'Re: DNS slaves picking up new domains automatically'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       inet-access
Subject:    Re: DNS slaves picking up new domains automatically
From:       up () 3 ! am
Date:       2003-05-25 18:42:40
[Download RAW message or body]

On Sun, 25 May 2003 jlewis@lewis.org wrote:

> If it's just for your own DNS servers to feed the config out to the slaves
> trust isn't as much of an issue, but I still say rsync is the way to go.

I'm coming in on this thread late, so forgive me if I missed the point.  I
use a simple shell script with scp, sudo and cron to do this fairly
securely.  This adds a new zone to the primary, creates a config file for
the secondary server, scp's it to that server.  That server then has a
cron job that copies the file out of the user's dir into the /etc/namedb
dir and does a reload.

#! /bin/bash
#
# (c) 2000  up@3.am
#
NAMEDCONF="/etc/namedb/virtualdomains.conf"
SECCONF="/etc/namedb/sec.conf"
PRIIP="192.168.0.2"
GREP="/usr/bin/grep"
TEMPLATE="/etc/namedb/db.TEMPLATE"
SCP="/usr/local/bin/scp"
REMOTE="yourname@ns2.yourdomain.net:secondary_files/"
SUDO="/usr/local/bin/sudo"
SCPUSER="yourname"
#
echo " "
echo "script for adding new DNS zones"
echo " "
echo "enter the domain name of the virtual host in lower-case"
echo -n "(leave OUT www etc.) : "
read ZONE
while $GREP -wq $ZONE $NAMEDCONF ; do

  echo " "
  echo " ERROR: That zone is already in the system"
  echo -n " Enter another, or CTL-c to exit : "
  read ZONE

done

echo " "
echo " You have entered the domain name \"$ZONE\""
echo " "
echo -n "Is this correct (to confirm type y)? : "
read APPROVAL1

if ! [ $APPROVAL1 = y ]; then
exit

 else

  echo " "
  echo -n "enter the IP address for the A records for the domain and www :
"
  read IP

  echo " "
  echo " You have entered the IP address \"$IP\""
  echo " "
  echo -n "Is this correct (to confirm type y)? : "
  read APPROVAL1

fi

if ! [ $APPROVAL1 = y ]; then

exit

else

echo " "  >>  $NAMEDCONF
echo "zone \"$ZONE\" {"  >>  $NAMEDCONF
echo "  type master;"  >>  $NAMEDCONF
echo "  file \"db.$ZONE\";" >>  $NAMEDCONF
echo "};" >>  $NAMEDCONF

echo " "  >>  $SECCONF
echo "zone \"$ZONE\" {"  >>  $SECCONF
echo "      type slave;"  >>  $SECCONF
echo "      file \"db.$ZONE\";" >>  $SECCONF
echo "      masters {" >> $SECCONF
echo "              $PRIIP;" >> $SECCONF
echo "      };" >>  $SECCONF
echo "};" >>  $SECCONF

fi

cp $TEMPLATE /etc/namedb/db.$ZONE

echo "www  IN  A  $IP" >> /etc/namedb/db.$ZONE
echo "$ZONE.  IN  A  $IP" >> /etc/namedb/db.$ZONE
echo ";" >> /etc/namedb/db.$ZONE
echo "$ZONE.  IN  MX  10  mail.yourdomain.net." >> /etc/namedb/db.$ZONE
echo ";" >> /etc/namedb/db.$ZONE
echo "mail  IN  CNAME  mail.yourdomain.net." >> /etc/namedb/db.$ZONE
echo "ftp  IN  CNAME  www" >> /etc/namedb/db.$ZONE

/usr/sbin/named.reload

#
# section to scp to secondary
#
#
$SUDO -u $SCPUSER $SCP -q $SECCONF $REMOTE && echo "dns config copied\
to secondary server" || echo "ERROR, couldn't copy dns config to
secondary!"
#
exit

#
# end of secondary stuff
#

exit

James Smallacombe		      PlantageNet, Inc. CEO and Janitor
up@3.am							    http://3.am
=========================================================================

-
Send 'unsubscribe' in the body to 'list-request@inet-access.net' to leave.
Eat sushi frequently.   inet@inet-access.net is the human contact address.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic