249 lines
7.8 KiB
Bash
Executable File
249 lines
7.8 KiB
Bash
Executable File
#!/bin/bash
|
||
#
|
||
# powerdns-tools
|
||
# https://git.stack-source.com/msb/powerdns-tools
|
||
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||
#
|
||
# powerdns-tools include file, used by other powerdns-tools bash scripts
|
||
|
||
# Must be root, attempt sudo if need be. root is not actually required for the API commands, but we want to restrict access.
|
||
if [ "$USER" != "root" ]; then
|
||
exec sudo -u root $0 $@
|
||
fi
|
||
|
||
# Load local config
|
||
# 'api_key' & 'dns_domain' must be set in the local config.
|
||
# If 'account' is set in the local config it is set for all 'zone' & 'comment' PDNS entries.
|
||
# 'account' can also be set/overridden on command line.
|
||
# Any of the other constants below can be overriden in the local config.
|
||
if [[ -f /usr/local/etc/pdns.conf ]]; then
|
||
source /usr/local/etc/pdns.conf
|
||
else
|
||
echo "ERROR: Local config missing. You need to install and configure /usr/local/etc/pdns.conf"
|
||
exit
|
||
fi
|
||
|
||
# constants
|
||
|
||
# API URL. Consider putting this behind a proxy with https on the front and then setting api_base_url in pdns.conf
|
||
[[ -z $api_base_url ]] && api_base_url=http://127.0.0.1:8081/api/v1/servers/localhost
|
||
|
||
# Default IP address to use for new zone records
|
||
# Defaults to IP of server script is run from
|
||
[[ -z $default_ip ]] && default_ip=$(hostname --ip-address)
|
||
|
||
# Hostname of this server.
|
||
# Should normally just use the server configured hostname.
|
||
[[ -z $hostname ]] && hostname=$(hostname --fqdn)
|
||
|
||
# Array of allowed Resource Record Types
|
||
[[ -z $rr_types ]] && declare -a rr_types=(A AAAA CNAME MX NS PTR SRV TXT)
|
||
|
||
# Minimum/maximum values for SOA and RR records
|
||
[[ -z $min_ttl ]] && min_ttl=300
|
||
[[ -z $max_ttl ]] && max_ttl=2419200
|
||
[[ -z $min_refresh ]] && min_refresh=300
|
||
[[ -z $min_retry ]] && min_retry=300
|
||
[[ -z $min_expire ]] && min_expire=86400
|
||
|
||
# Default values for new zones.
|
||
[[ -z $zone_default_ns ]] && zone_default_ns="ns1.$dns_domain"
|
||
[[ -z $zone_defaults_mbox ]] && zone_defaults_mbox="hostmaster.$dns_domain"
|
||
[[ -z $zone_defaults_ttl ]] && zone_defaults_ttl='3600'
|
||
[[ -z $zone_defaults_refresh ]] && zone_defaults_refresh='86400'
|
||
[[ -z $zone_defaults_retry ]] && zone_defaults_retry='7200'
|
||
[[ -z $zone_defaults_expire ]] && zone_defaults_expire='1209600'
|
||
[[ -z $zone_defaults_minimum ]] && zone_defaults_minimum='3600'
|
||
readonly zone_defaults_pri='0'
|
||
# zone_defaults_pri must be 0, do not change
|
||
|
||
# The following array specifies default records for new zone records.
|
||
# These get inserted automatically whenever a zone is created.
|
||
# The format of each record is (name|type|content). TTL is taken from defaults above.
|
||
# @ will be replace with the zone (domain name)
|
||
# TXT records will get quoted (don't add quotes around the content field here)
|
||
# Only MX & SRV records use priority, and it should be specified as part of the content/data field.
|
||
|
||
[[ -z $default_records ]] && declare -a default_records=("@|A|$default_ip"
|
||
"@|MX|10 mail.@"
|
||
"@|NS|ns1.$dns_domain"
|
||
"@|NS|ns2.$dns_domain"
|
||
"@|NS|ns3.$dns_domain"
|
||
"@|TXT|v=spf1 a mx -all"
|
||
"mail.@|A|$default_ip"
|
||
"imap.@|CNAME|mail.@"
|
||
"smtp.@|CNAME|mail.@"
|
||
"pop.@|CNAME|mail.@"
|
||
"www.@|CNAME|@")
|
||
|
||
# functions
|
||
|
||
# crude but good enough domain name format validation
|
||
function pdns::validate_domain () {
|
||
local my_domain=$1
|
||
if [[ $my_domain =~ ^(([a-zA-Z0-9](-?[a-zA-Z0-9])*)\.)+[a-zA-Z]{2,}\.?$ ]] ; then
|
||
return 0
|
||
else
|
||
return 1
|
||
fi
|
||
}
|
||
|
||
# crude but good enough IP address format validation
|
||
function pdns::validate_ip()
|
||
{
|
||
local ip=$1
|
||
local status=1
|
||
|
||
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
|
||
OIFS=$IFS
|
||
IFS='.'
|
||
ip=($ip)
|
||
IFS=$OIFS
|
||
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
|
||
status=$?
|
||
fi
|
||
return $status
|
||
}
|
||
|
||
# yesno prompt
|
||
#
|
||
# Examples:
|
||
# loop until y or n: if pdns::yesno "Continue?"; then
|
||
# default y: if pdns::yesno "Continue?" Y; then
|
||
# default n: if pdns::yesno "Continue?" N; then
|
||
function pdns::yesno() {
|
||
|
||
local prompt default reply
|
||
|
||
if [ "${2:-}" = "Y" ]; then
|
||
prompt="Y/n"
|
||
default=Y
|
||
elif [ "${2:-}" = "N" ]; then
|
||
prompt="y/N"
|
||
default=N
|
||
else
|
||
prompt="y/n"
|
||
default=
|
||
fi
|
||
|
||
while true; do
|
||
|
||
read -p "$1 [$prompt] " -n 1 -r reply
|
||
|
||
# Default?
|
||
if [ -z "$reply" ]; then
|
||
reply=$default
|
||
fi
|
||
|
||
# Check if the reply is valid
|
||
case "$reply" in
|
||
Y*|y*) return 0 ;;
|
||
N*|n*) return 1 ;;
|
||
esac
|
||
|
||
done
|
||
|
||
}
|
||
|
||
function pdns:getoptions () {
|
||
local OPTIND
|
||
while getopts "ha:bcd:e:i:l:m:n:o:p:q:r:s:t:w:xz:" opt ; do
|
||
case "${opt}" in
|
||
h ) # display help and exit
|
||
# set thisfilename=$(basename -- "$0")
|
||
if [[ -n $parent ]]; then
|
||
thisfilename=$parent
|
||
else
|
||
thisfilename=$(basename -- "$0")
|
||
fi
|
||
help
|
||
exit
|
||
;;
|
||
a ) # account
|
||
account=${OPTARG}
|
||
;;
|
||
b ) # bare - create empty zone, do not any default records
|
||
bare=true
|
||
;;
|
||
c ) # csv - output in csv format
|
||
csv=true
|
||
;;
|
||
d ) # domain (alias of zone)
|
||
zone=${OPTARG,,}
|
||
# pdns stores zone name without trailing dot, remove if found
|
||
if [[ ${zone: -1} = '.' ]]; then
|
||
zone=${zone::-1}
|
||
fi
|
||
if ! pdns::validate_domain $zone; then
|
||
echo "ERROR: $zone is not a valid domain name."
|
||
exit 1
|
||
fi
|
||
;;
|
||
e ) # max (integer) – Maximum number of entries to return
|
||
max=${OPTARG}
|
||
;;
|
||
i ) # IP
|
||
ip=${OPTARG}
|
||
if ! pdns::validate_ip $ip; then
|
||
echo "ERROR: $ip is not a valid IP address."
|
||
exit
|
||
fi
|
||
;;
|
||
l ) # ttl - Time To Live
|
||
ttl=${OPTARG}
|
||
;;
|
||
m ) # master - IP of master if this is a slave zone
|
||
master=${OPTARG}
|
||
;;
|
||
n ) # name - hostname for this record
|
||
name=${OPTARG,,}
|
||
;;
|
||
o ) # object_type - Type of data to search for, one of 'all', 'zone', 'record', 'comment'
|
||
object=${OPTARG,,}
|
||
;;
|
||
p ) # parent - name of parent script ("hidden" option used by vdns-* scripts)
|
||
parent=${OPTARG,,}
|
||
;;
|
||
q ) # query - The string to search for
|
||
query=${OPTARG}
|
||
;;
|
||
r ) # record data
|
||
record=${OPTARG}
|
||
;;
|
||
s ) # status - disabled status, 0 for active 1 for inactive, default 0
|
||
status=${OPTARG}
|
||
;;
|
||
t ) # type
|
||
type=${OPTARG^^}
|
||
;;
|
||
w ) # comment - a note about the record
|
||
comment=${OPTARG}
|
||
;;
|
||
x ) # eXecute - don't prompt for confirmation
|
||
execute=true
|
||
;;
|
||
z ) # zone
|
||
zone=${OPTARG,,}
|
||
# pdns stores zone name without trailing dot, remove if found
|
||
if [[ ${zone: -1} = '.' ]]; then
|
||
zone=${zone::-1}
|
||
fi
|
||
if ! pdns::validate_domain $zone; then
|
||
echo "ERROR: $zone is not a valid domain name."
|
||
exit 1
|
||
fi
|
||
;;
|
||
\? )
|
||
echo "Invalid option: $OPTARG"
|
||
exit 1
|
||
;;
|
||
: )
|
||
echo "Invalid option: $OPTARG requires an argument"
|
||
exit 1
|
||
;;
|
||
esac
|
||
done
|
||
shift $((OPTIND-1))
|
||
}
|