Changeset 187


Ignore:
Timestamp:
Sep 28, 2010, 2:54:48 PM (14 years ago)
Author:
Rick van der Zwet
Message:

CGI details included

File:
1 edited

Legend:

Unmodified
Added
Removed

  • dyndns/dyndns.sh

    r186 r187  
    66# = INSTALL - SSH =
    77# 1) Make sure to allow rndc reload in your sudoers file
    8 #    sudo_user  ALL=(ALL) NOPASSWD: /usr/sbin/rndc reload
     8#      ssh_user  ALL=(ALL) NOPASSWD: /usr/sbin/rndc reload
    99# 2) prefix your ssh authorized key to allow only this script
    10 #    command="/home/rvdzwet/dyndns.sh"
    11 # 3) Call for the remote host like this
    12 #    ssh -a -p 1022 -i id_rsa zweot.vanderzwet.net `hostname`
     10#      command="/home/ssh_user/dyndns/dyndns.sh"
     11# 3) Call for the remote host from crontab:
     12#      ssh -a -p 1022 -i id_rsa dnsserver.example.net `hostname -s`
    1313#
    1414# = INSTALL - CGI =
    15 # XXX:TODO
     15# 1) Put your secret password in ``.cgi_secret''
     16# 2) Alter your apache configuration to allow executing the script
     17#      ScriptAlias /dyndns /path/to/dyndns/dyndns.sh
     18# 1) Make sure to allow rndc reload in your sudoers file
     19#      www_user  ALL=(ALL) NOPASSWD: /usr/sbin/rndc reload
     20# 3) Call from the remote host from crontab:
     21#      fetch -q -o - "http://dnsserver.example.net/dyndns/`hostname -s`/SECRET/"
    1622#
    1723# = USAGE =
     
    2430ZONE='vanderzwet.net'
    2531ZONEFILE="/etc/namedb/master/$ZONE"
    26 
     32CGI_SECRET_FILE="`dirname $0`/.cgi_secret"
    2733
    2834### NO USER EDITABLE PARTS BELOW HERE ###
    29 # SSH specific details
    30 HOSTNAME=`echo $SSH_ORIGINAL_COMMAND | tr -c -d '[a-zA-Z0-9\-_\.]' | cut -d ' ' -f 1 | cut -d '.' -f 1`
    31 REMOTEIP=`echo $SSH_CLIENT | cut -d ' ' -f 1`
     35exec 2>&1
     36if [ -n "$SSH_ORIGINAL_COMMAND" ]; then
     37  # SSH specific details
     38  HOSTNAME=`echo $SSH_ORIGINAL_COMMAND | tr -c -d '[a-zA-Z0-9\-_\.]' | cut -d ' ' -f 1 | cut -d '.' -f 1`
     39  REMOTEIP=`echo $SSH_CLIENT | cut -d ' ' -f 1`
     40else
     41  # CGI specific details
     42  HOSTNAME=`echo $REQUEST_URI | tr -c -d '[a-zA-Z0-9\-_\./]' | awk -F/ '{print $3}'`
     43  SECRET=`echo $REQUEST_URI | tr -c -d '[a-zA-Z0-9\-_\./\!_]' | awk -F/ '{print $4}'`
     44  REMOTEIP=$REMOTE_ADDR
     45  echo "Content-Type: text/plain"
     46  echo ""
     47  CGI_SECRET=`cat $CGI_SECRET_FILE`
     48  if [ -z "$CGI_SECRET" ]; then
     49    echo "Secret not readable from $CGI_SECRET_FILE"
     50    exit 1
     51  fi
     52  if [ "$SECRET" != "$CGI_SECRET" ]; then
     53    echo "Secret invalid"
     54    exit 1
     55  fi
     56fi
    3257
    3358# Tmpfile creation for editing 'in between'
     
    76101
    77102# Install and activate
    78 if \! `/usr/sbin/named-checkzone -q $TMPFILE $ZONE`; then
     103if `/usr/sbin/named-checkzone -q $TMPFILE $ZONE`; then
    79104  echo "New zone failed to validate"
    80105  exit 1
    81106fi
    82 cp $TMPFILE $ZONEFILE
    83 sudo /usr/sbin/rndc reload
     107cp  $TMPFILE $ZONEFILE || exit 1
     108sudo /usr/sbin/rndc reload || exit 1
    84109echo "Entry updated"
Note: See TracChangeset for help on using the changeset viewer.