unkinben/puppet-bind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix dnssec-init to respect alt key-directory

Browse Source
This commit is contained in:
Nate Riffe 2012-10-07 08:23:27 -05:00
parent 97ce940f50
commit a5185b5aaf
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
files/dnssec-init
View File

@ -3,7 +3,8 @@
CACHEDIR="$1"
NAME="$2"
DOMAIN="$3"
KEY_DIRECTORY="$4"
PATH=/bin:/sbin:/usr/bin:/usr/sbin
dnssec-keygen -K "${CACHEDIR}/${NAME}" "${DOMAIN}"
dnssec-keygen -f KSK -K "${CACHEDIR}/${NAME}" "${DOMAIN}"
dnssec-signzone -S -d "${CACHEDIR}" -K "${CACHEDIR}/${NAME}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${DOMAIN}"
dnssec-keygen -K "${KEY_DIRECTORY}" "${DOMAIN}"
dnssec-keygen -f KSK -K "${KEY_DIRECTORY}" "${DOMAIN}"
dnssec-signzone -S -d "${CACHEDIR}" -K "${KEY_DIRECTORY}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${DOMAIN}"

2
manifests/zone.pp
View File

@ -49,7 +49,7 @@ define bind::zone (
if $dnssec {
exec { "dnssec-keygen-${name}":
command => "/usr/local/bin/dnssec-init ${cachedir} ${name} ${_domain}",
command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}' '${_domain}' '${key_directory}'",
cwd => $cachedir,
user => $bind::params::bind_user,
creates => "${cachedir}/${name}/${_domain}.signed",