local_unbound revision 279499 
1#!/bin/sh
2#
3# $FreeBSD: stable/10/etc/rc.d/local_unbound 279499 2015-03-01 21:24:19Z ngie $
4#
5
6# PROVIDE: local_unbound
7# REQUIRE: FILESYSTEMS netif resolv
8# BEFORE: NETWORKING
9# KEYWORD: shutdown
10
11. /etc/rc.subr
12
13name="local_unbound"
14desc="local caching forwarding resolver"
15rcvar="local_unbound_enable"
16
17command="/usr/sbin/unbound"
18extra_commands="anchor configtest reload setup"
19start_precmd="local_unbound_prestart"
20reload_precmd="local_unbound_configtest"
21anchor_cmd="local_unbound_anchor"
22configtest_cmd="local_unbound_configtest"
23setup_cmd="local_unbound_setup"
24pidfile="/var/run/${name}.pid"
25
26: ${local_unbound_workdir:=/var/unbound}
27: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf}
28: ${local_unbound_flags:=-c${local_unbound_config}}
29: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf}
30: ${local_unbound_anchor:=${local_unbound_workdir}/root.key}
31: ${local_unbound_forwarders:=}
32
33load_rc_config $name
34
35do_as_unbound()
36{
37	echo "$@" | su -m unbound
38}
39
40#
41# Retrieve or update the DNSSEC root anchor
42#
43local_unbound_anchor()
44{
45	do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor}
46	# we can't trust the exit code - check if the file exists
47	[ -f ${local_unbound_anchor} ]
48}
49
50#
51# Check the unbound configuration file
52#
53local_unbound_configtest()
54{
55	do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config}
56}
57
58#
59# Create the unbound configuration file and update resolv.conf to
60# point to unbound.
61#
62local_unbound_setup()
63{
64	echo "Performing initial setup."
65	/usr/sbin/local-unbound-setup -n \
66	    -u unbound \
67	    -w ${local_unbound_workdir} \
68	    -c ${local_unbound_config} \
69	    -f ${local_unbound_forwardconf} \
70	    -a ${local_unbound_anchor} \
71	    ${local_unbound_forwarders}
72}
73
74#
75# Before starting, check that the configuration file and root anchor
76# exist.  If not, attempt to generate them.
77#
78local_unbound_prestart()
79{
80	# Create configuration file
81	if [ ! -f ${local_unbound_config} ] ; then
82		run_rc_command setup
83	fi
84
85	# Retrieve DNSSEC root key
86	if [ ! -f ${local_unbound_anchor} ] ; then
87		run_rc_command anchor
88	fi
89}
90
91load_rc_config $name
92run_rc_command "$1"
93