2013-09-23 04:36:51 +00:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# $FreeBSD$
|
|
|
|
#
|
|
|
|
|
|
|
|
# PROVIDE: local_unbound
|
2013-09-23 20:03:23 +00:00
|
|
|
# REQUIRE: FILESYSTEMS netif resolv
|
2013-09-23 04:36:51 +00:00
|
|
|
# KEYWORD: shutdown
|
|
|
|
|
|
|
|
. /etc/rc.subr
|
|
|
|
|
|
|
|
name="local_unbound"
|
|
|
|
desc="local caching forwarding resolver"
|
|
|
|
rcvar="local_unbound_enable"
|
|
|
|
|
|
|
|
extra_commands="anchor configtest reload setup"
|
|
|
|
start_precmd="local_unbound_prestart"
|
|
|
|
reload_precmd="local_unbound_configtest"
|
|
|
|
anchor_cmd="local_unbound_anchor"
|
|
|
|
configtest_cmd="local_unbound_configtest"
|
|
|
|
setup_cmd="local_unbound_setup"
|
|
|
|
pidfile="/var/run/${name}.pid"
|
|
|
|
|
|
|
|
do_as_unbound()
|
|
|
|
{
|
2014-09-08 09:33:43 +00:00
|
|
|
echo "$@" | /usr/bin/su -m unbound
|
2013-09-23 04:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Retrieve or update the DNSSEC root anchor
|
|
|
|
#
|
|
|
|
local_unbound_anchor()
|
|
|
|
{
|
2014-09-08 09:33:43 +00:00
|
|
|
do_as_unbound ${local_unbound_program%/*}/unbound-anchor \
|
|
|
|
-a ${local_unbound_anchor}
|
2013-09-23 04:36:51 +00:00
|
|
|
# we can't trust the exit code - check if the file exists
|
|
|
|
[ -f ${local_unbound_anchor} ]
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check the unbound configuration file
|
|
|
|
#
|
|
|
|
local_unbound_configtest()
|
|
|
|
{
|
2014-09-08 09:33:43 +00:00
|
|
|
do_as_unbound ${local_unbound_program%/*}/unbound-checkconf \
|
|
|
|
${local_unbound_config}
|
2013-09-23 04:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Create the unbound configuration file and update resolv.conf to
|
|
|
|
# point to unbound.
|
|
|
|
#
|
|
|
|
local_unbound_setup()
|
|
|
|
{
|
|
|
|
echo "Performing initial setup."
|
2014-09-08 09:33:43 +00:00
|
|
|
${local_unbound_program%/*}/local-unbound-setup -n \
|
2013-09-23 04:36:51 +00:00
|
|
|
-u unbound \
|
|
|
|
-w ${local_unbound_workdir} \
|
|
|
|
-c ${local_unbound_config} \
|
|
|
|
-f ${local_unbound_forwardconf} \
|
|
|
|
-a ${local_unbound_anchor} \
|
|
|
|
${local_unbound_forwarders}
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Before starting, check that the configuration file and root anchor
|
|
|
|
# exist. If not, attempt to generate them.
|
|
|
|
#
|
|
|
|
local_unbound_prestart()
|
|
|
|
{
|
|
|
|
# Create configuration file
|
|
|
|
if [ ! -f ${local_unbound_config} ] ; then
|
|
|
|
run_rc_command setup
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Retrieve DNSSEC root key
|
|
|
|
if [ ! -f ${local_unbound_anchor} ] ; then
|
|
|
|
run_rc_command anchor
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
load_rc_config $name
|
|
|
|
run_rc_command "$1"
|