.forgejo/workflows/ci.yaml: WIP, preparing for nsupdate
This commit is contained in:
parent
4a9f1f7f6f
commit
055ae55744
GPG Key ID:
57BC26A3687116F6
|
|
@ -4,67 +4,43 @@ on:
|
|||
- 'main'
|
||||
|
||||
jobs:
|
||||
sync:
|
||||
deploy_script:
|
||||
runs-on: linux_amd64
|
||||
steps:
|
||||
- name: Retrieve and sync files
|
||||
shell: bash
|
||||
run: |
|
||||
git clone ${{ gitea.server_url }}/${{ gitea.repository }} dns
|
||||
echo "Cloned sucessfully from ${{ gitea.server_url }}/${{ gitea.repository }}"
|
||||
cd dns
|
||||
echo "" > /var/cache/bind/.modified
|
||||
|
||||
if [ -z $(git diff-tree --no-commit-id --name-only -r main | grep zone) ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
files=$(git diff-tree --no-commit-id --name-only -r main | grep zone)
|
||||
|
||||
for file in $files
|
||||
do
|
||||
domain=$(echo $file | sed "s/.zone//g")
|
||||
/usr/bin/named-checkzone "$domain" "$file" || ( echo "Error on file $file" && continue; )
|
||||
echo "$file" >> /var/cache/bind/.modified
|
||||
rsync "./$file" /var/cache/bind/
|
||||
echo "Move $file to /var/cache/bind"
|
||||
done
|
||||
sudo chown bind:bind /var/cache/bind/*.zone
|
||||
sudo chmod g+rw /var/cache/bind/*.zone
|
||||
echo "Synced sucessfully"
|
||||
|
||||
|
||||
deploiement:
|
||||
runs-on: linux_amd64
|
||||
needs: sync
|
||||
steps:
|
||||
- name: Reload bind
|
||||
shell: bash
|
||||
environment:
|
||||
TSIG_KEY: ${TSIG_KEY} # Clé TSIG stockée dans les secrets CI/CD
|
||||
DNS_SERVER: ${DNS_SERVER} # Adresse du serveur DNS
|
||||
run: |
|
||||
sudo systemctl reload bind9.service
|
||||
- name: Check bind
|
||||
shell: bash
|
||||
run: |
|
||||
echo Recherche de zones déployées
|
||||
cd /var/cache/bind
|
||||
files=$(cat /var/cache/bind/.modified)
|
||||
|
||||
if [ -z $files ]; then
|
||||
echo Aucune zone déployée
|
||||
exit 0
|
||||
fi
|
||||
|
||||
for zone_name in $files; do
|
||||
datetime=$(date --iso-8601=seconds)
|
||||
echo "Vérification de la zone ${zone_name::-5}..."
|
||||
|
||||
if [[ $zone_name == *":"* ]]; then
|
||||
echo On ne sait pas vérifier ce type de zone
|
||||
else
|
||||
echo Dernière minute...
|
||||
sudo grep named /var/log/syslog | grep ${datetime::-10} | grep ${zone_name::-5}
|
||||
sudo grep named /var/log/syslog | grep ${datetime::-9} | grep ${zone_name::-5} | grep loaded || exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Déploiement terminé !"
|
||||
git diff HEAD^ HEAD > zone_diff.txt
|
||||
while IFS= read -r line; do
|
||||
case "$line" in
|
||||
"--- "*".zone")
|
||||
CURRENT_ZONE=$(basename "$line" .zone | sed 's/--- //')
|
||||
;;
|
||||
"+++"*)
|
||||
;;
|
||||
"-"* | "+"*)
|
||||
if [[ $line == -* ]]; then # Enregistrement supprimé
|
||||
RECORD=$(echo "$line" | sed 's/^-//')
|
||||
echo - $RECORD
|
||||
# echo nsupdate -k $TSIG_KEY <<EOF
|
||||
# server $DNS_SERVER
|
||||
# zone $CURRENT_ZONE
|
||||
# update delete $RECORD
|
||||
# send
|
||||
# EOF
|
||||
elif [[ $line == +* ]]; then # Enregistrement ajouté
|
||||
RECORD=$(echo "$line" | sed 's/^+//')
|
||||
echo + $RECORD
|
||||
# nsupdate -k $TSIG_KEY <<EOF
|
||||
# server $DNS_SERVER
|
||||
# zone $CURRENT_ZONE
|
||||
# update add $RECORD
|
||||
# send
|
||||
# EOF
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
done < zone_diff.txt
|
||||
Loading…
Reference in New Issue