Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
tree: 78b848a9fd
Fetching contributors…

Cannot retrieve contributors at this time

executable file 77 lines (61 sloc) 2.17 kB
#!/bin/bash
node_domain=$1
dont_force_entropy=$2
spec_path=`gem contents openshift-origin-dns-bind | grep gemspec`
base_path=${spec_path%openshift-origin-dns-bind.gemspec}
echo "Install selinux module"
semodule -l | grep dhcpnamedforward
if (( $? )) ; then
pushd /usr/share/selinux/packages/rubygem-openshift-origin-dns-bind/ && make -f /usr/share/selinux/devel/Makefile ; popd
semodule -i /usr/share/selinux/packages/rubygem-openshift-origin-dns-bind/dhcpnamedforward.pp
fi
echo "Install bind config"
rm -rf /var/named/dynamic
mkdir -p /var/named/dynamic
rm -f /var/named/K$node_domain*
sed "s/example.com/$node_domain/g" < $base_path/doc/examples/example.com.db > /var/named/dynamic/$node_domain.db
NAMED_TMP=$(mktemp -d /tmp/namedXXXXXXX)
pushd $NAMED_TMP
if ! [ $dont_force_entropy ] ; then
rngd -r /dev/urandom
fi
/usr/sbin/dnssec-keygen -a HMAC-MD5 -n HOST -b 128 $node_domain
if ! [ $dont_force_entropy ] ; then
killall rngd
fi
KEY=$( grep Key: $NAMED_TMP/*.private | cut -d' ' -f 2 )
mv $NAMED_TMP/K$node_domain.* /var/named
popd
rm -rf $NAMED_TMP
cat <<EOF > /var/named/$node_domain.key
key $node_domain {
algorithm HMAC-MD5 ;
secret "${KEY}" ;
} ;
EOF
# preserve the existing named config
if [ ! -f /etc/named.conf.orig ]
then
mv /etc/named.conf /etc/named.conf.orig
fi
sed "s/example.com/$node_domain/g" < $base_path/doc/examples/named.conf > /etc/named.conf
chown root:named /etc/named.conf
/usr/bin/chcon system_u:object_r:named_conf_t:s0 -v /etc/named.conf
touch /var/named/data/named.run
touch /var/named/data/queries.log
touch /var/named/data/cache_dump.db
touch /var/named/data/named_stats.txt
touch /var/named/data/named_mem_stats.txt
touch /var/named/forwarders.conf
chmod 755 /var/named/forwarders.conf
chown named:named -R /var/named
restorecon -R /var/named
mkdir -p /etc/openshift/plugins.d
cat <<EOF > /etc/openshift/plugins.d/openshift-origin-dns-bind.conf
BIND_SERVER="127.0.0.1"
BIND_PORT=53
BIND_KEYNAME="${node_domain}"
BIND_KEYVALUE="${KEY}"
BIND_ZONE="${node_domain}"
EOF
perl -p -i -e "s/.*:domain_suffix.*/ :domain_suffix => \"$node_domain\",/" /var/www/stickshift/broker/config/environments/*.rb
Jump to Line
Something went wrong with that request. Please try again.