6 # PROVIDE: local_unbound
7 # REQUIRE: FILESYSTEMS netif resolv
13 desc="local caching forwarding resolver"
14 rcvar="local_unbound_enable"
16 command="/usr/sbin/unbound"
17 extra_commands="anchor configtest reload setup"
18 start_precmd="local_unbound_prestart"
19 reload_precmd="local_unbound_configtest"
20 anchor_cmd="local_unbound_anchor"
21 configtest_cmd="local_unbound_configtest"
22 setup_cmd="local_unbound_setup"
23 pidfile="/var/run/${name}.pid"
25 : ${local_unbound_workdir:=/var/unbound}
26 : ${local_unbound_config:=${local_unbound_workdir}/unbound.conf}
27 : ${local_unbound_flags:=-c${local_unbound_config}}
28 : ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf}
29 : ${local_unbound_anchor:=${local_unbound_workdir}/root.key}
30 : ${local_unbound_forwarders:=}
36 echo "$@" | su -m unbound
40 # Retrieve or update the DNSSEC root anchor
42 local_unbound_anchor()
44 do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor}
45 # we can't trust the exit code - check if the file exists
46 [ -f ${local_unbound_anchor} ]
50 # Check the unbound configuration file
52 local_unbound_configtest()
54 do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config}
58 # Create the unbound configuration file and update resolv.conf to
63 echo "Performing initial setup."
64 /usr/sbin/local-unbound-setup -n \
66 -w ${local_unbound_workdir} \
67 -c ${local_unbound_config} \
68 -f ${local_unbound_forwardconf} \
69 -a ${local_unbound_anchor} \
70 ${local_unbound_forwarders}
74 # Before starting, check that the configuration file and root anchor
75 # exist. If not, attempt to generate them.
77 local_unbound_prestart()
79 # Create configuration file
80 if [ ! -f ${local_unbound_config} ] ; then
84 # Retrieve DNSSEC root key
85 if [ ! -f ${local_unbound_anchor} ] ; then