local_unbound revision 291767
1#!/bin/sh 2# 3# $FreeBSD: stable/10/etc/rc.d/local_unbound 291767 2015-12-04 13:26:12Z des $ 4# 5 6# PROVIDE: local_unbound 7# REQUIRE: FILESYSTEMS netif resolv 8# BEFORE: NETWORKING 9# KEYWORD: shutdown 10 11. /etc/rc.subr 12 13name="local_unbound" 14desc="local caching forwarding resolver" 15rcvar="local_unbound_enable" 16 17command="/usr/sbin/unbound" 18extra_commands="anchor configtest reload setup" 19start_precmd="local_unbound_prestart" 20start_postcmd="local_unbound_poststart" 21reload_precmd="local_unbound_configtest" 22anchor_cmd="local_unbound_anchor" 23configtest_cmd="local_unbound_configtest" 24setup_cmd="local_unbound_setup" 25pidfile="/var/run/${name}.pid" 26 27load_rc_config $name 28 29: ${local_unbound_workdir:=/var/unbound} 30: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf} 31: ${local_unbound_flags:="-c ${local_unbound_config}"} 32: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf} 33: ${local_unbound_anchor:=${local_unbound_workdir}/root.key} 34: ${local_unbound_forwarders:=} 35 36do_as_unbound() 37{ 38 echo "$@" | su -m unbound 39} 40 41# 42# Retrieve or update the DNSSEC root anchor 43# 44local_unbound_anchor() 45{ 46 do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor} 47 # we can't trust the exit code - check if the file exists 48 [ -f ${local_unbound_anchor} ] 49} 50 51# 52# Check the unbound configuration file 53# 54local_unbound_configtest() 55{ 56 do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config} 57} 58 59# 60# Create the unbound configuration file and update resolv.conf to 61# point to unbound. 62# 63local_unbound_setup() 64{ 65 echo "Performing initial setup." 66 /usr/sbin/local-unbound-setup -n \ 67 -u unbound \ 68 -w ${local_unbound_workdir} \ 69 -c ${local_unbound_config} \ 70 -f ${local_unbound_forwardconf} \ 71 -a ${local_unbound_anchor} \ 72 ${local_unbound_forwarders} 73} 74 75# 76# Before starting, check that the configuration file and root anchor 77# exist. If not, attempt to generate them. 78# 79local_unbound_prestart() 80{ 81 # Create configuration file 82 if [ ! -f ${local_unbound_config} ] ; then 83 run_rc_command setup 84 fi 85 86 # Retrieve DNSSEC root key 87 if [ ! -f ${local_unbound_anchor} ] ; then 88 run_rc_command anchor 89 fi 90} 91 92# 93# After starting, wait for Unbound to report that it is ready to avoid 94# race conditions with services which require functioning DNS. 95# 96local_unbound_poststart() 97{ 98 local retry=5 99 100 echo -n "Waiting for nameserver to start..." 101 until "${command}-control" status | grep -q "is running" ; do 102 if [ $((retry -= 1)) -eq 0 ] ; then 103 echo " giving up" 104 return 1 105 fi 106 echo -n "." 107 sleep 1 108 done 109 echo " good" 110} 111 112load_rc_config $name 113run_rc_command "$1" 114