gitzone

gitzone-install (3035B)

---

 #!/bin/sh
 #
 # gitzone - git-based zone file management tool for BIND
 #
 # Copyright (C) 2013 - 2019 Dyne.org Foundation
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 # quick script to install a new gitzone user / zones repository
 
 # first arg: username
 # secondo (optional) arg: ssh public key
 
 if [ -z "$1" ]; then
 	echo "usage: gitzone-install username [ id_rsa.pub ]";
 	exit 1
 fi
 
 if ! [ "$(id -u)" = 0 ]; then
 	echo "this script needs to be run as root."
 	exit 1
 fi
 
 user="$1"
 
 # check user argument
 if ! grep -q "^$user" /etc/passwd; then
 	echo "error: user not found: $user"
 	exit 1
 fi
 if ! [ -r "/home/$user" ]; then
 	echo "error: user home not found: /home/$user"
 	exit 1
 fi
 if [ -r "/home/$user/zones/$user/.git" ]; then
 	echo "error: gitzone already installed for user $user";
 else # create gitzone directory in user home
 	mkdir -p "/home/$user/zones/$user"
 	cd "/home/$user/zones/$user" || {
 		echo "error: could not cd to /home/$user/zones/$user"
 		exit 1
 	}
 	git init .
 	git config receive.denyCurrentBranch ignore
 	git config user.name "$user"
 	git config user.email "$user@$(hostname -f)"
 	ln -s /usr/libexec/gitzone/*receive* .git/hooks/
 	cd - >/dev/null
 	chown -R "$user:bind" "/home/$user/zones"
 	chmod -R o-rwx "/home/$user/zones"
 
 	# add user to bind group
 	usermod -aG bind "$user"
 
 	# add gitzone cache dir
 	mkdir -p "/var/cache/bind/$user"
 	chown "$user:bind" "/var/cache/bind/$user"
 	chmod o-rwx "/var/cache/bind/$user"
 
 	touch /etc/bind/named.conf.local
 	if ! grep -q "${user}.conf" /etc/bind/named.conf.local; then
 		cat <<EOF >> /etc/bind/named.conf.local
 include "/etc/bind/repos/${user}.conf";
 EOF
 	fi
 
 # success
 	cat <<EOF
 
 ### Gitzone installed for user $user
 ## git repository url (via ssh):
 
 	$user@$(hostname -f):zones/$user
 
 EOF
 
 fi # gitzone created
 
 cat <<EOF
 Don't forget to add configurations to bind!
 
 In /etc/bind/repos create ${user}.conf and put inside:
 
 zone "domain.com" {
 	type master;
 	notify yes;
 	file "/var/cache/bind/$user/domain.com";
 	allow-transfer { transfer; };
 };
 
 Then restart the bind9 daemon.
 EOF
 
 
 key="$2" # add ssh key
 if [ -z "$key" ]; then
 	exit 1
 fi
 if ! [ -r "$key" ]; then
 	echo "error: key not found $key"
 	exit 1
 fi
 mkdir -p "/home/$user/.ssh"
 touch "/home/$user/.ssh/authorized_keys"
 cat "$key" >> "/home/$user/.ssh/authorized_keys"
 chmod -R go-rwx "/home/$user/.ssh"
 chown -R "$user:$user" "/home/$user/.ssh"
 echo "ssh public key $key added for $user"