29 lines
977 B
Markdown
29 lines
977 B
Markdown
# Script to update DKIM entry in BIND zone file
|
|
|
|
This script takes two arguments:
|
|
1. a BIND DNS zone file
|
|
2. a DNS record generated by 'opendkim-genkey'
|
|
|
|
`opendkim-genkey` is part of the `opendkim-tools` Debian package
|
|
|
|
This script use regex to
|
|
1. extract the DKIM selector and the value of the TXT record from the DKIM TXT record generated by opendkim-genkey
|
|
2. replace the DKIM selector and TXT value in the zone file with the new values
|
|
|
|
|
|
## Example
|
|
|
|
- generate a new DKIM key for mail.example.org
|
|
- remember to increase the increment if generating a new key on the same date
|
|
```bash
|
|
INCREMENT=1; /usr/sbin/opendkim-genkey -b 2048 -d mail -s $(/bin/date +%Y%m%d)-$INCREMENT
|
|
|
|
# generate a DNS DKIM TXT record such as '20210811-1.txt'
|
|
/usr/sbin/opendkim-genkey -b 2048 -d example.org -s $(/bin/date +%Y%m%d)-1
|
|
```
|
|
Then run this update-dkim.py, passing the zone file you want to update and the above .txt file:
|
|
```bash
|
|
update-dkim.py <zone file> 20210811-1.txt
|
|
```
|
|
```sh
|
|
```
|