diff options
author | Mike Crute <mike@crute.us> | 2019-12-10 22:03:28 +0000 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2019-12-10 22:07:18 +0000 |
commit | 34306c78d76fe0cc0885f528f37e100352e426d6 (patch) | |
tree | 5252cf3d39de2ea5818aeff45cb0933ea4c94660 /bind/entrypoint.sh | |
parent | 6dbd14383a3a3c784cabf4efa2dd423dfc042926 (diff) | |
download | dockerfiles-34306c78d76fe0cc0885f528f37e100352e426d6.tar.bz2 dockerfiles-34306c78d76fe0cc0885f528f37e100352e426d6.tar.xz dockerfiles-34306c78d76fe0cc0885f528f37e100352e426d6.zip |
bind: Consolidate configuration files
Add DNS master/slave support to container so that slaves don't require
any additional configuration outside of their environment.
Pull common master/slave configuration into the base container.
Diffstat (limited to 'bind/entrypoint.sh')
-rwxr-xr-x | bind/entrypoint.sh | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/bind/entrypoint.sh b/bind/entrypoint.sh new file mode 100755 index 0000000..6ebb0f4 --- /dev/null +++ b/bind/entrypoint.sh | |||
@@ -0,0 +1,42 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | PROFILE="$1" | ||
4 | |||
5 | # The master is expected to provide its own complete config set | ||
6 | if [ "$PROFILE" = "slave" ]; then | ||
7 | if [ -z "$KEY_SECRET" ]; then | ||
8 | echo "KEY_SECRET must be exported into the environment" | ||
9 | exit 1 | ||
10 | fi | ||
11 | |||
12 | if [ -z "$KEY_NAME" ]; then | ||
13 | echo "KEY_NAME must be exported into the environment" | ||
14 | exit 1 | ||
15 | fi | ||
16 | |||
17 | if [ -z "$AWS_VPC_DNS" ]; then | ||
18 | echo "AWS_VPC_DNS must be exported into the environment" | ||
19 | exit 1 | ||
20 | fi | ||
21 | |||
22 | mkdir -p /etc/bind/local/cache/internal /etc/bind/local/cache/external | ||
23 | envsubst < /etc/bind/slave_zones.conf > /etc/bind/local/zones.conf | ||
24 | chown -R named:named /etc/bind/local | ||
25 | |||
26 | # Clean these up so that BIND never sees them | ||
27 | unset KEY_SECRET | ||
28 | unset KEY_NAME | ||
29 | unset AWS_VPC_DNS | ||
30 | fi | ||
31 | |||
32 | # This is used for RNDC and only from the current host, so just generate it | ||
33 | # fresh each container start. | ||
34 | ddns-confgen -q -k rndc-key > /etc/bind/rndc.key | ||
35 | chown named:named /etc/bind/rndc.key | ||
36 | chmod 440 /etc/bind/rndc.key | ||
37 | |||
38 | if [ "$PROFILE" = "slave" ]; then | ||
39 | exec /usr/sbin/named -u named -g | ||
40 | else | ||
41 | exec "$@" | ||
42 | fi | ||