Browse Source

stubby: makefile and init script cleanup

Reordered Makefile according to
https://github.com/openwrt/packages/pull/9399#issuecomment-508727872 .

Added PKG_BUILD_PARALLEL for faster compilation.

Remove duplicated conffiles section.

Install /etc/config/stubby using INSTALL_CONF, as is done elsewhere

Run init script through shellcheck and clean it up.

Added chmod for the stubby config file, to fix a LuCI issue.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
lilik-openwrt-22.03
Rosen Penev 5 years ago
parent
commit
eaf5225323
No known key found for this signature in database GPG Key ID: 36D31CFA845F0E3B
2 changed files with 55 additions and 60 deletions
  1. +19
    -25
      net/stubby/Makefile
  2. +36
    -35
      net/stubby/files/stubby.init

+ 19
- 25
net/stubby/Makefile View File

@ -6,46 +6,46 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=stubby PKG_NAME:=stubby
PKG_VERSION:=0.2.6 PKG_VERSION:=0.2.6
PKG_RELEASE:=2
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Jonathan Underwood <jonathan.underwood@gmail.com>
PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/getdnsapi/$(PKG_NAME) PKG_SOURCE_URL:=https://github.com/getdnsapi/$(PKG_NAME)
PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_MIRROR_HASH:=af896c471ac67b31c2263d11fcdfcdb32a213621c2f8789f4b0a4ceca4437108 PKG_MIRROR_HASH:=af896c471ac67b31c2263d11fcdfcdb32a213621c2f8789f4b0a4ceca4437108
PKG_FIXUP:=autoreconf
PKG_MAINTAINER:=Jonathan Underwood <jonathan.underwood@gmail.com>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1 PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
define Package/stubby/Default define Package/stubby/Default
TITLE:=stubby
URL:=https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby
TITLE:=stubby
URL:=https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby
endef endef
define Package/stubby define Package/stubby
$(call Package/stubby/Default)
SECTION:=net
CATEGORY:=Network
SUBMENU:=IP Addresses and Names
TITLE+= - (daemon that uses getdns)
USERID:=stubby=410:stubby=410
DEPENDS:= +libyaml +getdns +ca-certs
$(call Package/stubby/Default)
SECTION:=net
CATEGORY:=Network
SUBMENU:=IP Addresses and Names
TITLE+= - (daemon that uses getdns)
USERID:=stubby=410:stubby=410
DEPENDS:= +libyaml +getdns +ca-certs
endef endef
define Package/stubby/description define Package/stubby/description
This package contains the Stubby daemon (which utilizes the getdns library).
See https://github.com/openwrt/packages/blob/master/net/stubby/files/README.md for more details.
This package contains the Stubby daemon (which utilizes the getdns library).
See https://github.com/openwrt/packages/blob/master/net/stubby/files/README.md for more details.
endef endef
define Package/stubby/conffiles define Package/stubby/conffiles
/etc/stubby/stubby.yml /etc/stubby/stubby.yml
/etc/config/stubby
endef endef
define Package/stubby/install define Package/stubby/install
@ -57,13 +57,7 @@ define Package/stubby/install
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/stubby/stubby.yml $(1)/etc/stubby/stubby.yml.default $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/stubby/stubby.yml $(1)/etc/stubby/stubby.yml.default
$(INSTALL_DATA) ./files/stubby.yml $(1)/etc/stubby/stubby.yml $(INSTALL_DATA) ./files/stubby.yml $(1)/etc/stubby/stubby.yml
$(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) ./files/stubby.conf $(1)/etc/config/stubby
endef
define Package/stubby/conffiles
/etc/stubby/stubby.yml
/etc/config/stubby
$(INSTALL_CONF) ./files/stubby.conf $(1)/etc/config/stubby
endef endef
$(eval $(call BuildPackage,stubby)) $(eval $(call BuildPackage,stubby))

+ 36
- 35
net/stubby/files/stubby.init View File

@ -44,77 +44,77 @@ generate_config()
local tls_max_version local tls_max_version
# Generate configuration. See: https://github.com/getdnsapi/stubby/blob/develop/stubby.yml.example # Generate configuration. See: https://github.com/getdnsapi/stubby/blob/develop/stubby.yml.example
echo "# Autogenerated configuration from uci data" > "$config_file"
echo "resolution_type: GETDNS_RESOLUTION_STUB" >> "$config_file"
echo "# Autogenerated configuration from uci data"
echo "resolution_type: GETDNS_RESOLUTION_STUB"
config_get round_robin "global" round_robin_upstreams "1" config_get round_robin "global" round_robin_upstreams "1"
echo "round_robin_upstreams: $round_robin" >> "$config_file"
echo "round_robin_upstreams: $round_robin"
config_get appdata_dir "global" appdata_dir "/var/lib/stubby" config_get appdata_dir "global" appdata_dir "/var/lib/stubby"
echo "appdata_dir: \"$appdata_dir\"" >> "$config_file"
echo "appdata_dir: \"$appdata_dir\""
config_get trust_anchors_backoff_time "global" trust_anchors_backoff_time "2500" config_get trust_anchors_backoff_time "global" trust_anchors_backoff_time "2500"
echo "trust_anchors_backoff_time: $trust_anchors_backoff_time" >> "$config_file"
echo "trust_anchors_backoff_time: $trust_anchors_backoff_time"
config_get tls_connection_retries "global" tls_connection_retries "" config_get tls_connection_retries "global" tls_connection_retries ""
if [ -n "$tls_connection_retries" ]; then if [ -n "$tls_connection_retries" ]; then
echo "tls_connection_retries: $tls_connection_retries" >> "$config_file"
echo "tls_connection_retries: $tls_connection_retries"
fi fi
config_get tls_backoff_time "global" tls_backoff_time "" config_get tls_backoff_time "global" tls_backoff_time ""
if [ -n "$tls_backoff_time" ]; then if [ -n "$tls_backoff_time" ]; then
echo "tls_backoff_time: $tls_backoff_time" >> "$config_file"
echo "tls_backoff_time: $tls_backoff_time"
fi fi
config_get timeout "global" timeout "" config_get timeout "global" timeout ""
if [ -n "$timeout" ]; then if [ -n "$timeout" ]; then
echo "timeout: $timeout" >> "$config_file"
echo "timeout: $timeout"
fi fi
config_get_bool tls_authentication "global" tls_authentication "1" config_get_bool tls_authentication "global" tls_authentication "1"
if [ "$tls_authentication" = "1" ]; then if [ "$tls_authentication" = "1" ]; then
echo "tls_authentication: GETDNS_AUTHENTICATION_REQUIRED" >> "$config_file"
echo "tls_authentication: GETDNS_AUTHENTICATION_REQUIRED"
else else
echo "tls_authentication: GETDNS_AUTHENTICATION_NONE" >> "$config_file"
echo "tls_authentication: GETDNS_AUTHENTICATION_NONE"
fi fi
config_get_bool dnssec_return_status "global" dnssec_return_status "0" config_get_bool dnssec_return_status "global" dnssec_return_status "0"
if [ "$dnssec_return_status" = "1" ]; then if [ "$dnssec_return_status" = "1" ]; then
echo "dnssec_return_status: GETDNS_EXTENSION_TRUE" >> "$config_file"
echo "dnssec_return_status: GETDNS_EXTENSION_TRUE"
fi fi
config_get dnssec_trust_anchors "global" dnssec_trust_anchors "" config_get dnssec_trust_anchors "global" dnssec_trust_anchors ""
if [ -n "$dnssec_trust_anchors" ]; then if [ -n "$dnssec_trust_anchors" ]; then
echo "dnssec_trust_anchors: \"$dnssec_trust_anchors\"" >> "$config_file"
echo "dnssec_trust_anchors: \"$dnssec_trust_anchors\""
fi fi
config_get tls_query_padding_blocksize "global" tls_query_padding_blocksize "128" config_get tls_query_padding_blocksize "global" tls_query_padding_blocksize "128"
echo "tls_query_padding_blocksize: $tls_query_padding_blocksize" >> "$config_file"
echo "tls_query_padding_blocksize: $tls_query_padding_blocksize"
config_get_bool edns_client_subnet_private "global" edns_client_subnet_private "1" config_get_bool edns_client_subnet_private "global" edns_client_subnet_private "1"
echo "edns_client_subnet_private: $edns_client_subnet_private" >> "$config_file"
echo "edns_client_subnet_private: $edns_client_subnet_private"
config_get idle_timeout "global" idle_timeout "10000" config_get idle_timeout "global" idle_timeout "10000"
echo "idle_timeout: $idle_timeout" >> "$config_file"
echo "idle_timeout: $idle_timeout"
config_get tls_cipher_list "global" tls_cipher_list "" config_get tls_cipher_list "global" tls_cipher_list ""
if [ -n "$tls_cipher_list" ]; then if [ -n "$tls_cipher_list" ]; then
echo "tls_cipher_list: \"$tls_cipher_list\"" >> "$config_file"
echo "tls_cipher_list: \"$tls_cipher_list\""
fi fi
config_get tls_ciphersuites "global" tls_ciphersuites "" config_get tls_ciphersuites "global" tls_ciphersuites ""
if [ -n "$tls_ciphersuites" ]; then if [ -n "$tls_ciphersuites" ]; then
echo "tls_ciphersuites: \"$tls_ciphersuites\"" >> "$config_file"
echo "tls_ciphersuites: \"$tls_ciphersuites\""
fi fi
config_get tls_min_version "global" tls_min_version "" config_get tls_min_version "global" tls_min_version ""
if [ -n "$tls_min_version" ]; then if [ -n "$tls_min_version" ]; then
echo "tls_min_version: GETDNS_TLS${tls_min_version/\./_}" >> "$config_file"
echo "tls_min_version: GETDNS_TLS${tls_min_version/\./_}"
fi fi
config_get tls_max_version "global" tls_max_version "" config_get tls_max_version "global" tls_max_version ""
if [ -n "$tls_max_version" ]; then if [ -n "$tls_max_version" ]; then
echo "tls_max_version: GETDNS_TLS${tls_max_version/\./_}" >> "$config_file"
echo "tls_max_version: GETDNS_TLS${tls_max_version/\./_}"
fi fi
handle_listen_address_value() handle_listen_address_value()
@ -122,10 +122,10 @@ generate_config()
local value="$1" local value="$1"
if [ "$listen_addresses_section" = 0 ]; then if [ "$listen_addresses_section" = 0 ]; then
echo "listen_addresses:" >> "$config_file"
echo "listen_addresses:"
listen_addresses_section=1 listen_addresses_section=1
fi fi
echo " - $value" >> "$config_file"
echo " - $value"
} }
config_list_foreach "global" listen_address handle_listen_address_value config_list_foreach "global" listen_address handle_listen_address_value
@ -134,10 +134,10 @@ generate_config()
local value="$1" local value="$1"
if [ "$dns_transport_list_section" = 0 ]; then if [ "$dns_transport_list_section" = 0 ]; then
echo "dns_transport_list:" >> "$config_file"
echo "dns_transport_list:"
dns_transport_list_section=1 dns_transport_list_section=1
fi fi
echo " - $value" >> "$config_file"
echo " - $value"
} }
config_list_foreach "global" dns_transport handle_dns_transport_list_value config_list_foreach "global" dns_transport handle_dns_transport_list_value
@ -154,38 +154,38 @@ generate_config()
local tls_max_version local tls_max_version
if [ "$upstream_recursive_servers_section" = 0 ]; then if [ "$upstream_recursive_servers_section" = 0 ]; then
echo "upstream_recursive_servers:" >> "$config_file"
echo "upstream_recursive_servers:"
upstream_recursive_servers_section=1 upstream_recursive_servers_section=1
fi fi
config_get address "$config" address config_get address "$config" address
echo " - address_data: $address" >> "$config_file"
echo " - address_data: $address"
config_get tls_auth_name "$config" tls_auth_name config_get tls_auth_name "$config" tls_auth_name
echo " tls_auth_name: \"$tls_auth_name\"" >> "$config_file"
echo " tls_auth_name: \"$tls_auth_name\""
config_get tls_auth_port "$config" tls_port "" config_get tls_auth_port "$config" tls_port ""
if [ -n "$tls_port" ]; then if [ -n "$tls_port" ]; then
echo " tls_port: $tls_port" >> "$config_file"
echo " tls_port: $tls_port"
fi fi
config_get tls_cipher_list "$config" tls_cipher_list "" config_get tls_cipher_list "$config" tls_cipher_list ""
if [ -n "$tls_cipher_list" ]; then if [ -n "$tls_cipher_list" ]; then
echo " tls_cipher_list: \"$tls_cipher_list\"" >> "$config_file"
echo " tls_cipher_list: \"$tls_cipher_list\""
fi fi
config_get tls_ciphersuites "$config" tls_ciphersuites "" config_get tls_ciphersuites "$config" tls_ciphersuites ""
if [ -n "$tls_ciphersuites" ]; then if [ -n "$tls_ciphersuites" ]; then
echo " tls_ciphersuites: \"$tls_ciphersuites\"" >> "$config_file"
echo " tls_ciphersuites: \"$tls_ciphersuites\""
fi fi
config_get tls_min_version "$config" tls_min_version "" config_get tls_min_version "$config" tls_min_version ""
if [ -n "$tls_min_version" ]; then if [ -n "$tls_min_version" ]; then
echo " tls_min_version: GETDNS_TLS${tls_min_version/\./_}" >> "$config_file"
echo " tls_min_version: GETDNS_TLS${tls_min_version/\./_}"
fi fi
config_get tls_max_version "$config" tls_max_version "" config_get tls_max_version "$config" tls_max_version ""
if [ -n "$tls_max_version" ]; then if [ -n "$tls_max_version" ]; then
echo " tls_max_version: GETDNS_TLS${tls_max_version/\./_}" >> "$config_file"
echo " tls_max_version: GETDNS_TLS${tls_max_version/\./_}"
fi fi
handle_resolver_spki() handle_resolver_spki()
@ -195,17 +195,17 @@ generate_config()
local value="${val#*/}" local value="${val#*/}"
if [ "$tls_pubkey_pinset_section" = 0 ]; then if [ "$tls_pubkey_pinset_section" = 0 ]; then
echo " tls_pubkey_pinset:" >> "$config_file"
echo " tls_pubkey_pinset:"
tls_pubkey_pinset_section=1 tls_pubkey_pinset_section=1
fi fi
echo " - digest: \"$digest\"" >> "$config_file"
echo " value: $value" >> "$config_file"
echo " - digest: \"$digest\""
echo " value: $value"
} }
config_list_foreach "$config" spki handle_resolver_spki config_list_foreach "$config" spki handle_resolver_spki
} }
config_foreach handle_resolver resolver config_foreach handle_resolver resolver
}
} > "$config_file"
start_service() { start_service() {
local config_file_tmp local config_file_tmp
@ -226,6 +226,7 @@ start_service() {
generate_config "$config_file_tmp" generate_config "$config_file_tmp"
mv "$config_file_tmp" "$stubby_config" mv "$config_file_tmp" "$stubby_config"
fi fi
chmod 0644 "$stubby_config"
config_get command_line_arguments "global" command_line_arguments "" config_get command_line_arguments "global" command_line_arguments ""


Loading…
Cancel
Save