common: Added helper nsupdate_keygen

dehydrated
Felix Stupp 5 years ago
parent 0b7e2cb923
commit 99e58d4224
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7

@ -36,6 +36,7 @@ global_credentials_directory: "credentials"
global_public_key_directory: "public_keys"
global_dns_list_directory: "{{ global_public_key_directory }}/dns"
global_dns_update_key_algorithm: "ED25519"
global_ssh_key_directory: "{{ global_public_key_directory }}/ssh"
global_ssh_host_key_directory: "{{ global_ssh_key_directory }}/hosts"

@ -30,6 +30,7 @@
- backup_autoremove.sh
- backup_files.sh
- backup_mysql_database.sh
- nsupdate_keygen.sh
- name: Configure auto remove older backups
cron:

@ -0,0 +1,23 @@
#!/bin/bash
set -euxo pipefail;
if [[ -z "${1+x}" ]]; then
echo "Usage: $(basename "$0") HOST [PATH]" >&2
exit 2;
fi
key_path="${2:-1}";
if [[ "$key_path" = /* ]]; then
target="$key_path";
else
target="$PWD/$key_path";
fi
tmpdir="$(mktemp --directory)";
cd "$tmpdir";
name="$(dnssec-keygen -a {{ global_dns_update_key_algorithm }} -n HOST -T KEY "$1")";
for suffix in "key" "private"; do
mv "$tmpdir/$name.$suffix" "$target.$suffix";
done
rm -rf "$tmpdir";
Loading…
Cancel
Save