From e96382cba10d54c4759cecc4da59650a5061ce4f Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Tue, 6 Sep 2022 15:52:53 +0200
Subject: Temporarily passing tsig string to bind as it requires a different
 keyfile format as knot.

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 dehydrated/bin/dehydrated-nsupdate | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/dehydrated/bin/dehydrated-nsupdate b/dehydrated/bin/dehydrated-nsupdate
index 05027ab..f6f40e6 100755
--- a/dehydrated/bin/dehydrated-nsupdate
+++ b/dehydrated/bin/dehydrated-nsupdate
@@ -59,16 +59,26 @@ fi
 if command -v knsupdate > /dev/null 2>&1
 then
 	# knot-dnsutils
-	NSUPDATE="knsupdate"
+	NSUPDATE_VARIANT="knot"
 elif command -v nsupdate > /dev/null 2>&1
 then
 	# bind-dnsutils
-	NSUPDATE="nsupdate"
+	NSUPDATE_VARIANT="bind"
 else
 	echo "'${HOOK}': need nsupdate from bind-dnsutils or knot-dnsutils" >&2
 	exit 1
 fi
 
+case "${NSUPDATE_VARIANT}" in
+	knot)
+		NSUPDATE="knsupdate"
+		;;
+
+	bind)
+		NSUPDATE="nsupdate"
+		;;
+esac
+
 # config
 for FILE in /etc/default/dehydrated-nsupdate /etc/default/dehydrated-nsupdate.d/*
 do
@@ -168,7 +178,15 @@ do
 
 	if [ -n "${KEY}" ] && [ -n "${TSIG}" ]
 	then
-		NSUPDATE_OPTIONS="-k ${KEY}"
+		case "${NSUPDATE_VARIANT}" in
+			knot)
+				NSUPDATE_OPTIONS="-k ${KEY}"
+				;;
+
+			bind)
+				NSUPDATE_OPTIONS="-y $(cat ${KEY})"
+				;;
+		esac
 	fi
 
 	echo -n "   + sending '${HOOK_ACTION}' for ${TXT_RECORD} to ${NAMESERVER}..."
-- 
cgit v1.2.3