dotfiles/examples/shell/nsd/dnssec.sh

#!/bin/sh
if [ -z "$2" ]; then exit 1; fi
CURRENTDIR=$(pwd) # save current dir
ZONEDIR="/srv/vcomm/dns/" # location of your zone files
ZONE=$1
ZONEFILE=$2
cd "$ZONEDIR" || exit
SERIAL=$(/usr/sbin/named-checkzone "$ZONE" "$ZONEFILE" | grep -Rho '[0-9]{10}')
echo "Updated to serial: $SERIAL"
sed -i 's/'$SERIAL'/'$(($SERIAL+1))'/' "$ZONEFILE"
/usr/sbin/dnssec-signzone -A -3 "$(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16)" -N increment -o "$ZONE" -t "$ZONEFILE"
cd "$CURRENTDIR" || exit
sudo nsd-control reload
cp /srv/vcomm/tls/plantroon.com/fullchain.cer /srv/vapps/mailcow-dockerized/data/assets/ssl/cert.pem
cp /srv/vcomm/tls/plantroon.com/plantroon.com.key /srv/vapps/mailcow-dockerized/data/assets/ssl/key.pem
postfix_c=$(docker ps -qaf name=postfix-mailcow)
dovecot_c=$(docker ps -qaf name=dovecot-mailcow)
nginx_c=$(docker ps -qaf name=nginx-mailcow)
sudo docker restart "${postfix_c}" "${dovecot_c}" "${nginx_c}"