local_unbound revision 278704
1255809Sdes#!/bin/sh 2255809Sdes# 3255809Sdes# $FreeBSD: head/etc/rc.d/local_unbound 278704 2015-02-13 20:49:43Z ngie $ 4255809Sdes# 5255809Sdes 6255809Sdes# PROVIDE: local_unbound 7255825Sdes# REQUIRE: FILESYSTEMS netif resolv 8278704Sngie# BEFORE: NETWORKING 9255809Sdes# KEYWORD: shutdown 10255809Sdes 11255809Sdes. /etc/rc.subr 12255809Sdes 13255809Sdesname="local_unbound" 14255809Sdesdesc="local caching forwarding resolver" 15255809Sdesrcvar="local_unbound_enable" 16255809Sdes 17271262Sdescommand="/usr/sbin/unbound" 18255809Sdesextra_commands="anchor configtest reload setup" 19255809Sdesstart_precmd="local_unbound_prestart" 20255809Sdesreload_precmd="local_unbound_configtest" 21255809Sdesanchor_cmd="local_unbound_anchor" 22255809Sdesconfigtest_cmd="local_unbound_configtest" 23255809Sdessetup_cmd="local_unbound_setup" 24255809Sdespidfile="/var/run/${name}.pid" 25255809Sdes 26271262Sdes: ${local_unbound_workdir:=/var/unbound} 27271262Sdes: ${local_unbound_config:=${local_unbound_workdir}/unbound.conf} 28271262Sdes: ${local_unbound_flags:=-c${local_unbound_config}} 29271262Sdes: ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf} 30277706Sdes: ${local_unbound_controlconf:=${local_unbound_workdir}/control.conf} 31271262Sdes: ${local_unbound_anchor:=${local_unbound_workdir}/root.key} 32271262Sdes: ${local_unbound_forwarders:=} 33271262Sdes 34271262Sdesload_rc_config $name 35271262Sdes 36255809Sdesdo_as_unbound() 37255809Sdes{ 38271262Sdes echo "$@" | su -m unbound 39255809Sdes} 40255809Sdes 41255809Sdes# 42255809Sdes# Retrieve or update the DNSSEC root anchor 43255809Sdes# 44255809Sdeslocal_unbound_anchor() 45255809Sdes{ 46271262Sdes do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor} 47255809Sdes # we can't trust the exit code - check if the file exists 48255809Sdes [ -f ${local_unbound_anchor} ] 49255809Sdes} 50255809Sdes 51255809Sdes# 52255809Sdes# Check the unbound configuration file 53255809Sdes# 54255809Sdeslocal_unbound_configtest() 55255809Sdes{ 56271262Sdes do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config} 57255809Sdes} 58255809Sdes 59255809Sdes# 60255809Sdes# Create the unbound configuration file and update resolv.conf to 61255809Sdes# point to unbound. 62255809Sdes# 63255809Sdeslocal_unbound_setup() 64255809Sdes{ 65255809Sdes echo "Performing initial setup." 66271262Sdes /usr/sbin/local-unbound-setup -n \ 67255809Sdes -u unbound \ 68255809Sdes -w ${local_unbound_workdir} \ 69255809Sdes -c ${local_unbound_config} \ 70255809Sdes -f ${local_unbound_forwardconf} \ 71277706Sdes -o ${local_unbound_controlconf} \ 72255809Sdes -a ${local_unbound_anchor} \ 73255809Sdes ${local_unbound_forwarders} 74255809Sdes} 75255809Sdes 76255809Sdes# 77255809Sdes# Before starting, check that the configuration file and root anchor 78255809Sdes# exist. If not, attempt to generate them. 79255809Sdes# 80255809Sdeslocal_unbound_prestart() 81255809Sdes{ 82255809Sdes # Create configuration file 83255809Sdes if [ ! -f ${local_unbound_config} ] ; then 84255809Sdes run_rc_command setup 85255809Sdes fi 86255809Sdes 87255809Sdes # Retrieve DNSSEC root key 88255809Sdes if [ ! -f ${local_unbound_anchor} ] ; then 89255809Sdes run_rc_command anchor 90255809Sdes fi 91255809Sdes} 92255809Sdes 93255809Sdesload_rc_config $name 94255809Sdesrun_rc_command "$1" 95