Switch to using allow-update

2022-01-11 16:35:54 -05:00 · 2022-01-11 16:35:54 -05:00 · 9df741b040
parent d3fb621ca9
commit 9df741b040
2 changed files with 35 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -44,7 +44,7 @@ curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc": "2.0", "method"



-test peach-bind9 is running,
+# test peach-bind9 is running,
 ```
 # this returns version of bind running
 dig -t txt -c chaos VERSION.BIND @IP_ADDRESS_OF_SERVER 
@ -56,4 +56,23 @@ nslookup blue.dyn.peachcloud.org YOUR_SERVER_IP_ADDRESS
 nslookup blue.dyn.peachcloud.org ns.peachcloud.org
 ```

+# test nsupdate is working 
+
+``` 
+/usr/bin/nsupdate -k /var/lib/peachcloud/peach-dyndns/tsig.key -v <<EOF
+server ns.peachcloud.org
+zone bluemirage889.dyn.peachcloud.org
+update delete bluemirage889.dyn.peachcloud.org
+update add bluemirage889.dyn.peachcloud.org 30 A 174.76.52.101
+send
+EOF
+```
+``` 
+cat <<EOF |  /usr/bin/nsupdate -k /var/lib/peachcloud/peach-dyndns/tsig.key -v 
+server ns.peachcloud.org
+zone bluemirage889.dyn.peachcloud.org
+update delete bluemirage889.dyn.peachcloud.org
+update add bluemirage889.dyn.peachcloud.org 30 A 174.76.52.101
+send
+EOF
 ```
--- a/src/generate_zone.rs
+++ b/src/generate_zone.rs
@ -100,14 +100,26 @@ pub fn generate_zone(full_domain: &str) -> Result<String, PeachDynDnsError> {
        .append(true)
        .open(bind_conf_path)
        .unwrap_or_else(|_| panic!("failed to open {}", bind_conf_path));
+    // this commented out section, with update-policy stopped working
+    // so we are now using allow-update
+    // let zone_section_text = format!(
+    //     "\
+    //     zone \"{full_domain}\" {{
+    //         type master;
+    //         file \"/var/lib/bind/{full_domain}\";
+    //         update-policy {{
+	//             grant {full_domain} self {full_domain};
+    //         }};
+    //     }};
+    // ",
+    //     full_domain = full_domain
+    // );
    let zone_section_text = format!(
        "\
        zone \"{full_domain}\" {{
            type master;
            file \"/var/lib/bind/{full_domain}\";
-            update-policy {{
-	            grant {full_domain} self {full_domain};
-            }};
+            allow-update {key "{full_domain}";};
        }};
    ",
        full_domain = full_domain