etc/rc.d/local_unbound

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: local_unbound
   7 # REQUIRE: FILESYSTEMS netif resolv
   8 # KEYWORD: shutdown
   9
  10 . /etc/rc.subr
  11
  12 name="local_unbound"
  13 desc="local caching forwarding resolver"
  14 rcvar="local_unbound_enable"
  15
  16 command="/usr/sbin/unbound"
  17 extra_commands="anchor configtest reload setup"
  18 start_precmd="local_unbound_prestart"
  19 reload_precmd="local_unbound_configtest"
  20 anchor_cmd="local_unbound_anchor"
  21 configtest_cmd="local_unbound_configtest"
  22 setup_cmd="local_unbound_setup"
  23 pidfile="/var/run/${name}.pid"
  24
  25 : ${local_unbound_workdir:=/var/unbound}
  26 : ${local_unbound_config:=${local_unbound_workdir}/unbound.conf}
  27 : ${local_unbound_flags:=-c${local_unbound_config}}
  28 : ${local_unbound_forwardconf:=${local_unbound_workdir}/forward.conf}
  29 : ${local_unbound_anchor:=${local_unbound_workdir}/root.key}
  30 : ${local_unbound_forwarders:=}
  31
  32 load_rc_config $name
  33
  34 do_as_unbound()
  35 {
  36         echo "$@" | su -m unbound
  37 }
  38
  39 #
  40 # Retrieve or update the DNSSEC root anchor
  41 #
  42 local_unbound_anchor()
  43 {
  44         do_as_unbound /usr/sbin/unbound-anchor -a ${local_unbound_anchor}
  45         # we can't trust the exit code - check if the file exists
  46         [ -f ${local_unbound_anchor} ]
  47 }
  48
  49 #
  50 # Check the unbound configuration file
  51 #
  52 local_unbound_configtest()
  53 {
  54         do_as_unbound /usr/sbin/unbound-checkconf ${local_unbound_config}
  55 }
  56
  57 #
  58 # Create the unbound configuration file and update resolv.conf to
  59 # point to unbound.
  60 #
  61 local_unbound_setup()
  62 {
  63         echo "Performing initial setup."
  64         /usr/sbin/local-unbound-setup -n \
  65             -u unbound \
  66             -w ${local_unbound_workdir} \
  67             -c ${local_unbound_config} \
  68             -f ${local_unbound_forwardconf} \
  69             -a ${local_unbound_anchor} \
  70             ${local_unbound_forwarders}
  71 }
  72
  73 #
  74 # Before starting, check that the configuration file and root anchor
  75 # exist.  If not, attempt to generate them.
  76 #
  77 local_unbound_prestart()
  78 {
  79         # Create configuration file
  80         if [ ! -f ${local_unbound_config} ] ; then
  81                 run_rc_command setup
  82         fi
  83
  84         # Retrieve DNSSEC root key
  85         if [ ! -f ${local_unbound_anchor} ] ; then
  86                 run_rc_command anchor
  87         fi
  88 }
  89
  90 load_rc_config $name
  91 run_rc_command "$1"