local_unbound revision 279499
1#!/bin/sh 2# 3# $FreeBSD: stable/10/etc/rc.d/local_unbound 279499 2015-03-01 21:24:19Z ngie $ 4# 5 6# PROVIDE: local_unbound 7# REQUIRE: FILESYSTEMS netif resolv 8# BEFORE: NETWORKING 9# KEYWORD: shutdown 10 11. /etc/rc.subr 12 13name="local_unbound" 14desc="local caching forwarding resolver" 15rcvar="local_unbound_enable" 16 17command="/usr/sbin/unbound" 18extra_commands="anchor configtest reload setup" 19start_precmd="local_unbound_prestart" 20reload_precmd="local_unbound_configtest" 21anchor_cmd="local_unbound_anchor" 22configtest_cmd="local_unbound_configtest" 23setup_cmd="local_unbound_setup" 24pidfile="/var/run/${name}.pid" 25 26: ${local_unbound_workdir:=/var/unbound} 27: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf} 28: ${local_unbound_flags:=-c${local_unbound_config}} 29: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf} 30: ${local_unbound_anchor:=${local_unbound_workdir}/root.key} 31: ${local_unbound_forwarders:=} 32 33load_rc_config $name 34 35do_as_unbound() 36{ 37 echo "$@" | su -m unbound 38} 39 40# 41# Retrieve or update the DNSSEC root anchor 42# 43local_unbound_anchor() 44{ 45 do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor} 46 # we can't trust the exit code - check if the file exists 47 [ -f ${local_unbound_anchor} ] 48} 49 50# 51# Check the unbound configuration file 52# 53local_unbound_configtest() 54{ 55 do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config} 56} 57 58# 59# Create the unbound configuration file and update resolv.conf to 60# point to unbound. 61# 62local_unbound_setup() 63{ 64 echo "Performing initial setup." 65 /usr/sbin/local-unbound-setup -n \ 66 -u unbound \ 67 -w ${local_unbound_workdir} \ 68 -c ${local_unbound_config} \ 69 -f ${local_unbound_forwardconf} \ 70 -a ${local_unbound_anchor} \ 71 ${local_unbound_forwarders} 72} 73 74# 75# Before starting, check that the configuration file and root anchor 76# exist. If not, attempt to generate them. 77# 78local_unbound_prestart() 79{ 80 # Create configuration file 81 if [ ! -f ${local_unbound_config} ] ; then 82 run_rc_command setup 83 fi 84 85 # Retrieve DNSSEC root key 86 if [ ! -f ${local_unbound_anchor} ] ; then 87 run_rc_command anchor 88 fi 89} 90 91load_rc_config $name 92run_rc_command "$1" 93