From 06eb4f10f3e8bddc00d303d867b157d96e66c69b Mon Sep 17 00:00:00 2001 From: Philippe Pittoli Date: Sat, 23 Nov 2024 15:06:33 +0100 Subject: [PATCH] Deployment scripts. --- deployment/primary-watchdog.sh | 64 ++++++++++++++++++++++++++++++++ deployment/secondary-watchdog.sh | 42 +++++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100755 deployment/primary-watchdog.sh create mode 100755 deployment/secondary-watchdog.sh diff --git a/deployment/primary-watchdog.sh b/deployment/primary-watchdog.sh new file mode 100755 index 0000000..7f6d1a6 --- /dev/null +++ b/deployment/primary-watchdog.sh @@ -0,0 +1,64 @@ +#!/bin/sh + +# Watchdog for the primary name server. + +REMOTE="gandi" +REMOTE_DIR="/var/powerdns/" +DIR="$REMOTE_DIR" + +echo "directory: $DIR" + +local_update() { + echo "local update of domain $1" + pdns_control bind-reload-now $1 + + # In case the update cannot be done, it might be because the zone wasn't loaded at all. + if [ $? -ne 0 ]; then + pdns_control bind-add-zone $1 $DIR/$1 + fi +} + +local_delete() { + echo "TODO: local delete of domain $1" +} + +remote_update() { + echo "remote update on $REMOTE $REMOTE_DIR/$1" + scp $DIR/$1 $REMOTE:$REMOTE_DIR +} + +remote_delete() { + echo "remote delete on $REMOTE $REMOTE_DIR/$1" + ssh $REMOTE rm $REMOTE_DIR/$1 +} + +action() { + event=$1 + file=$2 + + echo $event | grep "MOVED_TO" >/dev/null + if [ $? -eq 0 ]; then + echo "$file has been modified" + local_update $file + remote_update $file + fi + + echo $event | grep "DELETE" >/dev/null + if [ $? -eq 0 ]; then + echo "$file has been deleted" + local_delete $file + remote_delete $file + fi +} + +# NOTE: dnsmanagerd writes bind9 files in $DIR and with a suffix ".wip" then moves them +# to remove the suffix. This way, the final file is expected to never be corrupted, +# for example by copying it to the secondary DNS server while the zone not being +# fully written to the file. +# +# Therefore, the different interesting actions we should monitor are: +# - moved_to: a zone file has been modified +# - delete: a domain has been removed +opts="-e moved_to -e delete -m" +echo "inotifywait ${opts} --format '%:e %f' $DIR" +inotifywait ${opts} --format '%:e %f' $DIR | while read FILE; do action $FILE ; done diff --git a/deployment/secondary-watchdog.sh b/deployment/secondary-watchdog.sh new file mode 100755 index 0000000..10b2d12 --- /dev/null +++ b/deployment/secondary-watchdog.sh @@ -0,0 +1,42 @@ +#!/bin/sh + +# Primary sends files in $DIR. +DIR="/var/powerdns/" + +local_update() { + echo "update domain $1" + pdns_control bind-reload-now $1 + + # In case the update cannot be done, it might be because the zone wasn't loaded at all. + if [ $? -ne 0 ]; then + pdns_control bind-add-zone $1 $DIR/$1 + fi +} + +local_delete() { echo "TODO: delete domain $1" ; } + +action() { + event=$1 + file=$2 + + echo $event | grep "CLOSE_WRITE" >/dev/null + if [ $? -eq 0 ]; then + echo "$file has been modified" + local_update $file + fi + + echo $event | grep "DELETE" >/dev/null + if [ $? -eq 0 ]; then + echo "$file has been deleted" + local_delete $file + fi +} + +# NOTE: primary nameserver sends files in $DIR upon modification or remove them +# +# Therefore, the different interesting actions we should monitor are: +# - close_write: a zone file has been modified +# - delete: a domain has been removed +opts="-e close_write -e delete -m" +echo "inotifywait ${opts} --format '%:e %f' $DIR" +inotifywait ${opts} --format '%:e %f' $DIR | while read FILE; do action $FILE ; done