[prev in list] [next in list] [prev in thread] [next in thread]
List: inet-access
Subject: Re: DNS slaves picking up new domains automatically
From: up () 3 ! am
Date: 2003-05-25 18:42:40
[Download RAW message or body]
On Sun, 25 May 2003 jlewis@lewis.org wrote:
> If it's just for your own DNS servers to feed the config out to the slaves
> trust isn't as much of an issue, but I still say rsync is the way to go.
I'm coming in on this thread late, so forgive me if I missed the point. I
use a simple shell script with scp, sudo and cron to do this fairly
securely. This adds a new zone to the primary, creates a config file for
the secondary server, scp's it to that server. That server then has a
cron job that copies the file out of the user's dir into the /etc/namedb
dir and does a reload.
#! /bin/bash
#
# (c) 2000 up@3.am
#
NAMEDCONF="/etc/namedb/virtualdomains.conf"
SECCONF="/etc/namedb/sec.conf"
PRIIP="192.168.0.2"
GREP="/usr/bin/grep"
TEMPLATE="/etc/namedb/db.TEMPLATE"
SCP="/usr/local/bin/scp"
REMOTE="yourname@ns2.yourdomain.net:secondary_files/"
SUDO="/usr/local/bin/sudo"
SCPUSER="yourname"
#
echo " "
echo "script for adding new DNS zones"
echo " "
echo "enter the domain name of the virtual host in lower-case"
echo -n "(leave OUT www etc.) : "
read ZONE
while $GREP -wq $ZONE $NAMEDCONF ; do
echo " "
echo " ERROR: That zone is already in the system"
echo -n " Enter another, or CTL-c to exit : "
read ZONE
done
echo " "
echo " You have entered the domain name \"$ZONE\""
echo " "
echo -n "Is this correct (to confirm type y)? : "
read APPROVAL1
if ! [ $APPROVAL1 = y ]; then
exit
else
echo " "
echo -n "enter the IP address for the A records for the domain and www :
"
read IP
echo " "
echo " You have entered the IP address \"$IP\""
echo " "
echo -n "Is this correct (to confirm type y)? : "
read APPROVAL1
fi
if ! [ $APPROVAL1 = y ]; then
exit
else
echo " " >> $NAMEDCONF
echo "zone \"$ZONE\" {" >> $NAMEDCONF
echo " type master;" >> $NAMEDCONF
echo " file \"db.$ZONE\";" >> $NAMEDCONF
echo "};" >> $NAMEDCONF
echo " " >> $SECCONF
echo "zone \"$ZONE\" {" >> $SECCONF
echo " type slave;" >> $SECCONF
echo " file \"db.$ZONE\";" >> $SECCONF
echo " masters {" >> $SECCONF
echo " $PRIIP;" >> $SECCONF
echo " };" >> $SECCONF
echo "};" >> $SECCONF
fi
cp $TEMPLATE /etc/namedb/db.$ZONE
echo "www IN A $IP" >> /etc/namedb/db.$ZONE
echo "$ZONE. IN A $IP" >> /etc/namedb/db.$ZONE
echo ";" >> /etc/namedb/db.$ZONE
echo "$ZONE. IN MX 10 mail.yourdomain.net." >> /etc/namedb/db.$ZONE
echo ";" >> /etc/namedb/db.$ZONE
echo "mail IN CNAME mail.yourdomain.net." >> /etc/namedb/db.$ZONE
echo "ftp IN CNAME www" >> /etc/namedb/db.$ZONE
/usr/sbin/named.reload
#
# section to scp to secondary
#
#
$SUDO -u $SCPUSER $SCP -q $SECCONF $REMOTE && echo "dns config copied\
to secondary server" || echo "ERROR, couldn't copy dns config to
secondary!"
#
exit
#
# end of secondary stuff
#
exit
James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am
=========================================================================
-
Send 'unsubscribe' in the body to 'list-request@inet-access.net' to leave.
Eat sushi frequently. inet@inet-access.net is the human contact address.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic