entrypoint.sh

#!/bin/ash
# shellcheck shell=dash
set -e

# Input defaults and text to lower case
DEBUG=${DEBUG:-"false"} && DEBUG=$(echo "$DEBUG" | tr "[:upper:]" "[:lower:]")
AUTOUPDATE_ZONES=${AUTOUPDATE_ZONES:-"false"} && AUTOUPDATE_ZONES=$(echo "$AUTOUPDATE_ZONES" | tr "[:upper:]" "[:lower:]")
SMART_WATCHER=${SMART_WATCHER:-"false"} && SMART_WATCHER=$(echo "$SMART_WATCHER" | tr "[:upper:]" "[:lower:]")
LOGGING=${LOGGING:-"false"} && LOGGING=$(echo "$LOGGING" | tr "[:upper:]" "[:lower:]")
export DNS_RESTART=${DNS_RESTART:-"rndc reload"}

# Input validation
if [ "$DEBUG" != "true" ] && [ "$DEBUG" != "false" ]; then
  echo "[!] Invalid option for DEBUG, expected \"true\" or \"false\""
  exit 1
fi

if [ "$AUTOUPDATE_ZONES" != "true" ] && [ "$AUTOUPDATE_ZONES" != "false" ]; then
  echo "[!] Invalid option for AUTOUPDATE_ZONES, expected \"true\" or \"false\""
  exit 1
fi

if [ "$SMART_WATCHER" != "true" ] && [ "$SMART_WATCHER" != "false" ]; then
  echo "[!] Invalid option for SMART_WATCHER, expected \"true\" or \"false\""
  exit 1
fi

if [ -z "$REDIRECT_IPV4" ] && [ -z "$REDIRECT_IPV6" ]; then
  echo "[!] Either REDIRECT_IPV4 or REDIRECT_IPV6 must be set"
  exit 1
fi

if [ -n "$REDIRECT_IPV4" ]; then
  if ! echo "$REDIRECT_IPV4" | grep -E "^(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])$" > /dev/null 2>&1; then
    echo "[!] Invalid IPv4 address for REDIRECT_IPV4 option"
    exit 1
  fi
fi

if [ -n "$REDIRECT_IPV6" ]; then
  if ! echo "$REDIRECT_IPV6" | grep -E "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$" > /dev/null 2>&1; then
    echo "[!] Invalid IPv6 address for REDIRECT_IPV6 option"
    exit 1
  fi
fi

if [ "$LOGGING" != "true" ] && [ "$LOGGING" != "false" ]; then
  echo "[!] Invalid option for LOGGING, expected \"true\" or \"false\""
  exit 1
fi

if [ "$DEBUG" = "true" ]; then
  echo "=== DEBUG ====================================================="
  echo "AUTOUPDATE_ZONES » $AUTOUPDATE_ZONES"
  echo "SMART_WATCHER » $SMART_WATCHER"
  echo "DNS_RESTART » $DNS_RESTART"
  if [ -n "$REDIRECT_IPV4" ]; then
    echo "REDIRECT_IPV4 » $REDIRECT_IPV4"
  fi
  if [ -n "$REDIRECT_IPV6" ]; then
    echo "REDIRECT_IPV6 » $REDIRECT_IPV6"
  fi
  echo "LOGGING » $LOGGING"
  echo "==============================================================="
fi

echo "[-] Configuring settings..."

# Delete existing named.conf.options and replace with the template
rm -f /etc/bind/named.conf.options 2> /dev/null || true
cp -f /etc/bind/named.conf.options.template /etc/bind/named.conf.options

# TODO: Is there a similar way to detect if an IPv4 interface is available like IPv6 below?
# Bind to IPv4 interface if it's available
if [ -n "$REDIRECT_IPV4" ]; then
  echo "[-] IPv4 interface detected, enabling IPv4..."
  sed -i "s/\/\/listen-on-v4/listen-on/g" "/etc/bind/named.conf.options"
fi

# Bind to IPv6 interface if it's available
if [ -n "$REDIRECT_IPV6" ] && [ "$(ip -6 addr)" != "" ]; then
  echo "[-] IPv6 interface detected, enabling IPv6..."
  sed -i "s/\/\/listen-on-v6/listen-on-v6/g" "/etc/bind/named.conf.options"
fi

# Toggle Logging
if [ "$LOGGING" = "true" ]; then
  echo "[-] Enabling logging..."
  sed -i "s/\/\/include/include/g" "/etc/bind/named.conf"
fi

# Grab latest `db.root` on startup
echo "[-] Downloading latest \"db.root\" file..."
curl -o "/etc/bind/db.root" -z "/etc/bind/db.root" -s "https://www.internic.net/domain/named.root" || true

# Activate Python virtual environment
echo "[-] Activating Python virtual environment..."
# shellcheck source=/dev/null
. /opt/dns-config-watchdog/.venv/bin/activate

# Generate zone files
echo "[-] Generating zone files..."
python3 /opt/dns-config-watchdog/main.py --skip-refresh

if [ "$AUTOUPDATE_ZONES" = "true" ]; then
  if [ "$SMART_WATCHER" = "true" ]; then
    # Run watchdog on zones.json in background... if not on a Windows host
    python3 /opt/dns-config-watchdog/main.py --watchdog &
  elif [ "$SMART_WATCHER" = "false" ]; then
    # http://blog.subjectify.us/miscellaneous/2017/04/24/docker-for-windows-watch-bindings.html
    # Check the file modified date every 5 seconds
    sh -c 'LTIME=$(stat -c %Z /opt/dns-config-watchdog/zones.json); while true; do ATIME=$(stat -c %Z /opt/dns-config-watchdog/zones.json); if [ "$ATIME" != "$LTIME" ]; then . /opt/dns-config-watchdog/.venv/bin/activate; python3 /opt/dns-config-watchdog/main.py; LTIME=$ATIME; fi; sleep 5; done' &
  fi
fi

# Start BIND
echo "[-] Starting BIND..."
exec "$@"