Add jobs/ns-update.php

2023-09-20 13:27:00 +02:00 · 2023-09-20 13:27:00 +02:00 · f11ba53af2
parent 0504a5ce27
commit f11ba53af2
3 changed files with 32 additions and 3 deletions
--- a/DOCS/architecture.md
+++ b/DOCS/architecture.md
@ -25,7 +25,7 @@ The `output` function is used to return success or error messages and stop proce
 : Functions, grouped by concerned service

 `jobs/`
-: CLI scripts
+: CLI scripts ; should be run as the same user as the rest of the program (e.g. `sudo -u servnest php /srv/servnest/core/jobs/something.php`)

 `sftpgo-auth.php`
 : When someone tries to log in over SFTP, SFTPGo sends username and password to this script, which queries the database and replies whether authentication succeeded or not.
--- a/DOCS/configuration.md
+++ b/DOCS/configuration.md
@ -90,9 +90,11 @@ Filesystem path to the zones directory. The full path to created zonefiles will

 ### `servers[]`

-The first element is set as the primary server in the SOA.
+The first element is set as the primary server in the SOA when creating a zone.

-All elements are listed in the interface so users can know what NS records to set in their zone.
+All elements are used as NS records for newly created zones and listed in the interface so users can know what NS records must be delegated from the registry.
+
+The script `jobs/ns-update.php` may be run after updating this setting to update NS records for already created zones.

 ### `kzonecheck_path`

--- a/jobs/ns-update.php
+++ b/jobs/ns-update.php
@ -0,0 +1,27 @@
+<?php declare(strict_types=1);
+require __DIR__ . '/../init.php';
+
+foreach (query('select', 'zones') as $zone) {
+
+	// Get current NS records
+	$zone_raw = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $zone['zone'] . 'zone');
+	if ($zone_raw === false)
+		output(403, 'Unable to read zone file.');
+	$current_ns_records = array_column(parseZoneFile($zone_raw, ['NS'], $zone['zone'], false), 3);
+
+	// Add config NS records that are not yet in current
+	foreach (array_diff(CONF['ns']['servers'], $current_ns_records) as $value_to_add)
+		knotcZoneExec($zone['zone'], [
+			$zone['zone'],
+			CONF['reg']['ttl'],
+			'NS',
+			$value_to_add,
+		], 'add');
+	// Delete current NS records that are not part of config anymore
+	foreach (array_diff($current_ns_records, CONF['ns']['servers']) as $value_to_delete)
+		knotcZoneExec($zone['zone'], [
+			$zone['zone'],
+			'NS',
+			$value_to_delete,
+		], 'delete');
+}