84 lines
2.1 KiB
Bash
Executable file
84 lines
2.1 KiB
Bash
Executable file
#!/bin/sh -e
|
|
# Generates a configuration file for unbound(8).
|
|
|
|
cat << EOF
|
|
# Configuration file for the ${__object_id:?} unbound(8) instance.
|
|
# Generated by cdist. DNE: your changes will be overwritten.
|
|
server:
|
|
EOF
|
|
|
|
# Server logging
|
|
[ "$VERBOSITY" ] && printf "verbosity: %u\n" "$VERBOSITY"
|
|
|
|
# IP version
|
|
[ "$DISABLE_IPV4" ] && echo "do-ip4: no"
|
|
[ "$DISABLE_IPV6" ] && echo "do-ip6: no"
|
|
|
|
# Interfaces to bind to
|
|
[ "$PORT" ] && printf "port: %u\n" "$PORT"
|
|
if [ -f "${__object:?}/parameter/interface" ];
|
|
then
|
|
while read -r intf;
|
|
do
|
|
printf "interface: %s\n" "$intf"
|
|
done < "${__object:?}/parameter/interface"
|
|
fi
|
|
|
|
[ "$IP_TRANSPARENT" ] && printf "ip-transparent: yes\n"
|
|
|
|
# Access control
|
|
if [ -f "${__object:?}/parameter/access-control" ];
|
|
then
|
|
while read -r acl;
|
|
do
|
|
printf "access-control: %s\n" "$acl"
|
|
done < "${__object:?}/parameter/access-control"
|
|
fi
|
|
|
|
# Local data
|
|
if [ -f "${__object:?}/parameter/local-data" ];
|
|
then
|
|
while read -r data;
|
|
do
|
|
printf "local-data: \"%s\"\n" "$data"
|
|
done < "${__object:?}/parameter/local-data"
|
|
fi
|
|
|
|
# DNS64
|
|
printf "module-config: \"%svalidator iterator\"\n" "${DNS64:+dns64 }"
|
|
[ "$PREFIX64" ] && printf "dns64-prefix: %s\n" "$PREFIX64"
|
|
|
|
# Remote control
|
|
echo "remote-control:"
|
|
[ "$ENABLE_RC" ] && echo "control-enable: yes"
|
|
[ "$CONTROL_PORT" ] && printf "control-port: %u\n" "$CONTROL_PORT"
|
|
|
|
if [ "$CONTROL_USE_CERTS" ];
|
|
then
|
|
printf "server-key-file: %s\n" "${RC_SERVER_KEY_FILE:?}"
|
|
printf "server-cert-file: %s\n" "${RC_SERVER_CERT_FILE:?}"
|
|
printf "control-key-file: %s\n" "${RC_CONTROL_KEY_FILE:?}"
|
|
printf "control-cert-file: %s\n" "${RC_CONTROL_CERT_FILE:?}"
|
|
fi
|
|
|
|
if [ -f "${__object:?}/parameter/control-interface" ];
|
|
then
|
|
while read -r acl;
|
|
do
|
|
printf "control-interface: %s\n" "$acl"
|
|
done < "${__object:?}/parameter/control-interface"
|
|
fi
|
|
|
|
# Forwarding recursive queries
|
|
if [ -f "${__object:?}/parameter/forward-zone" ];
|
|
then
|
|
while read -r fdzne
|
|
do
|
|
printf "forward-zone:\n"
|
|
printf "name: %s\n" "$(echo "$fdzne" | cut -f1 -d',')"
|
|
echo "$fdzne" | cut -f 2- -d',' | tr ',' '\n' | while read -r addr;
|
|
do
|
|
printf "forward-addr: %s\n" "$addr"
|
|
done
|
|
done < "${__object:?}/parameter/forward-zone";
|
|
fi
|