/0; ::/0; };
acl "secondary" { DNS_SERVER_SECONDARY; }; acl "secondary" { REPLACE_DNS_SERVER_SECONDARY; };
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; }; acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
acl "updates" { key "dhcp-key"; key "certbot."; }; acl "updates" { key "dhcp-key"; key "certbot."; };
acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; }; acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; };
@@ -27,9 +27,9 @@ options {
max-ncache-ttl 10800; max-ncache-ttl 10800;
max-udp-size 4096; max-udp-size 4096;
notify yes; notify yes;
also-notify { DNS_SERVER_SECONDARY; }; also-notify { REPLACE_DNS_SERVER_SECONDARY; };
allow-update { updates; }; allow-update { updates; };
allow-update-forwarding { DNS_SERVER_SECONDARY; }; allow-update-forwarding { REPLACE_DNS_SERVER_SECONDARY; };
allow-transfer { trusted; }; allow-transfer { trusted; };
transfer-format many-answers; transfer-format many-answers;
allow-query { any; }; allow-query { any; };

10
rootfs/usr/local/etc/docker/init.d/00-named.sh
View File

@@ -236,7 +236,7 @@ __update_conf_files() {
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# custom commands # custom commands
mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$DATA_DIR/zones" "$DATA_DIR/stats" mkdir -p "$ETC_DIR/keys" "$CONF_DIR/keys" "$VAR_DIR/zones" "$VAR_DIR/slaves" "$DATA_DIR/zones" "$DATA_DIR/stats"
for logfile in xfer update notify querylog default debug security; do for logfile in xfer update notify querylog default debug security; do
touch "$LOG_DIR/$logfile.log" touch "$LOG_DIR/$logfile.log"
chmod -Rf 777 "$logfile" chmod -Rf 777 "$logfile"
@@ -248,12 +248,14 @@ __update_conf_files() {
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf"
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf"
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf" __replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf"
__replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf"
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/rndc.key" __replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/rndc.key"
__replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_RNDC" "$KEY_RNDC" "$CONF_DIR/named.conf"
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$CONF_DIR/named.conf"
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$CONF_DIR/named.conf"
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$CONF_DIR/named.conf" __replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$CONF_DIR/named.conf"
__replace "REPLACE_DNS_SERVER_SECONDARY" "$DNS_SERVER_SECONDARY" "$ETC_DIR/named.conf"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define actions # define actions
if [ -f "$CONF_DIR/custom.conf" ]; then if [ -f "$CONF_DIR/custom.conf" ]; then
@@ -291,12 +293,13 @@ EOF
cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name" cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
if [ "$DNS_TYPE" = "secondary" ]; then if [ "$DNS_TYPE" = "secondary" ]; then
echo "" >"$VAR_DIR/slaves/$file_name"
cat <<EOF >>"$ETC_DIR/named.conf" cat <<EOF >>"$ETC_DIR/named.conf"
# ********** begin $domain_name ********** # ********** begin $domain_name **********
zone "$domain_name" { zone "$domain_name" {
type slave; type slave;
masters { $DNS_SERVER_PRIMARY; }; masters { $DNS_SERVER_PRIMARY; };
file "$VAR_DIR/zones/$file_name"; file "$VAR_DIR/slaves/$file_name";
}; };
# ********** end $domain_name ********** # ********** end $domain_name **********
@@ -307,8 +310,9 @@ EOF
zone "$domain_name" { zone "$domain_name" {
type master; type master;
notify yes; notify yes;
allow-update {key "certbot."; key "dhcp-key"; trusted; }; also-notify { $DNS_SERVER_SECONDARY; };
allow-transfer { any; key "backup-key"; trusted; }; allow-transfer { any; key "backup-key"; trusted; };
allow-update {key "certbot."; key "dhcp-key"; trusted; };
file "$VAR_DIR/zones/$file_name"; file "$VAR_DIR/zones/$file_name";
}; };
# ********** end $domain_name ********** # ********** end $domain_name **********