2013-09-23 06:36:51 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# $FreeBSD$
|
|
|
|
#
|
|
|
|
|
|
|
|
# PROVIDE: local_unbound
|
2013-09-23 22:03:23 +02:00
|
|
|
# REQUIRE: FILESYSTEMS netif resolv
|
2015-02-13 21:49:43 +01:00
|
|
|
# BEFORE: NETWORKING
|
2013-09-23 06:36:51 +02:00
|
|
|
# KEYWORD: shutdown
|
|
|
|
|
|
|
|
. /etc/rc.subr
|
|
|
|
|
|
|
|
name="local_unbound"
|
2016-04-23 18:10:54 +02:00
|
|
|
desc="Local caching forwarding resolver"
|
2013-09-23 06:36:51 +02:00
|
|
|
rcvar="local_unbound_enable"
|
|
|
|
|
2014-09-08 14:26:52 +02:00
|
|
|
command="/usr/sbin/unbound"
|
2013-09-23 06:36:51 +02:00
|
|
|
extra_commands="anchor configtest reload setup"
|
|
|
|
start_precmd="local_unbound_prestart"
|
2015-10-19 17:56:59 +02:00
|
|
|
start_postcmd="local_unbound_poststart"
|
2013-09-23 06:36:51 +02:00
|
|
|
reload_precmd="local_unbound_configtest"
|
|
|
|
anchor_cmd="local_unbound_anchor"
|
|
|
|
configtest_cmd="local_unbound_configtest"
|
|
|
|
setup_cmd="local_unbound_setup"
|
|
|
|
pidfile="/var/run/${name}.pid"
|
|
|
|
|
2015-12-01 14:20:21 +01:00
|
|
|
load_rc_config $name
|
|
|
|
|
2014-09-08 14:26:52 +02:00
|
|
|
: ${local_unbound_workdir:=/var/unbound}
|
|
|
|
: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf}
|
2015-05-22 23:33:13 +02:00
|
|
|
: ${local_unbound_flags:="-c ${local_unbound_config}"}
|
2014-09-08 14:26:52 +02:00
|
|
|
: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf}
|
2015-01-25 16:44:46 +01:00
|
|
|
: ${local_unbound_controlconf:=${local_unbound_workdir}/control.conf}
|
2014-09-08 14:26:52 +02:00
|
|
|
: ${local_unbound_anchor:=${local_unbound_workdir}/root.key}
|
|
|
|
: ${local_unbound_forwarders:=}
|
|
|
|
|
2013-09-23 06:36:51 +02:00
|
|
|
do_as_unbound()
|
|
|
|
{
|
2014-09-08 14:26:52 +02:00
|
|
|
echo "$@" | su -m unbound
|
2013-09-23 06:36:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Retrieve or update the DNSSEC root anchor
|
|
|
|
#
|
|
|
|
local_unbound_anchor()
|
|
|
|
{
|
2014-09-08 14:26:52 +02:00
|
|
|
do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor}
|
2013-09-23 06:36:51 +02:00
|
|
|
# we can't trust the exit code - check if the file exists
|
|
|
|
[ -f ${local_unbound_anchor} ]
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check the unbound configuration file
|
|
|
|
#
|
|
|
|
local_unbound_configtest()
|
|
|
|
{
|
2014-09-08 14:26:52 +02:00
|
|
|
do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config}
|
2013-09-23 06:36:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Create the unbound configuration file and update resolv.conf to
|
|
|
|
# point to unbound.
|
|
|
|
#
|
|
|
|
local_unbound_setup()
|
|
|
|
{
|
|
|
|
echo "Performing initial setup."
|
2014-09-08 14:26:52 +02:00
|
|
|
/usr/sbin/local-unbound-setup -n \
|
2013-09-23 06:36:51 +02:00
|
|
|
-u unbound \
|
|
|
|
-w ${local_unbound_workdir} \
|
|
|
|
-c ${local_unbound_config} \
|
|
|
|
-f ${local_unbound_forwardconf} \
|
2015-01-25 16:44:46 +01:00
|
|
|
-o ${local_unbound_controlconf} \
|
2013-09-23 06:36:51 +02:00
|
|
|
-a ${local_unbound_anchor} \
|
|
|
|
${local_unbound_forwarders}
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Before starting, check that the configuration file and root anchor
|
|
|
|
# exist. If not, attempt to generate them.
|
|
|
|
#
|
|
|
|
local_unbound_prestart()
|
|
|
|
{
|
|
|
|
# Create configuration file
|
|
|
|
if [ ! -f ${local_unbound_config} ] ; then
|
|
|
|
run_rc_command setup
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Retrieve DNSSEC root key
|
|
|
|
if [ ! -f ${local_unbound_anchor} ] ; then
|
|
|
|
run_rc_command anchor
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2015-10-19 17:56:59 +02:00
|
|
|
#
|
|
|
|
# After starting, wait for Unbound to report that it is ready to avoid
|
|
|
|
# race conditions with services which require functioning DNS.
|
|
|
|
#
|
|
|
|
local_unbound_poststart()
|
|
|
|
{
|
|
|
|
local retry=5
|
|
|
|
|
|
|
|
echo -n "Waiting for nameserver to start..."
|
|
|
|
until "${command}-control" status | grep -q "is running" ; do
|
|
|
|
if [ $((retry -= 1)) -eq 0 ] ; then
|
|
|
|
echo " giving up"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
echo -n "."
|
|
|
|
sleep 1
|
|
|
|
done
|
|
|
|
echo " good"
|
|
|
|
}
|
|
|
|
|
2013-09-23 06:36:51 +02:00
|
|
|
load_rc_config $name
|
|
|
|
run_rc_command "$1"
|