zoonderkins · March 11, 2026 09:19
diff --git a/dnsdist-install.sh b/dnsdist-install.sh
 #!/usr/bin/env bash
 set -Eeuo pipefail

 export DEBIAN_FRONTEND=noninteractive

 DNSDIST_CHANNEL="${DNSDIST_CHANNEL:-21}"   # default 21 https://repo.powerdns.com/
 APT_DIR="/etc/apt"
 SOURCES_DIR="/etc/apt/sources.list.d"
 PREF_DIR="/etc/apt/preferences.d"
 KEYRING_DIR="/etc/apt/keyrings"

 PDNS_LIST="${SOURCES_DIR}/pdns.list"
 PDNS_PREF="${PREF_DIR}/dnsdist-${DNSDIST_CHANNEL}"
 PDNS_KEY="${KEYRING_DIR}/dnsdist-${DNSDIST_CHANNEL}-pub.asc"

 log()  { echo "[INFO] $*"; }
 warn() { echo "[WARN] $*" >&2; }
 err()  { echo "[ERROR] $*" >&2; }

 require_root() {
  if [[ "${EUID}" -ne 0 ]]; then
    err "Please run as root: sudo bash $0"
    exit 1
  fi
 }

 backup_file_if_exists() {
  local f="$1"
  if [[ -f "$f" ]]; then
    cp -a "$f" "${f}.bak.$(date +%Y%m%d%H%M%S)"
  fi
 }

 comment_out_matching_lines() {
  local file="$1"
  local pattern="$2"

  [[ -f "$file" ]] || return 0
  backup_file_if_exists "$file"

  awk -v pat="$pattern" '
    $0 ~ pat && $0 !~ /^[[:space:]]*#/ { print "# disabled-by-dnsdist-install: " $0; next }
    { print }
  ' "$file" > "${file}.tmp"

  mv "${file}.tmp" "$file"
 }

 disable_bad_nodesource_repo() {
  log "Disabling broken NodeSource repo entries if present..."

  if [[ -f /etc/apt/sources.list ]]; then
    comment_out_matching_lines /etc/apt/sources.list "deb .*deb\\.nodesource\\.com"
  fi

  find "$SOURCES_DIR" -maxdepth 1 -type f \( -name "*.list" -o -name "*.sources" \) | while read -r f; do
    if grep -Eq 'deb\.nodesource\.com|NodeSource' "$f"; then
      backup_file_if_exists "$f"
      if [[ "$f" == *.list ]]; then
        comment_out_matching_lines "$f" "deb .*deb\\.nodesource\\.com"
      else
        mv "$f" "${f}.disabled.$(date +%Y%m%d%H%M%S)"
        warn "Disabled NodeSource source file: $f"
      fi
    fi
  done
 }

 fix_docker_tirixe_typo() {
  log "Fixing Docker repo typo: tirixe -> trixie"

  if [[ -f /etc/apt/sources.list ]]; then
    if grep -q 'download\.docker\.com/linux/debian' /etc/apt/sources.list; then
      backup_file_if_exists /etc/apt/sources.list
      sed -i 's/\btirixe\b/trixie/g' /etc/apt/sources.list
    fi
  fi

  find "$SOURCES_DIR" -maxdepth 1 -type f \( -name "*.list" -o -name "*.sources" \) | while read -r f; do
    if grep -q 'download\.docker\.com/linux/debian' "$f"; then
      backup_file_if_exists "$f"
      sed -i 's/\btirixe\b/trixie/g' "$f" || true
    fi
  done
 }

 cleanup_old_pdns() {
  log "Cleaning old PowerDNS/dnsdist apt files..."
  rm -f "${SOURCES_DIR}/pdns.list"
  rm -f "${SOURCES_DIR}/dnsdist.list"
  rm -f "${SOURCES_DIR}/powerdns.list"
  rm -f "${PREF_DIR}"/dnsdist-*
  rm -f "${PREF_DIR}/dnsdist-master"
  rm -f "${KEYRING_DIR}"/dnsdist-*-pub.asc
  rm -f "${KEYRING_DIR}/dnsdist-master-pub.asc"
 }

 install_base_packages() {
  log "Installing base packages..."
  apt-get update
  apt-get install -y ca-certificates curl gnupg
 }

 setup_dnsdist_repo() {
  log "Setting up PowerDNS dnsdist ${DNSDIST_CHANNEL}.x repo..."

  install -d -m 0755 "$KEYRING_DIR"

  curl -fsSL https://repo.powerdns.com/FD380FBB-pub.asc -o "$PDNS_KEY"
  chmod 0644 "$PDNS_KEY"

  cat > "$PDNS_LIST" <<EOF
 deb [signed-by=${PDNS_KEY}] http://repo.powerdns.com/debian trixie-dnsdist-${DNSDIST_CHANNEL} main
 EOF

  cat > "$PDNS_PREF" <<EOF
 Package: dnsdist*
 Pin: origin repo.powerdns.com
 Pin-Priority: 600
 EOF
 }

 install_dnsdist() {
  log "Updating apt indexes..."
  apt-get update

  log "Installing dnsdist..."
  apt-get install -y dnsdist
 }

 show_result() {
  log "dnsdist package status:"
  dpkg -l | grep '^ii' | grep dnsdist || true

  log "Active PowerDNS source:"
  cat "$PDNS_LIST"
 }

 main() {
  require_root

  disable_bad_nodesource_repo
  fix_docker_tirixe_typo
  cleanup_old_pdns
  install_base_packages
  setup_dnsdist_repo
  install_dnsdist
  show_result
 }

 main "$@"
	#!/usr/bin/env bash
	set -Eeuo pipefail

	export DEBIAN_FRONTEND=noninteractive

	DNSDIST_CHANNEL="${DNSDIST_CHANNEL:-21}" # default 21 https://repo.powerdns.com/
	APT_DIR="/etc/apt"
	SOURCES_DIR="/etc/apt/sources.list.d"
	PREF_DIR="/etc/apt/preferences.d"
	KEYRING_DIR="/etc/apt/keyrings"

	PDNS_LIST="${SOURCES_DIR}/pdns.list"
	PDNS_PREF="${PREF_DIR}/dnsdist-${DNSDIST_CHANNEL}"
	PDNS_KEY="${KEYRING_DIR}/dnsdist-${DNSDIST_CHANNEL}-pub.asc"

	log() { echo "[INFO] $*"; }
	warn() { echo "[WARN] $*" >&2; }
	err() { echo "[ERROR] $*" >&2; }

	require_root() {
	if [[ "${EUID}" -ne 0 ]]; then
	err "Please run as root: sudo bash $0"
	exit 1
	fi
	}

	backup_file_if_exists() {
	local f="$1"
	if [[ -f "$f" ]]; then
	cp -a "$f" "${f}.bak.$(date +%Y%m%d%H%M%S)"
	fi
	}

	comment_out_matching_lines() {
	local file="$1"
	local pattern="$2"

	[[ -f "$file" ]] \|\| return 0
	backup_file_if_exists "$file"

	awk -v pat="$pattern" '
	$0 ~ pat && $0 !~ /^[[:space:]]*#/ { print "# disabled-by-dnsdist-install: " $0; next }
	{ print }
	' "$file" > "${file}.tmp"

	mv "${file}.tmp" "$file"
	}

	disable_bad_nodesource_repo() {
	log "Disabling broken NodeSource repo entries if present..."

	if [[ -f /etc/apt/sources.list ]]; then
	comment_out_matching_lines /etc/apt/sources.list "deb .*deb\\.nodesource\\.com"
	fi

	find "$SOURCES_DIR" -maxdepth 1 -type f \( -name ".list" -o -name ".sources" \) \| while read -r f; do
	if grep -Eq 'deb\.nodesource\.com\|NodeSource' "$f"; then
	backup_file_if_exists "$f"
	if [[ "$f" == *.list ]]; then
	comment_out_matching_lines "$f" "deb .*deb\\.nodesource\\.com"
	else
	mv "$f" "${f}.disabled.$(date +%Y%m%d%H%M%S)"
	warn "Disabled NodeSource source file: $f"
	fi
	fi
	done
	}

	fix_docker_tirixe_typo() {
	log "Fixing Docker repo typo: tirixe -> trixie"

	if [[ -f /etc/apt/sources.list ]]; then
	if grep -q 'download\.docker\.com/linux/debian' /etc/apt/sources.list; then
	backup_file_if_exists /etc/apt/sources.list
	sed -i 's/\btirixe\b/trixie/g' /etc/apt/sources.list
	fi
	fi

	find "$SOURCES_DIR" -maxdepth 1 -type f \( -name ".list" -o -name ".sources" \) \| while read -r f; do
	if grep -q 'download\.docker\.com/linux/debian' "$f"; then
	backup_file_if_exists "$f"
	sed -i 's/\btirixe\b/trixie/g' "$f" \|\| true
	fi
	done
	}

	cleanup_old_pdns() {
	log "Cleaning old PowerDNS/dnsdist apt files..."
	rm -f "${SOURCES_DIR}/pdns.list"
	rm -f "${SOURCES_DIR}/dnsdist.list"
	rm -f "${SOURCES_DIR}/powerdns.list"
	rm -f "${PREF_DIR}"/dnsdist-*
	rm -f "${PREF_DIR}/dnsdist-master"
	rm -f "${KEYRING_DIR}"/dnsdist-*-pub.asc
	rm -f "${KEYRING_DIR}/dnsdist-master-pub.asc"
	}

	install_base_packages() {
	log "Installing base packages..."
	apt-get update
	apt-get install -y ca-certificates curl gnupg
	}

	setup_dnsdist_repo() {
	log "Setting up PowerDNS dnsdist ${DNSDIST_CHANNEL}.x repo..."

	install -d -m 0755 "$KEYRING_DIR"

	curl -fsSL https://repo.powerdns.com/FD380FBB-pub.asc -o "$PDNS_KEY"
	chmod 0644 "$PDNS_KEY"

	cat > "$PDNS_LIST" <<EOF
	deb [signed-by=${PDNS_KEY}] http://repo.powerdns.com/debian trixie-dnsdist-${DNSDIST_CHANNEL} main
	EOF

	cat > "$PDNS_PREF" <<EOF
	Package: dnsdist*
	Pin: origin repo.powerdns.com
	Pin-Priority: 600
	EOF
	}

	install_dnsdist() {
	log "Updating apt indexes..."
	apt-get update

	log "Installing dnsdist..."
	apt-get install -y dnsdist
	}

	show_result() {
	log "dnsdist package status:"
	dpkg -l \| grep '^ii' \| grep dnsdist \|\| true

	log "Active PowerDNS source:"
	cat "$PDNS_LIST"
	}

	main() {
	require_root

	disable_bad_nodesource_repo
	fix_docker_tirixe_typo
	cleanup_old_pdns
	install_base_packages
	setup_dnsdist_repo
	install_dnsdist
	show_result
	}

	main "$@"
No results found