diff --git a/automation/config.php.dist b/automation/config.php.dist index 0597911..0806716 100644 --- a/automation/config.php.dist +++ b/automation/config.php.dist @@ -102,4 +102,7 @@ return [ // Drop settings 'dropStrategy' => 'random', // Options: 'fixed', 'random' 'dropTime' => '02:00:00', // Time of day to perform drops if 'fixed' strategy is used + + // IANA Email for Submission Logs + 'iana_email' => 'admin@example.com', // Email address to be used for IANA submission ]; diff --git a/automation/dnssec-ds-rotator.php b/automation/dnssec-ds-rotator.php index 32632ac..ace5488 100644 --- a/automation/dnssec-ds-rotator.php +++ b/automation/dnssec-ds-rotator.php @@ -7,8 +7,7 @@ require_once 'helpers.php'; // Configuration $keyDir = $c['dns_server'] === 'bind' ? '/var/lib/bind' : '/etc/knot/keys'; // Directory containing key files -$localPhpScript = '/path/to/local-registry-update.php'; // Local PHP script for DS record submission -$adminEmail = 'admin@example.com'; // Email to be included for IANA submission logs +$adminEmail = isset($c['iana_email']) && !empty($c['iana_email']) ? $c['iana_email'] : 'admin@example.com'; // Email for IANA submission logs $dnssecTool = $c['dns_server'] === 'bind' ? '/usr/bin/dnssec-dsfromkey' : '/usr/bin/keymgr'; // Tool path $logFilePath = '/var/log/namingo/dnssec-ds-rotator.log'; @@ -124,18 +123,33 @@ try { foreach ($keys as $key) { $log->info($key['dsRecord']); } - // Uncomment this block to submit to parent using the local PHP script - /* - $log->info("Submitting DS record to parent zone using local PHP script..."); - $response = shell_exec("php $localPhpScript $zoneName '" . json_encode($keys) . "'"); + + // You must create the script at the specified path: /opt/registry/automation/ds-update.php. + // This script is responsible for submitting the DS record for your zone to the top-level domain registrar. + // The implementation of this script will depend on the registrar's API or the registry's EPP system. + + // If you are using EPP for your registry communication, you can refer to our Tembo project for a sample EPP client. + // Tembo provides a flexible and customizable way to interact with EPP-based registries, which can simplify your implementation. + // Ensure your script handles all necessary authentication, logging, and error handling when interacting with the registrar. + $dsUpdateScript = '/opt/registry/automation/ds-update.php'; + + if (!file_exists($dsUpdateScript)) { + $log->error("The DS record submission script ($dsUpdateScript) does not exist. Please create it to enable submission to the parent registry."); + continue; + } + + $log->info("Submitting DS record to the parent zone using the local PHP script..."); + + $response = shell_exec("php /opt/registry/automation/ds-update.php $zoneName '" . json_encode($keys) . "'"); + + // Check the response for success if (str_contains($response, 'success')) { - $log->info("DS record successfully submitted to parent zone for $zoneName."); + $log->info("DS record successfully submitted to the parent zone for $zoneName."); } else { - $log->error("Failed to submit DS record to parent zone for $zoneName."); + $log->error("Failed to submit DS record to the parent zone for $zoneName."); $log->error("Response from PHP script: $response"); continue; } - */ } else { $log->error("Unsupported zone type for $zoneName."); continue; diff --git a/docs/update1012.sh b/docs/update1012.sh new file mode 100644 index 0000000..f0cc551 --- /dev/null +++ b/docs/update1012.sh @@ -0,0 +1,148 @@ +#!/bin/bash + +# Prompt the user for confirmation +echo "This will update Namingo Registry from v1.0.11 to v1.0.12." +echo "Make sure you have a backup of the database, /var/www/cp, and /opt/registry." +read -p "Are you sure you want to proceed? (y/n): " confirm + +# Check user input +if [[ "$confirm" != "y" ]]; then + echo "Upgrade aborted." + exit 0 +fi + +# Create backup directory +backup_dir="/opt/backup" +mkdir -p "$backup_dir" + +# Backup directories +echo "Creating backups..." +tar -czf "$backup_dir/cp_backup_$(date +%F).tar.gz" -C / var/www/cp +tar -czf "$backup_dir/whois_backup_$(date +%F).tar.gz" -C / var/www/whois +tar -czf "$backup_dir/registry_backup_$(date +%F).tar.gz" -C / opt/registry + +# Database credentials +config_file="/opt/registry/whois/port43/config.php" +db_user=$(grep "'db_username'" "$config_file" | awk -F "=> '" '{print $2}' | sed "s/',//") +db_pass=$(grep "'db_password'" "$config_file" | awk -F "=> '" '{print $2}' | sed "s/',//") +db_host=$(grep "'db_host'" "$config_file" | awk -F "=> '" '{print $2}' | sed "s/',//") + +# List of databases to back up +databases=("registry" "registryAudit" "registryTransaction") + +# Backup specific databases +for db_name in "${databases[@]}"; do + echo "Backing up database $db_name..." + sql_backup_file="$backup_dir/db_${db_name}_backup_$(date +%F).sql" + mysqldump -u"$db_user" -p"$db_pass" -h"$db_host" "$db_name" > "$sql_backup_file" + + # Compress the SQL backup file + echo "Compressing database backup $db_name..." + tar -czf "${sql_backup_file}.tar.gz" -C "$backup_dir" "$(basename "$sql_backup_file")" + + # Remove the uncompressed SQL file + rm "$sql_backup_file" +done + +# Stop services +echo "Stopping services..." +systemctl stop caddy +systemctl stop epp +systemctl stop whois +systemctl stop rdap +systemctl stop das + +# Clear cache +echo "Clearing cache..." +php /var/www/cp/bin/clear_cache.php + +# Clone the new version of the repository +echo "Cloning v1.0.12 from the repository..." +git clone --branch v1.0.12 --single-branch https://github.com/getnamingo/registry /opt/registry1012 + +# Copy files from the new version to the appropriate directories +echo "Copying files..." + +# Function to copy files and maintain directory structure +copy_files() { + src_dir=$1 + dest_dir=$2 + + if [[ -d "$src_dir" ]]; then + echo "Copying from $src_dir to $dest_dir..." + cp -R "$src_dir/." "$dest_dir/" + else + echo "Source directory $src_dir does not exist. Skipping..." + fi +} + +# Copy specific directories +copy_files "/opt/registry1012/automation" "/opt/registry/automation" +copy_files "/opt/registry1012/cp" "/var/www/cp" +copy_files "/opt/registry1012/whois/web" "/var/www/whois" +copy_files "/opt/registry1012/das" "/opt/registry/das" +copy_files "/opt/registry1012/whois/port43" "/opt/registry/whois/port43" +copy_files "/opt/registry1012/rdap" "/opt/registry/rdap" +copy_files "/opt/registry1012/epp" "/opt/registry/epp" +copy_files "/opt/registry1012/docs" "/opt/registry/docs" + +# Run composer update in copied directories (excluding docs) +echo "Running composer update..." + +composer_update() { + dir=$1 + if [[ -d "$dir" ]]; then + echo "Updating composer in $dir..." + cd "$dir" && composer update + else + echo "Directory $dir does not exist. Skipping composer update..." + fi +} + +# Update composer in relevant directories +composer_update "/opt/registry/automation" +composer_update "/var/www/cp" +composer_update "/opt/registry/das" +composer_update "/opt/registry/whois/port43" +composer_update "/opt/registry/rdap" +composer_update "/opt/registry/epp" + +# File to be edited +CONFIG_FILE="/opt/registry/automation/config.php" + +# Check if the file exists +if [ ! -f "$CONFIG_FILE" ]; then + echo "Error: Configuration file $CONFIG_FILE does not exist." + exit 1 +fi + +# Define the new configuration to be added +NEW_SETTING="\n // IANA Email for Submission Logs\n 'iana_email' => 'admin@example.com', // Email address to be used for IANA submission\n" + +# Insert the new configuration before the closing bracket '];' +sed -i "/^];/i $NEW_SETTING" "$CONFIG_FILE" + +# Confirm the change +if grep -q "'iana_email'" "$CONFIG_FILE"; then + echo "Successfully added the 'iana_email' setting to $CONFIG_FILE." +else + echo "Error: Failed to add the 'iana_email' setting to $CONFIG_FILE." +fi + +# Start services +echo "Starting services..." +systemctl start epp +systemctl start whois +systemctl start rdap +systemctl start das +systemctl start caddy + +# Check if services started successfully +if [[ $? -eq 0 ]]; then + echo "Services started successfully. Deleting /opt/registry1012..." + rm -rf /opt/registry1012 +else + echo "There was an issue starting the services. /opt/registry1012 will not be deleted." +fi + +echo "Upgrade to v1.0.12 completed successfully."