120 lines
3.1 KiB

  1. #!/bin/bash
  2. ## Init is run on host
  3. ## For now it is run every time the script is launched, but
  4. ## it should be launched only once after build.
  5. ## Accessible variables are:
  6. ## - SERVICE_NAME Name of current service
  7. ## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
  8. ## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
  9. ## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
  10. . lib/common
  11. set -e
  12. ##
  13. ## "${BIND_CONFIG_DIR}"/bind.keys
  14. ##
  15. ## https://www.isc.org/bind-keys/
  16. config_hash=$(docker inspect "$DOCKER_BASE_IMAGE" --format '{{ .Id }}')
  17. if ! [ -e "${SERVICE_CONFIGSTORE}${BIND_CONFIG_DIR}"/bind.keys ]; then
  18. mkdir -p "${SERVICE_CONFIGSTORE}${BIND_CONFIG_DIR}"
  19. ## From alpine install
  20. ln -sf ../../usr/share/dnssec-root/bind-dnssec-root.keys \
  21. "${SERVICE_CONFIGSTORE}${BIND_CONFIG_DIR}"/bind.keys
  22. fi
  23. ##
  24. ## "${BIND_CONFIG_DIR}"/rndc.key
  25. ##
  26. if [ -d "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/rndc.key ]; then
  27. ## When deleting file and docker is still running, due to named
  28. ## stopping and docker force-restart, this file will be recreated
  29. ## as a directory To avoid issues, if we detect this condition,
  30. ## let's just remove the directory
  31. rmdir "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/rndc.key
  32. fi
  33. if ! [ -e "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/rndc.key ]; then
  34. mkdir -p "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/
  35. docker run --rm -v "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}:${BIND_CONFIG_DIR}" \
  36. "$DOCKER_BASE_IMAGE" rndc-confgen -b 256 -a
  37. if ! [ -e "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/rndc.key ]; then
  38. err "RNDC key-file generation failed."
  39. exit 1
  40. fi
  41. fi
  42. config_hash=$(e "$config_hash" "$(cat "${SERVICE_DATASTORE}${BIND_CONFIG_DIR}"/rndc.key)")
  43. init-config-add "
  44. $SERVICE_NAME:
  45. volumes:
  46. - \"$SERVICE_DATASTORE${BIND_CONFIG_DIR}/rndc.key:${BIND_CONFIG_DIR}/rndc.key:ro\"
  47. "
  48. ##
  49. ## "${BIND_CONFIG_DIR}"/named.conf and others
  50. ##
  51. cd src
  52. cfg_files=("${BIND_CONFIG_DIR#/}"/{zones.rfc1918,{db,named}.*})
  53. for file in "${cfg_files[@]}"; do
  54. if ! diff "$file" "$SERVICE_CONFIGSTORE"/"$file" >/dev/null 2>&1; then
  55. cp -v "$file" "$SERVICE_CONFIGSTORE"/"$file" >&2 || exit 1
  56. else
  57. echo "File $file already up to date." >&2
  58. fi
  59. done
  60. config_hash=$(p0 "$config_hash" "$(cat "${cfg_files[@]}")" | md5_compat)
  61. cd ..
  62. ##
  63. ## user requested zones
  64. ##
  65. vars_cfg=$(options-get vars 2>/dev/null) || true
  66. zones_cfg=$(options-get zones 2>/dev/null) || true
  67. if [ -n "$zones_cfg" ]; then
  68. ## will update config_hash
  69. bind:cfg:generate "$zones_cfg" "$vars_cfg"
  70. fi
  71. uid=$(docker_get_uid "$SERVICE_NAME" "named")
  72. dirs=(/{etc,var/{log,cache}}/bind )
  73. host_dirs=()
  74. for dir in "${dirs[@]}"; do
  75. host_dirs+=("$SERVICE_DATASTORE$dir")
  76. done
  77. host_dirs+=("$SERVICE_CONFIGSTORE"/etc/bind)
  78. mkdir -p "${host_dirs[@]}"
  79. find "${host_dirs[@]}" \! -user "$uid" -or -type l -print0 | while read-0 f; do
  80. chown -v "$uid" "$f" || exit 1
  81. done
  82. ##
  83. ## Final
  84. ##
  85. init-config-add "
  86. $MASTER_BASE_SERVICE_NAME:
  87. labels:
  88. - compose.config_hash=$config_hash
  89. "