scripts

script/dkim/03-print-domeneshop-records.sh

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+# Prosess 3:
+# Skriver ut DNS TXT-recordene som skal legges inn i Domeneshop.
+#
+# Leser:
+#   private/dkim/<domene>.<selector>.public.pem
+#
+# Skriver:
+#   private/dkim-domeneshop-records.txt
+#
+# Dette scriptet printer bare PUBLIC key. Det er ikke privatnøkkelen.
+# Likevel lagres output under private/ for å holde repoet ryddig.
+
+selector="${DKIM_SELECTOR:-mail}"
+output_file="private/dkim-domeneshop-records.txt"
+
+mapfile -t public_keys < <(
+  find private/dkim -maxdepth 1 -type f -name "*.${selector}.public.pem" | sort
+)
+
+if [[ ${#public_keys[@]} -eq 0 ]]; then
+  echo "FEIL: Fant ingen offentlige DKIM-nøkler."
+  echo "Forventet filer som:"
+  echo "  private/dkim/<domene>.${selector}.public.pem"
+  exit 1
+fi
+
+{
+  for public_key in "${public_keys[@]}"; do
+    filename="$(basename "$public_key")"
+    domain="${filename%.${selector}.public.pem}"
+    pubkey="$(grep -v -- '-----' "$public_key" | tr -d '\n\r ')"
+
+    if [[ -z "$pubkey" ]]; then
+      echo "FEIL: Public key ble tom for ${domain}" >&2
+      exit 1
+    fi
+
+    echo "============================================================"
+    echo "DKIM for ${domain}"
+    echo "============================================================"
+    echo
+    echo "I Domeneshop:"
+    echo
+    echo "Vertsnavn / hostname:"
+    echo "${selector}._domainkey"
+    echo
+    echo "Type:"
+    echo "TXT"
+    echo
+    echo "Verdi / parameter:"
+    echo "v=DKIM1; k=rsa; p=${pubkey}"
+    echo
+    echo "Fullt DNS-navn:"
+    echo "${selector}._domainkey.${domain}"
+    echo
+    echo "Test etter lagring:"
+    echo "dig TXT ${selector}._domainkey.${domain} +short"
+    echo
+  done
+} | tee "$output_file"
+
+chmod 600 "$output_file"
+
+echo
+echo "Kopi lagret her:"
+echo "  $output_file"