From 4febe16e256fc26acfcd4111fdf76d1bb1405f98 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 5 Jun 2022 20:04:59 +0200 Subject: Handling ipv4-only/ipv6-only nameservers on ipv4-only/ipv6-only systems. Signed-off-by: Daniel Baumann --- dehydrated/bin/dehydrated-nsupdate | 35 +++++++++++++++++++++++++++++++++-- 1 file changed, 33 insertions(+), 2 deletions(-) (limited to 'dehydrated/bin') diff --git a/dehydrated/bin/dehydrated-nsupdate b/dehydrated/bin/dehydrated-nsupdate index fa421ea..96c95eb 100755 --- a/dehydrated/bin/dehydrated-nsupdate +++ b/dehydrated/bin/dehydrated-nsupdate @@ -88,9 +88,9 @@ else TXT_RECORD="_acme-challenge.${DOMAIN}" fi -# find nameservers to update ZONE="${TXT_RECORD}" +# find all nameservers to update while true do NAMESERVERS="$(${DIG} +nocomments +noquestion NS "${ZONE}" 2>&1 | grep -v '^;' | awk '/NS/ { print $5 }')" @@ -104,12 +104,43 @@ do fi done +NAMESERVERS_IPV6="" +NAMESERVERS_IPV4="" + +for NAMESERVER in ${NAMESERVERS} +do + if [ -n "$(${DIG} +nocomments +noquestion +short AAAA ${NAMESERVER})" ] + then + NAMESERVERS_IPV6="${NAMESERVERS_IPV6} ${NAMESERVER}" + fi + + if [ -n "$(${DIG} +nocomments +noquestion +short A ${NAMESERVER})" ] + then + NAMESERVERS_IPV4="${NAMESERVERS_IPV4} ${NAMESERVER}" + fi +done + +# filter nameservers by available IP protocol +NAMESERVERS="" + +if hostname -I | grep -qs ':' +then + NAMESERVERS="${NAMESERVERS} ${NAMESERVERS_IPV6}" +fi + +if hostname -I | grep -qs '\.' +then + NAMESERVERS="${NAMESERVERS} ${NAMESERVERS_IPV4}" +fi + +NAMESERVERS="$(echo ${NAMESERVERS} | sed -e 's| |\n|g' | sort -u -V)" + +# update nameservers if [ -n "${TSIG_KEYFILE}" ] && [ -e "${TSIG_KEYFILE}" ] then NSUPDATE_OPTIONS="-k ${TSIG_KEYFILE}" fi -# update nameservers for NAMESERVER in ${NAMESERVERS} do echo -n " + sending '${HOOK_ACTION}' for ${TXT_RECORD} to ${NAMESERVER}..." -- cgit v1.2.3