From cfe9e9ce5966482364a52ddc8afce4e52939e58a Mon Sep 17 00:00:00 2001
From: Daniel Baumann <mail@daniel-baumann.ch>
Date: Mon, 6 Sep 2021 07:21:33 +0200
Subject: Making dehydrated-nsupdate more robust and cope with local but
 not-cached authoritative zone outputs.

Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
---
 dehydrated/bin/dehydrated-nsupdate | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/dehydrated/bin/dehydrated-nsupdate b/dehydrated/bin/dehydrated-nsupdate
index 7b6ea34..b870e3b 100755
--- a/dehydrated/bin/dehydrated-nsupdate
+++ b/dehydrated/bin/dehydrated-nsupdate
@@ -79,7 +79,7 @@ do
 done
 
 # find txt record to update
-CNAME="$(${DIG} "_acme-challenge.${DOMAIN}" 2>&1 | awk '/CNAME/ { print $5 }' | tail -n1)"
+CNAME="$(${DIG} +nocomments +noquestion "_acme-challenge.${DOMAIN}" 2>&1 | grep -v '^;' | awk '/CNAME/ { print $5 }' | tail -n1)"
 
 if [ -n "${CNAME}" ]
 then
@@ -93,10 +93,11 @@ ZONE="${TXT_RECORD}"
 
 while true
 do
-	NAMESERVERS="$(${DIG} NS "${ZONE}" 2>&1 | awk '/NS/ { print $5 }' | tail -n1)"
+	NAMESERVERS="$(${DIG} +nocomments +noquestion NS "${ZONE}" 2>&1 | grep -v '^;' | awk '/NS/ { print $5 }')"
 
 	if [ -n "${NAMESERVERS}" ]
 	then
+		ZONE="$(${DIG} +nocomments +noquestion NS "${ZONE}" 2>&1 | grep -v '^;' | awk '/NS/ { print $1 }' | tail -n1)"
 		break
 	else
 		ZONE="$(echo "${ZONE}" | cut -d '.' -f 2-)"
@@ -108,8 +109,6 @@ then
 	NSUPDATE_OPTIONS="-k ${TSIG_KEYFILE}"
 fi
 
-NAMESERVERS="$(${DIG} +short NS "${ZONE}")"
-
 # update nameservers
 for NAMESERVER in ${NAMESERVERS}
 do
-- 
cgit v1.2.3