1255809Sdes#!/bin/sh 2255809Sdes# 3255809Sdes# $FreeBSD: releng/10.2/etc/rc.d/local_unbound 279499 2015-03-01 21:24:19Z ngie $ 4255809Sdes# 5255809Sdes 6255809Sdes# PROVIDE: local_unbound 7255825Sdes# REQUIRE: FILESYSTEMS netif resolv 8279499Sngie# BEFORE: NETWORKING 9255809Sdes# KEYWORD: shutdown 10255809Sdes 11255809Sdes. /etc/rc.subr 12255809Sdes 13255809Sdesname="local_unbound" 14255809Sdesdesc="local caching forwarding resolver" 15255809Sdesrcvar="local_unbound_enable" 16255809Sdes 17255809Sdescommand="/usr/sbin/unbound" 18255809Sdesextra_commands="anchor configtest reload setup" 19255809Sdesstart_precmd="local_unbound_prestart" 20255809Sdesreload_precmd="local_unbound_configtest" 21255809Sdesanchor_cmd="local_unbound_anchor" 22255809Sdesconfigtest_cmd="local_unbound_configtest" 23255809Sdessetup_cmd="local_unbound_setup" 24255809Sdespidfile="/var/run/${name}.pid" 25255809Sdes 26255809Sdes: ${local_unbound_workdir:=/var/unbound} 27255809Sdes: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf} 28255809Sdes: ${local_unbound_flags:=-c${local_unbound_config}} 29255809Sdes: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf} 30255809Sdes: ${local_unbound_anchor:=${local_unbound_workdir}/root.key} 31255809Sdes: ${local_unbound_forwarders:=} 32255809Sdes 33255809Sdesload_rc_config $name 34255809Sdes 35255809Sdesdo_as_unbound() 36255809Sdes{ 37255809Sdes echo "$@" | su -m unbound 38255809Sdes} 39255809Sdes 40255809Sdes# 41255809Sdes# Retrieve or update the DNSSEC root anchor 42255809Sdes# 43255809Sdeslocal_unbound_anchor() 44255809Sdes{ 45255809Sdes do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor} 46255809Sdes # we can't trust the exit code - check if the file exists 47255809Sdes [ -f ${local_unbound_anchor} ] 48255809Sdes} 49255809Sdes 50255809Sdes# 51255809Sdes# Check the unbound configuration file 52255809Sdes# 53255809Sdeslocal_unbound_configtest() 54255809Sdes{ 55255809Sdes do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config} 56255809Sdes} 57255809Sdes 58255809Sdes# 59255809Sdes# Create the unbound configuration file and update resolv.conf to 60255809Sdes# point to unbound. 61255809Sdes# 62255809Sdeslocal_unbound_setup() 63255809Sdes{ 64255809Sdes echo "Performing initial setup." 65255809Sdes /usr/sbin/local-unbound-setup -n \ 66255809Sdes -u unbound \ 67255809Sdes -w ${local_unbound_workdir} \ 68255809Sdes -c ${local_unbound_config} \ 69255809Sdes -f ${local_unbound_forwardconf} \ 70255809Sdes -a ${local_unbound_anchor} \ 71255809Sdes ${local_unbound_forwarders} 72255809Sdes} 73255809Sdes 74255809Sdes# 75255809Sdes# Before starting, check that the configuration file and root anchor 76255809Sdes# exist. If not, attempt to generate them. 77255809Sdes# 78255809Sdeslocal_unbound_prestart() 79255809Sdes{ 80255809Sdes # Create configuration file 81255809Sdes if [ ! -f ${local_unbound_config} ] ; then 82255809Sdes run_rc_command setup 83255809Sdes fi 84255809Sdes 85255809Sdes # Retrieve DNSSEC root key 86255809Sdes if [ ! -f ${local_unbound_anchor} ] ; then 87255809Sdes run_rc_command anchor 88255809Sdes fi 89255809Sdes} 90255809Sdes 91255809Sdesload_rc_config $name 92255809Sdesrun_rc_command "$1" 93