#!/bin/sh
# about this script.
#-This script runs on the 20th of every month.
#-ZSK created by this script will be 
#  published at 00:00UTC(09:00JST) of the beginning of +1 month,
#  active    at 00:00UTC(09:00JST) of the beginning of +2 month,
#  inactive  at 00:00UTC(09:00JST) of the beginning of +3 month,
#  deleted   at 00:00UTC(09:00JST) of the beginning of +4 month.
#  
DOMAINS="xn--n8j1c913r6j1b.jp"
DATE=`date +%Y%m%d%H%M`
SUBJECT="${DOMAINS} ZSK created ${DATE}"
MAILTO="takashima@example.co.jp ryuichi.takashima@example.com"
#
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
ZONEDIR=/var/named/chroot/var/named/
KEYDIR=/var/named/chroot/etc/pki/dnssec-keys/
#
MAIL=/bin/mail
SIGNZONE=/usr/sbin/dnssec-signzone
KEYGEN=/usr/sbin/dnssec-keygen
RNDC=/usr/sbin/rndc
#
ALG=RSASHA256
KEYLEN=1024
RAND=/dev/urandom	# random seed
# ZSK parameter what will to be published 
P=`date -d "1 month" +%Y%m`01000000	# when the key state will be publish
A=`date -d "2 month" +%Y%m`01000000	# when the key state will be active
I=`date -d "3 month" +%Y%m`01000000	# when the key state will be inactive
D=`date -d "4 month" +%Y%m`01000000	# when the key state will be deleted
#
(\
	cd ${KEYDIR}
	for DOMAIN in ${DOMAINS} 
	do ${KEYGEN} -K ${KEYDIR} -a ${ALG} -b ${KEYLEN} \
		-r ${RAND} -P ${P} -A ${A} -I ${I} -D ${D} ${DOMAIN}
	done \
) 2>&1 | ${MAIL} -s "${SUBJECT}" ${MAILTO}