-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-entrypoint
More file actions
241 lines (236 loc) · 5.94 KB
/
docker-entrypoint
File metadata and controls
241 lines (236 loc) · 5.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
#!/usr/bin/env bash
# creating secret rndc.key
# openssl rand -base64 15
: ${BIND_RNDCKEY:="D9yVnKTEXtrdHA=="}
# Options Statement Definition and Usage
: ${BIND_ATTACHCACHE:=""}
: ${BIND_DIRECTORY:="/var/cache/bind/"}
: ${BIND_DNSTAP:=""}
: ${BIND_DNSTAPOUTPUT:=""}
: ${BIND_DNSTAPIDENTIFY:=""}
: ${BIND_DNSTAPVERSION:=""}
: ${BIND_GEOIPDIRECTORY:=""}
: ${BIND_KEYDIRECTORY:=""}
: ${BIND_LMDBMAPSIZE:=""}
: ${BIND_MANAGEDKEYSDIRECTORY:=""}
: ${BIND_NAMEDXFER:=""}
: ${BIND_TKEYGSSAPIKEYTAB:=""}
: ${BIND_TKEYGSSAPICREDENTIAL:=""}
: ${BIND_TKEYDOMAIN:=""}
: ${BIND_TKEYDHKEY:=""}
: ${BIND_CACHEFILE:=""}
: ${BIND_DUMPFILE:=""}
: ${BIND_MEMSTATISTICSFILE:=""}
: ${BIND_LOCKFILE:=""}
: ${BIND_PIDFILE:=""}
: ${BIND_RECURSINGFILE:=""}
: ${BIND_STATISTICSFILE:=""}
: ${BIND_BINDKEYSFILE:=""}
: ${BIND_SECROOTSFILE:=""}
: ${BIND_SESSIONKEYFILE:=""}
: ${BIND_SESSIONKEYNAME:=""}
: ${BIND_SESSIONKEYALG:=""}
: ${BIND_PORT:=""}
: ${BIND_DSCP:=""}
: ${BIND_RANDOMDEVICE:=""}
: ${BIND_PREFERREDGLUE:=""}
: ${BIND_ROOTDELEGATIONONLY:=""}
: ${BIND_DISABLEALGORITHMS:=""}
: ${BIND_DISABLEDSDIGESTS:=""}
: ${BIND_DNSSECLOOKASIDE:=""}
: ${BIND_DNSSECMUSTBESECURE:=""}
: ${BIND_DNS64:=""}
: ${BIND_DNSSECLOADKEYSINTERVAL:=""}
: ${BIND_DNSSECUPDATEMODE:=""}
: ${BIND_NTALIFETIME:=""}
: ${BIND_NTARECHECK:=""}
: ${BIND_MAXZONETTL:=""}
: ${BIND_SERIALUPDATEMETHOD:=""}
: ${BIND_ZONESTATISTICS:=""}
# Boolean Options
: ${BIND_AUTOMATICINTERFACESCAN:=""}
: ${BIND_ALLOWNEWZONES:=""}
: ${BIND_AUTHNXDOMAIN:=""}
: ${BIND_MEMSTATISTICS:=""}
: ${BIND_DIALUP:=""}
: ${BIND_FLUSHZONESONSHUTDOWN:=""}
: ${BIND_GEOIPUSEECS:=""}
: ${BIND_ROOTKEYSENTINEL:=""}
: ${BIND_MESSAGECOMPRESSION:=""}
: ${BIND_MINIMALRESPONSES:=""}
: ${BIND_MINIMALANY:=""}
: ${BIND_NOTIFY:=""}
: ${BIND_NOTIFYTOSOA:=""}
: ${BIND_RECURSION:=""}
: ${BIND_REQUESTNSID:=""}
: ${BIND_REQUIRESERVERCOOKIE:=""}
: ${BIND_ANSWERCOOKIE:=""}
: ${BIND_SENDCOOKIE:=""}
: ${BIND_NOCOOKIEUDPSIZE:=""}
: ${BIND_COOKIEALGORITHM:=""}
: ${BIND_COOKIESECRET:=""}
: ${BIND_TRUSTANCHORTELEMETRY:=""}
: ${BIND_PROVIDEIXFR:=""}
: ${BIND_REQUESTIXFR:=""}
: ${BIND_REQUESTEXPIRE:=""}
: ${BIND_ADDITIONALFROMAUTH:=""}
: ${BIND_ADDITIONALFROMCACHE:=""}
: ${BIND_MATCHMAPPEDADDRESSES:=""}
: ${BIND_FILTERAAAAONV4:=""}
: ${BIND_FILTERAAAAONV6:=""}
: ${BIND_IXFRFROMDIFFERENCES:=""}
: ${BIND_MULTIMASTER:=""}
: ${BIND_AUTODNSSEC:=""}
: ${BIND_DNSSECENABLE:=""}
: ${BIND_DNSSECVALIDATION:="auto"}
: ${BIND_DNSSECACCEPTEXPIRED:=""}
: ${BIND_QUERYLOG:=""}
: ${BIND_CHECKNAMESMASTER:=""}
: ${BIND_CHECKNAMESSLAVE:=""}
: ${BIND_CHECKNAMESRESPONSE:=""}
: ${BIND_CHECKDUPRECORDS:=""}
: ${BIND_CHECKMX:=""}
: ${BIND_CHECKWILDCARD:=""}
: ${BIND_CHECKINTEGRITY:=""}
: ${BIND_CHECKMXCNAME:=""}
: ${BIND_CHECKSRVCNAME:=""}
: ${BIND_CHECKSIBLING:=""}
: ${BIND_CHECKSPF:=""}
: ${BIND_ZERONOSOATTL:=""}
: ${BIND_ZERONOSOATTLCACHE:=""}
: ${BIND_UPDATECHECKKSK:=""}
: ${BIND_DNSSECDNSKEYKSKONLY:=""}
: ${BIND_TRYTCPREFRESH:=""}
: ${BIND_DNSSECSECURETOINSECURE:=""}
# Forwarding
: ${BIND_FORWARD:=""}
: ${BIND_FORWARDERS:=""}
# Interfaces
: ${BIND_LISTENONPORT:="53 { any; }"}
: ${BIND_LISTENONPORTV6:="53 { none; }"}
: ${BIND_VERSION:="none"}
CONFIGS_VARS=(
BIND_RNDCKEY
BIND_ATTACHCACHE
BIND_DIRECTORY
BIND_DNSTAP
BIND_DNSTAPOUTPUT
BIND_DNSTAPIDENTIFY
BIND_DNSTAPVERSION
BIND_GEOIPDIRECTORY
BIND_KEYDIRECTORY
BIND_LMDBMAPSIZE
BIND_MANAGEDKEYSDIRECTORY
BIND_NAMEDXFER
BIND_TKEYGSSAPIKEYTAB
BIND_TKEYGSSAPICREDENTIAL
BIND_TKEYDOMAIN
BIND_TKEYDHKEY
BIND_CACHEFILE
BIND_DUMPFILE
BIND_MEMSTATISTICSFILE
BIND_LOCKFILE
BIND_PIDFILE
BIND_RECURSINGFILE
BIND_STATISTICSFILE
BIND_BINDKEYSFILE
BIND_SECROOTSFILE
BIND_SESSIONKEYFILE
BIND_SESSIONKEYNAME
BIND_SESSIONKEYALG
BIND_PORT
BIND_DSCP
BIND_RANDOMDEVICE
BIND_PREFERREDGLUE
BIND_ROOTDELEGATIONONLY
BIND_DISABLEALGORITHMS
BIND_DISABLEDSDIGESTS
BIND_DNSSECLOOKASIDE
BIND_DNSSECMUSTBESECURE
BIND_DNS64
BIND_DNSSECLOADKEYSINTERVAL
BIND_DNSSECUPDATEMODE
BIND_NTALIFETIME
BIND_NTARECHECK
BIND_MAXZONETTL
BIND_SERIALUPDATEMETHOD
BIND_ZONESTATISTICS
BIND_AUTOMATICINTERFACESCAN
BIND_ALLOWNEWZONES
BIND_AUTHNXDOMAIN
BIND_MEMSTATISTICS
BIND_DIALUP
BIND_FLUSHZONESONSHUTDOWN
BIND_GEOIPUSEECS
BIND_ROOTKEYSENTINEL
BIND_MESSAGECOMPRESSION
BIND_MINIMALRESPONSES
BIND_MINIMALANY
BIND_NOTIFY
BIND_NOTIFYTOSOA
BIND_RECURSION
BIND_REQUESTNSID
BIND_REQUIRESERVERCOOKIE
BIND_ANSWERCOOKIE
BIND_SENDCOOKIE
BIND_NOCOOKIEUDPSIZE
BIND_COOKIEALGORITHM
BIND_COOKIESECRET
BIND_TRUSTANCHORTELEMETRY
BIND_PROVIDEIXFR
BIND_REQUESTIXFR
BIND_REQUESTEXPIRE
BIND_ADDITIONALFROMAUTH
BIND_ADDITIONALFROMCACHE
BIND_MATCHMAPPEDADDRESSES
BIND_FILTERAAAAONV4
BIND_FILTERAAAAONV6
BIND_IXFRFROMDIFFERENCES
BIND_MULTIMASTER
BIND_AUTODNSSEC
BIND_DNSSECENABLE
BIND_DNSSECVALIDATION
BIND_DNSSECACCEPTEXPIRED
BIND_QUERYLOG
BIND_CHECKNAMESMASTER
BIND_CHECKNAMESSLAVE
BIND_CHECKNAMESRESPONSE
BIND_CHECKDUPRECORDS
BIND_CHECKMX
BIND_CHECKWILDCARD
BIND_CHECKINTEGRITY
BIND_CHECKMXCNAME
BIND_CHECKSRVCNAME
BIND_CHECKSIBLING
BIND_CHECKSPF
BIND_ZERONOSOATTL
BIND_ZERONOSOATTLCACHE
BIND_UPDATECHECKKSK
BIND_DNSSECDNSKEYKSKONLY
BIND_TRYTCPREFRESH
BIND_DNSSECSECURETOINSECURE
BIND_FORWARD
BIND_FORWARDERS
BIND_LISTENONPORT
BIND_LISTENONPORTV6
BIND_VERSION
)
#sed -i "s,${c},$(eval echo \$${c})," /etc/bind/rndc.key
OPTIONSFILE=/etc/bind/named.conf.options
echo "==> Setting configurations options ... "
for c in ${CONFIGS_VARS[@]}
do
VAR1="$(eval echo \$${c})"
VAR2="$(grep -w ${c} options | cut -d' ' -f1 | xargs -I '{}' grep -m1 -w '{}' $OPTIONSFILE)"
if [ ! -z "$VAR1" -a ! -z "$VAR2" ]; then
VAR3="$(grep -w ${c} options)"
sed -i "s,$VAR2,$VAR3,g" $OPTIONSFILE
sed -i "s,${c},$(eval echo \$${c})," $OPTIONSFILE
elif [ ! -z "$VAR1" -a -z "$VAR2" ]; then
grep -w ${c} options | xargs -I '{}' sed -i '$i{}' $OPTIONSFILE
sed -i "s,${c},$(eval echo \$${c})," $OPTIONSFILE
fi
done
echo "Done"
echo "==> Starting bind9"
named -g -u bind -c /etc/bind/named.conf