LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6570 Commits
1 Branch
46 MiB
 
 
 
 
 
 
Tree: 66360ddd82
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '66360ddd82'
${ noResults }
openwrt-packages-dist/net/unbound/files/unbound.sh

126 lines
3.5 KiB
Raw Blame History

#!/bin/sh
##############################################################################
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# Copyright (C) 2016 Eric Luehrsen
#
##############################################################################
#
# TODO: This file will build the UCI for Unbound. This iteration only puts
# our default unbound configuration and root.key into /var/lib/unbound.
#
##############################################################################
# TODO: Just default definitions versus real UCI coming soon.
UNBOUND_B_MAN_CONF=1
UNBOUND_B_DNSSEC=1
UNBOUND_N_ROOT_AGE=7
##############################################################################
UNBOUND_ANCHOR=/usr/bin/unbound-anchor
UNBOUND_CONTROL=/usr/bin/unbound-control
UNBOUND_LIBDIR=/usr/lib/unbound
UNBOUND_PIDFILE=/var/run/unbound.pid
UNBOUND_VARDIR=/var/lib/unbound
UNBOUND_CONFFILE=$UNBOUND_VARDIR/unbound.conf
UNBOUND_KEYFILE=$UNBOUND_VARDIR/root.key
UNBOUND_HINTFILE=$UNBOUND_VARDIR/root.hints
UNBOUND_CHECKFILE=$UNBOUND_VARDIR/unbound.check
##############################################################################
. /lib/functions.sh
. /lib/functions/network.sh
. $UNBOUND_LIBDIR/rootzone.sh
##############################################################################
unbound_mkdir() {
mkdir -p $UNBOUND_VARDIR
if [ -f /etc/unbound/root.hints ] ; then
# Your own local copy of root.hints
cp -p /etc/unbound/root.hints $UNBOUND_HINTFILE
elif [ -f /usr/share/dns/root.hints ] ; then
# Debian-like package dns-root-data
cp -p /usr/share/dns/root.hints $UNBOUND_HINTFILE
else
logger -t unbound -s "iterator will use built-in root hints"
fi
if [ -f /etc/unbound/root.key ] ; then
# Your own local copy of a root.key
cp -p /etc/unbound/root.key $UNBOUND_KEYFILE
elif [ -f /usr/share/dns/root.key ] ; then
# Debian-like package dns-root-data
cp -p /usr/share/dns/root.key $UNBOUND_KEYFILE
elif [ -x "$UNBOUND_ANCHOR" ] ; then
$UNBOUND_ANCHOR -a $UNBOUND_KEYFILE
else
logger -t unbound -s "validator will use built-in trust anchor"
fi
}
##############################################################################
unbound_conf() {
# TODO: Just structure to real UCI coming soon.
if [ "$UNBOUND_B_MAN_CONF" -gt 0 -a -f /etc/unbound/unbound.conf ] ; then
# You don't want UCI and use your own manual configuration
cp -p /etc/unbound/unbound.conf $UNBOUND_CONFFILE
fi
}
##############################################################################
unbound_own() {
# Debug UCI
{
echo "# $UNBOUND_CHECKFILE generated by UCI $( date )"
echo
set | grep ^UNBOUND_
} > $UNBOUND_CHECKFILE
if [ ! -f "$UNBOUND_CONFFILE" ] ; then
# if somehow this happened
touch $UNBOUND_CONFFILE
fi
# Ensure Access
chown -R unbound:unbound $UNBOUND_VARDIR
chmod 775 $UNBOUND_VARDIR
chmod 664 $UNBOUND_VARDIR/*
}
##############################################################################
unbound_prepare() {
unbound_mkdir
unbound_conf
unbound_own
}
##############################################################################