diff options
author | Olivier Mauras <olivier@mauras.ch> | 2016-08-16 19:29:04 +0200 |
---|---|---|
committer | Carlo Landmeter <clandmeter@gmail.com> | 2016-08-22 15:34:53 +0200 |
commit | c60d2a3ed5cb159da5b10609d7c4e6fed66ab85a (patch) | |
tree | 4b3304244e1f88276f14515d74e8193d66927364 /testing | |
parent | 1a408c81eff69d6f4d8ef63d756fddac44f4a58e (diff) | |
download | aports-c60d2a3ed5cb159da5b10609d7c4e6fed66ab85a.tar.bz2 aports-c60d2a3ed5cb159da5b10609d7c4e6fed66ab85a.tar.xz |
testing/pdns-recursor: New aport
- Will use "recursor" account instead of "pdns" to have both recursor and auth servers installed without them messing with each others users
- Included config only modify uid/gid and port on 5353 so that it could work by default with pdns
Diffstat (limited to 'testing')
-rw-r--r-- | testing/pdns-recursor/APKBUILD | 66 | ||||
-rw-r--r-- | testing/pdns-recursor/pdns-recursor.initd | 27 | ||||
-rw-r--r-- | testing/pdns-recursor/pdns-recursor.post-deinstall | 4 | ||||
-rw-r--r-- | testing/pdns-recursor/pdns-recursor.pre-install | 6 | ||||
-rw-r--r-- | testing/pdns-recursor/recursor.conf | 452 |
5 files changed, 555 insertions, 0 deletions
diff --git a/testing/pdns-recursor/APKBUILD b/testing/pdns-recursor/APKBUILD new file mode 100644 index 0000000000..5b437658c1 --- /dev/null +++ b/testing/pdns-recursor/APKBUILD @@ -0,0 +1,66 @@ +# Contributor: Olivier Mauras <olivier@mauras.ch> +pkgname=pdns-recursor +pkgver=4.0.1 +pkgrel=0 +pkgdesc="PowerDNS Recursive Server" +url="http://www.powerdns.com/" +arch="all" +license="GPL" +depends="" +depends_dev="" +makedepends="$depends_dev boost-dev lua-dev" +install="$pkgname.pre-install $pkgname.post-deinstall" +subpackages="$pkgname-doc" +pkgusers="pdns" +pkggroups="pdns" +source="http://downloads.powerdns.com/releases/pdns-recursor-$pkgver.tar.bz2 + pdns-recursor.initd + recursor.conf + " + +_builddir="$srcdir/$pkgname-$pkgver" + +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir" + ./configure --prefix=/usr \ + --sysconfdir=/etc/pdns \ + --mandir=/usr/share/man \ + --infodir=/usr/share/info \ + --localstatedir=/var \ + --libdir=/usr/lib/pdns \ + --disable-static \ + || return 1 + make || return 1 +} + +package() { + cd "$_builddir" + make DESTDIR="$pkgdir" install || return 1 + rm "$pkgdir"/etc/pdns/recursor.conf-dist || return 1 + + install -m755 -D "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/$pkgname || return 1 + + install -m600 -D "$srcdir"/recursor.conf \ + "$pkgdir"/etc/pdns/recursor.conf || return 1 +} + +md5sums="5ef062610de3d193ebe63a615263df7e pdns-recursor-4.0.1.tar.bz2 +35f373bae0503632088956fa14754e4e pdns-recursor.initd +2950b9932de6baae360f220c7686f520 recursor.conf" +sha256sums="472db541307c8ca83a846d260ecfc854fd8e879c1bb2ce5683a8df5d21e860b0 pdns-recursor-4.0.1.tar.bz2 +215d916383e3cba184f8418b98cd2ced146500006e21e2efeb0ee5b53f3df049 pdns-recursor.initd +12bdbf651db0c7fe63ddb01a239a5ddd40825f50811a5d3f4d13cda294bd0344 recursor.conf" +sha512sums="3e69606bda3d296b0c3fd9212afa2a098ab04637718356d220a9490bc3e2a0ca97210934d398ad740509cea9e8f8d2ab2e16a1ba75d559f6b82bf64a729ad018 pdns-recursor-4.0.1.tar.bz2 +f23cb30d943e0b0aea09371dc57aa43e55b8f91062a3caa3fac17e3565a8e36dfd304f45eba588f625ca2337cd2ade450ea5ae1776872c006204cdaf912f6651 pdns-recursor.initd +954df537693a202fc195e751011bbfaa605b3f3df42ac386fa82eb809b73c2b987f5e418b5c96bb3b0669497426ce0daa39a719844701e06990b82843a4cf0d4 recursor.conf" diff --git a/testing/pdns-recursor/pdns-recursor.initd b/testing/pdns-recursor/pdns-recursor.initd new file mode 100644 index 0000000000..80e851d064 --- /dev/null +++ b/testing/pdns-recursor/pdns-recursor.initd @@ -0,0 +1,27 @@ +#!/sbin/openrc-run +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns/files/pdns,v 1.10 2007/05/07 20:19:18 swegener Exp $ + +name=pdns-recursor +daemon=/usr/sbin/pdns_recursor +recursor_control=/usr/bin/rec_control + +extra_started_commands="dump reload" + +depend() { + need net + after firewall +} + +start() { + ebegin "Starting PowerDNS recursor" + ${daemon} + eend $? +} + +stop() { + ebegin "Stopping PowerDNS recursor" + ${recursor_control} quit &>/dev/null + eend $? +} diff --git a/testing/pdns-recursor/pdns-recursor.post-deinstall b/testing/pdns-recursor/pdns-recursor.post-deinstall new file mode 100644 index 0000000000..a7604db3ff --- /dev/null +++ b/testing/pdns-recursor/pdns-recursor.post-deinstall @@ -0,0 +1,4 @@ +#!/bin/sh + +deluser recursor 2>/dev/null +exit 0 diff --git a/testing/pdns-recursor/pdns-recursor.pre-install b/testing/pdns-recursor/pdns-recursor.pre-install new file mode 100644 index 0000000000..ece3a78472 --- /dev/null +++ b/testing/pdns-recursor/pdns-recursor.pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +addgroup -S recursor 2>/dev/null +adduser -S -D -H -h /var/empty -s /bin/false -G recursor -g recursor recursor 2>/dev/null + +exit 0 diff --git a/testing/pdns-recursor/recursor.conf b/testing/pdns-recursor/recursor.conf new file mode 100644 index 0000000000..1db31276c4 --- /dev/null +++ b/testing/pdns-recursor/recursor.conf @@ -0,0 +1,452 @@ +# Autogenerated configuration file template +################################# +# allow-from If set, only allow these comma separated netmasks to recurse +# +# allow-from=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10 + +################################# +# allow-from-file If set, load allowed netmasks from this file +# +# allow-from-file= + +################################# +# any-to-tcp Answer ANY queries with tc=1, shunting to TCP +# +# any-to-tcp=no + +################################# +# api-config-dir Directory where REST API stores config and zones +# +# api-config-dir= + +################################# +# api-key Static pre-shared authentication key for access to the REST API +# +# api-key= + +################################# +# api-logfile Location of the server logfile (used by the REST API) +# +# api-logfile=/var/log/pdns.log + +################################# +# api-readonly Disallow data modification through the REST API when set +# +# api-readonly=no + +################################# +# auth-zones Zones for which we have authoritative data, comma separated domain=file pairs +# +# auth-zones= + +################################# +# carbon-interval Number of seconds between carbon (graphite) updates +# +# carbon-interval=30 + +################################# +# carbon-ourname If set, overrides our reported hostname for carbon stats +# +# carbon-ourname= + +################################# +# carbon-server If set, send metrics in carbon (graphite) format to this server +# +# carbon-server= + +################################# +# chroot switch to chroot jail +# +# chroot= + +################################# +# client-tcp-timeout Timeout in seconds when talking to TCP clients +# +# client-tcp-timeout=2 + +################################# +# config-dir Location of configuration directory (recursor.conf) +# +# config-dir=/etc + +################################# +# config-name Name of this virtual configuration - will rename the binary image +# +# config-name= + +################################# +# daemon Operate as a daemon +# +daemon=yes + +################################# +# delegation-only Which domains we only accept delegations from +# +# delegation-only= + +################################# +# disable-packetcache Disable packetcache +# +# disable-packetcache=no + +################################# +# disable-syslog Disable logging to syslog, useful when running inside a supervisor that logs stdout +# +# disable-syslog=no + +################################# +# dnssec DNSSEC mode: off/process-no-validate (default)/process/log-fail/validate +# +# dnssec=process-no-validate + +################################# +# dnssec-log-bogus Log DNSSEC bogus validations +# +# dnssec-log-bogus=no + +################################# +# dont-query If set, do not query these netmasks for DNS data +# +# dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32 + +################################# +# edns-outgoing-bufsize Outgoing EDNS buffer size +# +# edns-outgoing-bufsize=1680 + +################################# +# edns-subnet-whitelist List of netmasks and domains that we should enable EDNS subnet for +# +# edns-subnet-whitelist= + +################################# +# entropy-source If set, read entropy from this file +# +# entropy-source=/dev/urandom + +################################# +# etc-hosts-file Path to 'hosts' file +# +# etc-hosts-file=/etc/hosts + +################################# +# export-etc-hosts If we should serve up contents from /etc/hosts +# +# export-etc-hosts=off + +################################# +# export-etc-hosts-search-suffix Also serve up the contents of /etc/hosts with this suffix +# +# export-etc-hosts-search-suffix= + +################################# +# forward-zones Zones for which we forward queries, comma separated domain=ip pairs +# +# forward-zones= + +################################# +# forward-zones-file File with (+)domain=ip pairs for forwarding +# +# forward-zones-file= + +################################# +# forward-zones-recurse Zones for which we forward queries with recursion bit, comma separated domain=ip pairs +# +# forward-zones-recurse= + +################################# +# hint-file If set, load root hints from this file +# +# hint-file= + +################################# +# include-dir Include *.conf files from this directory +# +# include-dir= + +################################# +# latency-statistic-size Number of latency values to calculate the qa-latency average +# +# latency-statistic-size=10000 + +################################# +# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports. +# +# local-address=127.0.0.1 + +################################# +# local-port port to listen on +# +local-port=5353 + +################################# +# log-common-errors If we should log rather common errors +# +# log-common-errors=no + +################################# +# logging-facility Facility to log messages as. 0 corresponds to local0 +# +# logging-facility= + +################################# +# loglevel Amount of logging. Higher is more. Do not set below 3 +# +# loglevel=4 + +################################# +# lowercase-outgoing Force outgoing questions to lowercase +# +# lowercase-outgoing=no + +################################# +# lua-config-file More powerful configuration options +# +# lua-config-file= + +################################# +# lua-dns-script Filename containing an optional 'lua' script that will be used to modify dns answers +# +# lua-dns-script= + +################################# +# max-cache-entries If set, maximum number of entries in the main cache +# +# max-cache-entries=1000000 + +################################# +# max-cache-ttl maximum number of seconds to keep a cached entry in memory +# +# max-cache-ttl=86400 + +################################# +# max-mthreads Maximum number of simultaneous Mtasker threads +# +# max-mthreads=2048 + +################################# +# max-negative-ttl maximum number of seconds to keep a negative cached entry in memory +# +# max-negative-ttl=3600 + +################################# +# max-packetcache-entries maximum number of entries to keep in the packetcache +# +# max-packetcache-entries=500000 + +################################# +# max-qperq Maximum outgoing queries per query +# +# max-qperq=50 + +################################# +# max-tcp-clients Maximum number of simultaneous TCP clients +# +# max-tcp-clients=128 + +################################# +# max-tcp-per-client If set, maximum number of TCP sessions per client (IP address) +# +# max-tcp-per-client=0 + +################################# +# max-total-msec Maximum total wall-clock time per query in milliseconds, 0 for unlimited +# +# max-total-msec=7000 + +################################# +# minimum-ttl-override Set under adverse conditions, a minimum TTL +# +# minimum-ttl-override=0 + +################################# +# network-timeout Wait this nummer of milliseconds for network i/o +# +# network-timeout=1500 + +################################# +# no-shuffle Don't change +# +# no-shuffle=off + +################################# +# non-local-bind Enable binding to non-local addresses by using FREEBIND / BINDANY socket options +# +# non-local-bind=no + +################################# +# packetcache-servfail-ttl maximum number of seconds to keep a cached servfail entry in packetcache +# +# packetcache-servfail-ttl=60 + +################################# +# packetcache-ttl maximum number of seconds to keep a cached entry in packetcache +# +# packetcache-ttl=3600 + +################################# +# pdns-distributes-queries If PowerDNS itself should distribute queries over threads +# +# pdns-distributes-queries= + +################################# +# processes Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE) +# +# processes=1 + +################################# +# query-local-address Source IP address for sending queries +# +# query-local-address=0.0.0.0 + +################################# +# query-local-address6 Source IPv6 address for sending queries. IF UNSET, IPv6 WILL NOT BE USED FOR OUTGOING QUERIES +# +# query-local-address6= + +################################# +# quiet Suppress logging of questions and answers +# +# quiet= + +################################# +# reuseport Enable SO_REUSEPORT allowing multiple recursors processes to listen to 1 address +# +# reuseport=no + +################################# +# root-nx-trust If set, believe that an NXDOMAIN from the root means the TLD does not exist +# +# root-nx-trust=yes + +################################# +# security-poll-suffix Domain name from which to query security update notifications +# +# security-poll-suffix=secpoll.powerdns.com. + +################################# +# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space +# +# serve-rfc1918= + +################################# +# server-down-max-fails Maximum number of consecutive timeouts (and unreachables) to mark a server as down ( 0 => disabled ) +# +# server-down-max-fails=64 + +################################# +# server-down-throttle-time Number of seconds to throttle all queries to a server after being marked as down +# +# server-down-throttle-time=60 + +################################# +# server-id Returned when queried for 'server.id' TXT or NSID, defaults to hostname +# +# server-id= + +################################# +# setgid If set, change group id to this gid for more security +# +setgid=recursor + +################################# +# setuid If set, change user id to this uid for more security +# +setuid=recursor + +################################# +# single-socket If set, only use a single socket for outgoing queries +# +# single-socket=off + +################################# +# soa-minimum-ttl Don't change +# +# soa-minimum-ttl=0 + +################################# +# socket-dir Where the controlsocket will live, /var/run when unset and not chrooted +# +# socket-dir= + +################################# +# socket-group Group of socket +# +# socket-group= + +################################# +# socket-mode Permissions for socket +# +# socket-mode= + +################################# +# socket-owner Owner of socket +# +# socket-owner= + +################################# +# spoof-nearmiss-max If non-zero, assume spoofing after this many near misses +# +# spoof-nearmiss-max=20 + +################################# +# stack-size stack size per mthread +# +# stack-size=200000 + +################################# +# stats-ringbuffer-entries maximum number of packets to store statistics for +# +# stats-ringbuffer-entries=10000 + +################################# +# threads Launch this number of threads +# +# threads=2 + +################################# +# trace if we should output heaps of logging. set to 'fail' to only log failing domains +# +# trace=off + +################################# +# udp-truncation-threshold Maximum UDP response size before we truncate +# +# udp-truncation-threshold=1680 + +################################# +# version-string string reported on version.pdns or version.bind +# +# version-string=PowerDNS Recursor 4.0.1 (built Aug 15 2016 11:06:59 by coredumb@alpine-dev.internal) + +################################# +# webserver Start a webserver (for REST API) +# +# webserver=no + +################################# +# webserver-address IP Address of webserver to listen on +# +# webserver-address=127.0.0.1 + +################################# +# webserver-allow-from Webserver access is only allowed from these subnets +# +# webserver-allow-from=0.0.0.0/0,::/0 + +################################# +# webserver-password Password required for accessing the webserver +# +# webserver-password= + +################################# +# webserver-port Port of webserver to listen on +# +# webserver-port=8082 + +################################# +# write-pid Write a PID file +# +# write-pid=yes + + |