mirror of
https://github.com/getnamingo/registry.git
synced 2025-08-03 08:11:49 +02:00
Update dnssec-ds-rotator.php
This commit is contained in:
parent
dcca095662
commit
c94821316a
1 changed files with 17 additions and 5 deletions
|
@ -6,14 +6,14 @@ $c = require_once 'config.php';
|
|||
require_once 'helpers.php';
|
||||
|
||||
// Configuration
|
||||
$keyDir = $c['dns_software'] === 'bind' ? '/var/lib/bind' : '/etc/knot/keys'; // Directory containing key files
|
||||
$keyDir = $c['dns_server'] === 'bind' ? '/var/lib/bind' : '/etc/knot/keys'; // Directory containing key files
|
||||
$localPhpScript = '/path/to/local-registry-update.php'; // Local PHP script for DS record submission
|
||||
$adminEmail = 'admin@example.com'; // Email to be included for IANA submission logs
|
||||
$dnssecTool = $c['dns_software'] === 'bind' ? '/usr/bin/dnssec-dsfromkey' : '/usr/bin/keymgr'; // Tool path
|
||||
$dnssecTool = $c['dns_server'] === 'bind' ? '/usr/bin/dnssec-dsfromkey' : '/usr/bin/keymgr'; // Tool path
|
||||
$logFilePath = '/var/log/namingo/dnssec-ds-rotator.log';
|
||||
|
||||
$log = setupLogger($logFilePath, 'DNSSEC_DS_Rotator');
|
||||
$log->info("Starting DS record handling for " . strtoupper($c['dns_software']) . ".");
|
||||
$log->info("Starting DS record handling for " . strtoupper($c['dns_server']) . ".");
|
||||
|
||||
try {
|
||||
// Connect to the database
|
||||
|
@ -32,7 +32,7 @@ try {
|
|||
// Process the zone name
|
||||
$log->info("Processing zone: $zoneName");
|
||||
|
||||
if ($c['dns_software'] === 'bind') {
|
||||
if ($c['dns_server'] === 'bind') {
|
||||
// Locate all keys for the zone (BIND)
|
||||
$keyFiles = glob("$keyDir/K$zoneName.+*.key");
|
||||
if (empty($keyFiles)) {
|
||||
|
@ -73,7 +73,7 @@ try {
|
|||
|
||||
$log->info("DS Record Generated for KSK file $kskFile: $dsRecord");
|
||||
}
|
||||
} elseif ($c['dns_software'] === 'knot') {
|
||||
} elseif ($c['dns_server'] === 'knot') {
|
||||
// **Knot DNS: Use keymgr to manage keys and DS records**
|
||||
$keys = [];
|
||||
exec("$dnssecTool ds $zoneName", $output, $returnCode);
|
||||
|
@ -123,6 +123,18 @@ try {
|
|||
foreach ($keys as $key) {
|
||||
$log->info($key['dsRecord']);
|
||||
}
|
||||
// Uncomment this block to submit to parent using the local PHP script
|
||||
/*
|
||||
$log->info("Submitting DS record to parent zone using local PHP script...");
|
||||
$response = shell_exec("php $localPhpScript $zoneName '" . json_encode($keys) . "'");
|
||||
if (str_contains($response, 'success')) {
|
||||
$log->info("DS record successfully submitted to parent zone for $zoneName.");
|
||||
} else {
|
||||
$log->error("Failed to submit DS record to parent zone for $zoneName.");
|
||||
$log->error("Response from PHP script: $response");
|
||||
continue;
|
||||
}
|
||||
*/
|
||||
} else {
|
||||
$log->error("Unsupported zone type for $zoneName.");
|
||||
continue;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue