diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-21 09:45:51 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-21 10:11:54 +0100 |
commit | 013acdde21b3242c3d9a76ac907655f34b4b6fb5 (patch) | |
tree | a6c9fc49ba46a4d3bc29cb3e233bb71bce4e0cdc /main | |
parent | 8b78a885fdc62fd626d0ca04e9c77b4b262ef363 (diff) | |
download | aports-013acdde21b3242c3d9a76ac907655f34b4b6fb5.tar.bz2 aports-013acdde21b3242c3d9a76ac907655f34b4b6fb5.tar.xz |
main/unbound: install tool to migrate from dnscache
Diffstat (limited to 'main')
-rw-r--r-- | main/unbound/APKBUILD | 13 | ||||
-rw-r--r-- | main/unbound/migrate-dnscache-to-unbound | 111 |
2 files changed, 107 insertions, 17 deletions
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD index b743e9d23..2a552a551 100644 --- a/main/unbound/APKBUILD +++ b/main/unbound/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=unbound pkgver=1.4.19 -pkgrel=0 +pkgrel=1 pkgdesc="Unbound is a validating, recursive, and caching DNS resolver" pkgusers="unbound" pkggroups="unbound" @@ -13,11 +13,12 @@ depends="dnssec-root" depends_dev="openssl-dev expat-dev ldns-dev libevent-dev" makedepends="$depends_dev python-dev swig" install="$pkgname.pre-install" -subpackages="$pkgname-dev $pkgname-doc $pkgname-libs py-unbound:py" +subpackages="$pkgname-dev $pkgname-doc $pkgname-libs py-unbound:py $pkgname-migrate" source="http://unbound.net/downloads/unbound-$pkgver.tar.gz conf.patch swig.patch update-unbound-root-hints + migrate-dnscache-to-unbound root.hints unbound.initd" @@ -83,9 +84,17 @@ py() { mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ } +migrate() { + pkgdesc="Simple tool to migrate from dnscache to unbound" + mkdir -p "$subpkgdir"/usr/bin/ + install -m755 "$srcdir"/migrate-dnscache-to-unbound \ + "$subpkgdir"/usr/bin/ +} + md5sums="39f121e1921c7b5ad2f05a4d756a0487 unbound-1.4.19.tar.gz 32fe2914a2723142d3eae9ea556872d3 conf.patch cca28c13f9b835dfe94ea91012d76e2b swig.patch c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints +01abc5360897967be608eaf4ec1c25dc migrate-dnscache-to-unbound d7a1cb305b7b5b72df4e574777f76723 root.hints ebf2b5f8e1be2c4dbec9c5fad1e0e0de unbound.initd" diff --git a/main/unbound/migrate-dnscache-to-unbound b/main/unbound/migrate-dnscache-to-unbound index a2ad99e4f..4fbb875fb 100644 --- a/main/unbound/migrate-dnscache-to-unbound +++ b/main/unbound/migrate-dnscache-to-unbound @@ -11,7 +11,20 @@ to_subnet() { esac } -gen_stub_zones() { +gen_config() { + echo "# Config generated by $0, $(date)" + echo "server:" + echo -e "\troot-hints: /etc/unbound/root.hints\n" + + [ -n "$IP" ] && echo -e "\tinterface: $IP\n" + [ -n "$IPSEND" ] && echo -e "\toutgoing-interface: $IPSEND\n" + + for i in $access_control; do + echo -e "\taccess-control: $i allow" + done + echo "" + + # stub zones local zonefile ip local fwdtype="stub" if [ -n "$FORWARDONLY" ]; then @@ -22,7 +35,6 @@ gen_stub_zones() { if [ "$zone" = "@" ] || [ "$zone" = '*' ]; then continue fi - echo "${fwdtype}-zone:" echo -e "\tname: ${zone}" for ip in $(cat $zonefile); do @@ -32,12 +44,43 @@ gen_stub_zones() { done } -root=${root:-/} -while getopts "r:" opt; do +usage() { + cat >&2 <<EOF +usage: $0 [-h] [-r ROOT] +Migrate dnscache configuration to unbound + +This tool will install unbound, migrate the configuration, stop dnscache +and start unbound and remove traces of dnscache. + +Options: + -c Only dump the config to stdout and exit + -h Show this help + -k Keep unbound.conf.backup and keep dnscache config + -r Look for dnscache config in ROOT/etc/dnscache + +EOF +} + +root=${ROOT:-/} +dump_config=false +quiet=false +keep_backup=false +while getopts "chr:" opt; do case "$opt" in + 'c') dump_config=true;; + 'h') usage; exit;; + 'k') keep_backup=true;; 'r') root="$OPTARG";; + 'q') quiet=true; quiet_opt=--quiet;; esac done +unbound_conf=${UNBOUND_CONF:-${root%/}/etc/unbound/unbound.conf} + +# read dnscache config +if ! [ -f "$root"/etc/conf.d/dnscache ] && ! [ -d "$root"/etc/dnscache ]; then + echo "No dnscache config found" + exit 1 +fi confd="$root"/etc/conf.d/dnscache if [ -r "$confd" ]; then @@ -47,21 +90,59 @@ fi interface="$IP" outgoing_interface="$IPSEND" -echo $IPSEND -echo $IP -echo $FORWARDONLY - for i in "$root"/etc/dnscache/ip/*; do [ -f "$i" ] || continue access_control="$access_control $(to_subnet ${i##*/})" done -echo -e "\tinterface: $IP\n" -echo -e "\toutgoing-interface: $IPSEND\n" -for i in $access_control; do - echo -e "\taccess-control: $i allow" -done -echo "" +if $dump_config; then + gen_config + exit 0 +fi + +# install unbound if needed +if ! apk info -e unbound; then + apk add $quiet_opt unbound +fi -gen_stub_zones +# generate config +if [ -f "$unbound_conf" ]; then + $quiet || echo "Backing up $unbound_conf" >&2 + mv "$unbound_conf" "${unbound_conf}".backup +fi + +$quiet || echo "Generating $unbound_conf" >&2 +gen_config > "$unbound_conf" + +# stop dnscache and start unbound +if /etc/init.d/dnscache --quiet status 2>/dev/null; then + /etc/init.d/dnscache $quiet_opt stop + if ! /etc/init.d/unbound $quiet_opt start; then + echo "Failed to start unbound. Starting up dnscache again" + /etc/init.d/dnscache $quiet_opt start + exit 1 + fi +fi + +# update runlevels +errors=0 +if rc-update | grep -q -w dnscache; then + runlevels=$(rc-update | awk '$1 == "dnscache" { FS="|"; $0 = $0; print $2 }') + for level in $runlevels; do + rc-update $quiet_opt add unbound $level \ + || errors=$(($errors + 1)) + rc-update $quiet_opt del dnscache $level \ + || errors=$(($errors + 1)) + done +fi + +# cleanup if requested +if [ $errors -eq 0 ] && ! $keep_backup ; then + $quiet || echo "Purging dnscache and dnscache config" >&2 + apk del --purge $quiet_opt dnscache + rm -rf $root/etc/dnscache $root/etc/conf.d/dnscache + $quiet || echo "Purging ${unbound_conf}.backup" >&2 + rm -rf ${unbound_conf}.backup +fi +exit $errors |