🗃️ Committing everything that changed 🗃️

applications/ configs/ lists/ wwwroot/
2025-09-18 15:57:45 -04:00 · 2023-08-22 17:53:03 -04:00
parent 13eaf166f5
commit 5eb3ff1598
265 changed files with 48486 additions and 0 deletions
--- a/applications/bind/scripts/commands.sh
+++ b/applications/bind/scripts/commands.sh
@@ -0,0 +1,70 @@
+__rndc_key() { grep -s 'key "rndc-key" ' "$ETC_DIR/rndc.key" | grep -v 'KEY_RNDC' | sed 's|.*secret ||g;s|"||g;s|;.*||g' | grep '^' || return 1; }
+__tsig_key() { tsig-keygen -a hmac-sha256 | grep 'secret' | sed 's|.*secret "||g;s|"||g;s|;||g' | grep '^' || echo 'wp/HApbthaVPjwqgp6ziLlmnkyLSNbRTehkdARBDcpI='; }
+
+EXEC_CMD_BIN="named"                      # command to execute
+EXEC_CMD_ARGS="-f -c $ETC_DIR/named.conf" # command arguments
+
+VAR_DIR="/var/bind"
+KEY_RNDC="${KEY_RNDC:-$(__tsig_key)}"
+KEY_DHCP="${KEY_DHCP:-$(__tsig_key)}"
+KEY_BACKUP="${KEY_BACKUP:-$(__tsig_key)}"
+KEY_CERTBOT="${KEY_CERTBOT:-$(__tsig_key)}"
+
+local zone_files=""
+local serial="$(date +'%Y%m%d%S')"
+local HOSTNAME="${SERVER_NAME:-$HOSTNAME}"
+local ip_address="${CONTAINER_IP4_ADDRESS:-127.0.0.1}"
+[ -f "$CONF_DIR/set_rndc.key" ] && GET_RNDC_KEY="$(<"$CONF_DIR/set_rndc.key")"
+
+__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf"                  #&>/dev/null
+__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf"              #&>/dev/null
+__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf"            #&>/dev/null
+__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/rndc.key"   #&>/dev/null
+__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/named.conf" #&>/dev/null
+
+[ -f "$ETC_DIR/custom.conf" ] && mv -f "$ETC_DIR/custom.conf" "$ETC_DIR/named.conf"
+
+GET_RNDC_KEY="${GET_RNDC_KEY:-$(__rndc_key || echo '')}"
+if [ -n "$GET_RNDC_KEY" ]; then
+  echo "$GET_RNDC_KEY" >"$CONF_DIR/set_rndc.key"
+fi
+
+zone_files="$(find "$DATA_DIR/zones/" -type f | wc -l)"
+if [ $zone_files = 0 ] && [ ! -f "$DATA_DIR/zones/$HOSTNAME.zone" ]; then
+  cat <<EOF | tee "$DATA_DIR/zones/$HOSTNAME.zone" &>/dev/null
+; config for $HOSTNAME
+@                         IN  SOA     $HOSTNAME. root.$HOSTNAME. ( $serial 10800 3600 1209600 38400)
+                          IN  NS      $HOSTNAME.
+$HOSTNAME.                IN  A       $ip_address
+
+EOF
+fi
+#
+for dns_file in "$DATA_DIR/zones"/*; do
+  file_name="$(basename "$dns_file")"
+  domain_name="$(grep -Rs '\$ORIGIN' "$dns_file" | awk '{print $NF}' | sed 's|.$||g')"
+  if [ -f "$dns_file" ]; then
+    cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
+    if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
+      cat <<EOF >>"$ETC_DIR/named.conf"
+#  ********** begin $domain_name **********
+zone "$domain_name" {
+    type master;
+    file "$VAR_DIR/zones/$file_name";
+    notify yes;
+    allow-update {key "certbot."; key "dhcp-key"; trusted;};
+    allow-transfer { any; key "backup-key"; };
+};
+#  ********** end $domain_name **********
+
+EOF
+      grep -qs "$domain_name" "$ETC_DIR/named.conf" && echo "Added $domain_name to $ETC_DIR/named.conf"
+    fi
+  fi
+done
+if named-checkconf -z "$ETC_DIR/named.conf" &>/dev/null; then
+  echo "named-checkconf has succeeded"
+else
+  echo "named-checkconf has failed:"
+  named-checkconf -z "$ETC_DIR/named.conf"
+fi
--- a/applications/bind/scripts/install.sh
+++ b/applications/bind/scripts/install.sh
@@ -0,0 +1,8 @@
+etc_dir="/etc/bind" var_dir="/var/bind" data_dir="/data/named" conf_dir="/config/named"
+rm -Rf "/etc/rndc"* "/etc/bind/"* "/var/bind/"*
+mkdir -p "$etc_dir" "$var_dir" "${DEFAULT_CONF_DIR}/named" "${DEFAULT_DATA_DIR}/named" "/run/named" "/tmp/etc/named" "/tmp/var/named" "/tmp/etc/named/keys" "/tmp/var/named/zones"
+[ -d "/tmp/etc/named" ] && cp -Rf "/tmp/etc/named/." "$etc_dir/" && cp -Rf "/tmp/etc/named/." "${DEFAULT_CONF_DIR}/named/"
+[ -d "/tmp/var/named" ] && cp -Rf "/tmp/var/named/." "$var_dir/" && cp -Rf "/tmp/var/named/." "${DEFAULT_DATA_DIR}/named/"
+chown -Rf named:named "$etc_dir" "$var_dir" "${DEFAULT_CONF_DIR}/named" "${DEFAULT_DATA_DIR}/named" "/run/named"
+find "$etc_dir" "$var_dir" "/run/named" "${DEFAULT_CONF_DIR}/named" "${DEFAULT_DATA_DIR}/named" -type d -exec chmod -Rf 777 {} \; && echo "changed folder permissions to 777"
+find "$etc_dir" "$var_dir" "/run/named" "${DEFAULT_CONF_DIR}/named" "${DEFAULT_DATA_DIR}/named" -type f -exec chmod -Rf 664 {} \; && echo "changed file permissions to 664"
--- a/applications/bind/scripts/packages.sh
+++ b/applications/bind/scripts/packages.sh
@@ -0,0 +1 @@
+bind bind-tools bind-dnssec-root bind-plugins nginx ${PHP_VERSION}-fpm
				`@@ -0,0 +1 @@`
				`bind bind-tools bind-dnssec-root bind-plugins nginx ${PHP_VERSION}-fpm`