define-configuration-space dynamic ZONECFG {
prefix "ddns-"
define-simple key "ddns"
+ define-simple auto-dnssec off
define-list types {A TXT PTR}
define policy {body} {
"-S" \
"-K%h/key" \
"-d%h/ds" \
- "-s-3600" "-e+176400" \
+ "-s-3600" "-e+176400" "-i90000" \
"-N%q" \
"-o%z" \
"-f%o" \
"%f"]
- define-simple auto-dnssec off
define-list reload-command [list "$BINDPROGS/rndc" "reload" "%z" "IN" "%v"]
define-list autosign-command [list "$BINDPROGS/rndc" "sign" "%z" "IN" "%v"]
define-list checkzone-command \
array set zone $info
set outfile "$zone(server-file-name).new"
- if {![run "zone `$zone(name)' in view `$zone(mapped-view)'" \
+ if {![run "sign zone `$zone(name)' in view `$zone(mapped-view)'" \
$zone(signzone-command) \
"%h" $zone(home-dir) \
"%m" $zone(static-dir) \
puts $chan "\ttype master;"
puts $chan "\tfile \"$zone(server-file-name)\";"
switch -exact -- $zone(type) {
- dynamic { write-ddns-update-policy "\t" $chan $config }
+ dynamic {
+ write-ddns-update-policy "\t" $chan $config
+ if {![string equal $zone(ddns-auto-dnssec) off]} {
+ puts $chan "\tauto-dnssec $zone(ddns-auto-dnssec);"
+ }
+ }
}
}
slave {
foreach host $zone(masters) { lappend masters [host-addr $host] }
puts $chan "\tmasters { [join $masters {; }]; };"
puts $chan "\tfile \"$zone(file-name)\";"
- if {![string equal $zone(auto-dnssec) off]} {
- puts $chan "\tauto-dnssec $zone(auto-dnssec);"
- }
switch -exact -- $zone(type) {
dynamic { puts $chan "\tallow-update-forwarding { any; };" }
}
defcmd install {user view name} {
help-text "Install a new zone file.
- The file is for the given zone NAME and \(user-side) VIEW. The file is
- provided by the named USER"
+The file is for the given zone NAME and \(user-side) VIEW. The file is
+provided by the named USER."
} {
global QUIS ZONECFG ZONES CONFFILE errorInfo errorCode
}
## If the zone wants signing, better to do that now.
- if {![sign-zone-file $matchinfo keep $tmp]} {
+ if {$zone(sign) && ![sign-zone-file $matchinfo keep $tmp]} {
eval $cleanup
exit 2
}
}
}
} elseif {[string equal $zone(type) dynamic] &&
- ![string equal $zone(auto-dnssec) off]} {
+ ![string equal $zone(ddns-auto-dnssec) off]} {
## Dynamic zone: get BIND to re-sign it.
if {![run "re-sign zone `$zone(name) in server view `$view'" \