#!/bin/ksh
#
# converts /etc/hosts to a zone.db while updating the serial
#
set -e

folder=/var/named/
ns=ns
email=abuse
domain=example.local
#without CIDR
network=x.x.x.x
#you know what this should look like right?
arpa=x.x.x.in-addr.arpa
serial=`date +%s`

cd $folder
cat > $domain.db <<EOF
\$TTL 86400
@       IN SOA     $ns.$domain. $email.$domain. (
                        $serial ; serial
                        21600      ; refresh after 6 hours
                        3600       ; retry after 1 hour
                        604800     ; expire after 1 week
                        86400 )    ; minimum TTL of 1 day
;
        IN NS      $ns.$domain.
EOF

cat > $network.db <<EOF
\$TTL 86400
@       IN      SOA $ns.$domain. $email.$domain. (
                        $serial ; serial
                        21600      ; refresh after 6 hours
                        3600       ; retry after 1 hour
                        604800     ; expire after 1 week
                        86400 )    ; minimum TTL of 1 day
;
@       IN      NS $ns.$domain.
EOF

print writing $domain.db and $network.db... \\c
grep $network /etc/hosts | grep -v ^# | while read line; do
        ip=`echo $line | awk '{print $1}'`
        lhost=`echo $line | awk '{print $2}'`
        shost=`echo $line | awk '{print $3}'`
        sshost=`echo $line | awk '{print $4}'`
        [[ -z $lhost ]] && print lhost not defined && exit 1
        [[ -z $shost ]] && print shost not defined && exit 1
        [[ -z $sshost ]] && print sshost not defined && exit 1

        print "$shost\tIN A\t$ip" >> $domain.db
        print "$sshost\tIN CNAME\t$shost" >> $domain.db
        print "${ip##*.}\tPTR\t$shost.$domain." >> $network.db
done && print done
print ''

named-checkconf -z /etc/named.conf
#named-checkzone $domain /var/named/chroot/var/named/$domain.db
#named-checkzone $arpa /var/named/chroot/var/named/$network.db
print ''

for key in `ls K$domain*.key`; do
        echo adding this DNSKEY record:
        grep DNSKEY $key
        echo -n to $domain.db...
        echo "\$INCLUDE $key" >> $domain.db && echo done
done; unset key
#self-verbose,
dnssec-signzone -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -A -N keep -o $domain -t $domain.db
print ''

for key in `ls K$arpa*.key`; do
        echo adding this DNSKEY record:
        grep DNSKEY $key
        echo -n to $network.db...
        echo "\$INCLUDE $key" >> $network.db && echo done
done; unset key
#self-verbose,
dnssec-signzone -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -A -N keep -o $arpa -t $network.db
print ''

cat <<EOF
you may now wanna run,

        service named-chroot reload

and check,

        host -t DNSKEY $domain localhost
        host -t DNSKEY $arpa localhost

EOF