summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortg(x) <*@tg-x.net>2011-02-05 19:24:21 (GMT)
committer tg(x) <*@tg-x.net>2013-06-05 15:58:40 (GMT)
commit61164289b09de8f87c0cbe905497a76cee3b3890 (patch)
tree6ef0da448411314b4a135abf3ab057fb67beaeb8
parent5cfbba0ae727994a83711413b458fc44731a398b (diff)
docs
-rw-r--r--README.org20
1 files changed, 18 insertions, 2 deletions
diff --git a/README.org b/README.org
index 333c5db..4f28a38 100644
--- a/README.org
+++ b/README.org
@@ -19,8 +19,11 @@ key management.
- set PREFIX in Makefile and make sure the paths in the hooks are correct, then
: # make install
+
- edit the settings in gitzone-shell
+
- create users with ssh access and set their shell to gitzone-shell
+
- create a zones repo for each user and set receive.denyCurrentBranch to ignore,
this allows pushing to a checked out repository. The checked out files are
used for incrementing serials and validating the zones with named-checkzone.
@@ -32,15 +35,19 @@ key management.
: # cd hooks
: # ln -s /usr/lib/gitzone/hooks/pre-receive
: # ln -s /usr/lib/gitzone/hooks/post-receive
+
- create a .gitconfig for the user that contains user name & user email (used
for auto increment commits)
+
- edit the settings in gitzone.conf
+
- create a directory for each user in $zone_dir and chown it to the user, this
will contain a clone of the user's repository, the zone files here should be
included in named.conf.
: # cd $zone_dir
: # mkdir $user
: # chown $user:$group $user
+
- edit named.conf and set directory in options to $zone_dir, this is needed to
make relative file names working in $INCLUDE:
: options {
@@ -63,18 +70,22 @@ There are a few keywords you can use in the zone files:
- $INCLUDE can be used to include other files from the repository, the file
names should be prefixed with the user name
+
- ;INCLUDED_BY on the first line of a file indicates what other files include
this file. When this file is committed & pushed all the other files listed
after ;INCLUDED_BY are reloaded as well.
E.g. if you have the following files in the repository then a change in
example-common would result in the reload of both example.net & example.org:
+
- example.net:
: ...
: $INCLUDE username/example-common example.net.
+
- example.org:
: ...
: $INCLUDE username/example-common example.org.
+
- example-common:
: ;INCLUDED_BY example.net example.org
: ...
@@ -101,12 +112,16 @@ The following SSH commands can be used:
- =update-record <filename> <record>=: updates the IP address of the first matched
record in the given file to the SSH client's IP address
: % ssh ns.example.net update-record example.net somehost IN A
+
- =list-keys=: list added ssh keys
: % ssh ns.example.net list-keys
+
- =add-key=: add a new ssh key
: % ssh ns.example.net add-key `cat id_rsa.pub`
+
or only allow one specific command:
: % ssh ns.example.net add-key 'command="update-record example.net somehost IN A"' `cat id_rsa.pub`
+
- =del-key=: delete an ssh key from the config
: % ssh ns.example.net del-key user@somewhere
@@ -120,5 +135,6 @@ repository as it is restricted to the specified command only. Then all you have
update your IP is:
: % ssh ns.example.net
-Run this command whenever the IP changes or the interface comes up. On
-Debian-like systems you can use a post-up command in /etc/network/interfaces.
+Run this command whenever the IP changes or the interface comes up.
+
+- *Debian*: On Debian-like systems you can use a post-up command in /etc/network/interfaces.