[ipfire-2.x.git] / src / scripts / convert-dns-settings

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A Linux-based firewall                                         #
# Copyright (C) 2020 IPFire Team <info@ipfire.org>                            #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

main() {
	# Do not convert anything if we already have some servers set
	if [ ! -s "/var/ipfire/dns/servers" ]; then
		# Array to store all found DNS servers.
		SERVERS=()

		# Try to get the DNS servers from ethernet settings file.
		local DNS1 DNS2
		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

		# Add the grabbed DNS servers to the servers array.
		SERVERS+=($DNS1 $DNS2)

		# Check if the ppp settings file is not empty.
		if [ -s "/var/ipfire/ppp/settings" ]; then
			# Loop though all profile files.
			for file in /var/ipfire/ppp/settings*; do
				local DNS1 DNS2
				eval $(/usr/local/bin/readhash $file)

				# Add the DNS servers to the array of SERVERS.
				for var in DNS1 DNS2; do
					local server="${!var}"

					# Check if the servers array is empty.
					if [ ${#SERVERS[@]} -eq 0 ]; then
						# Allways add the first found nameserver to the array.
						SERVERS+=($server)
					else
						# Check if the current server is allready part ot the array.
						if [[ ! "${SERVERS[@]}" =~ "${server}" ]]; then
							# Add the server to the array.
							SERVERS+=($server)
						fi
					fi
				done

				# Remove DNS1 and DNS2 settings from profile file.
				sed -i "/^DNS[12]=/d" $file

				# Unset the local variables for the next round.
				unset DNS1 DNS2
			done

		elif [ -s "/var/ipfire/dns/settings" ]; then
			eval $(/usr/local/bin/readhash /var/ipfire/dns/settings)
		fi

		local server
		local i=3
		for server in "${SERVERS[@]}"; do
			echo "${i},${server},,enabled,"
			(( i++ ))
		done > /var/ipfire/dns/servers

		# Empty the old settings file
		: > /var/ipfire/dns/settings

		# Disable using ISP name servers when we already have some configured
		if [ ${i} -gt 3 ]; then
			echo "USE_ISP_NAMESERVERS=off" \
				>> /var/ipfire/dns/settings
		fi
	fi

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/settings

	# Convert old unbound settings file
	if [ -e "/etc/sysconfig/unbound" ]; then
		local USE_FORWARDERS
		local ENABLE_SAFE_SEARCH
		local FORCE_TCP

		# Read settings
		eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)

		# Safe Search
		if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
			echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
				>> /var/ipfire/dns/settings
		fi

		# Force TCP
		if [ "${FORCE_TCP}" = "on" ]; then
			echo "PROTO=TCP" >> /var/ipfire/dns/settings
		fi
	
		# Run in recursor mode
		if [ "${USE_FORWARDERS}" = "0" ]; then
			# Remove all servers
			: > /var/ipfire/dns/servers
		fi

		rm -f "/etc/sysconfig/unbound"
	fi

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/servers

	# Make DHCP leases readable for nobody
	chmod 644 /etc/unbound/dhcp-leases.conf
}

main "$@" || exit $?
Commit	Line	Data
ecbf6676 MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A Linux-based firewall #
	5	# Copyright (C) 2020 IPFire Team <info@ipfire.org> #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	main() {
	23	# Do not convert anything if we already have some servers set
	24	if [ ! -s "/var/ipfire/dns/servers" ]; then
dcc655ef SS	25	# Array to store all found DNS servers.
	26	SERVERS=()
	27
	28	# Try to get the DNS servers from ethernet settings file.
	29	local DNS1 DNS2
ecbf6676 MT	30	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
ecbf6676 MT	31
dcc655ef SS	32	# Add the grabbed DNS servers to the servers array.
	33	SERVERS+=($DNS1 $DNS2)
	34
	35	# Check if the ppp settings file is not empty.
ecbf6676	36	if [ -s "/var/ipfire/ppp/settings" ]; then
dcc655ef SS	37	# Loop though all profile files.
	38	for file in /var/ipfire/ppp/settings*; do
	39	local DNS1 DNS2
	40	eval $(/usr/local/bin/readhash $file)
	41
	42	# Add the DNS servers to the array of SERVERS.
	43	for var in DNS1 DNS2; do
	44	local server="${!var}"
	45
358bcfdb SS	46	# Check if the servers array is empty.
	47	if [ ${#SERVERS[@]} -eq 0 ]; then
	48	# Allways add the first found nameserver to the array.
	49	SERVERS+=($server)
	50	else
	51	# Check if the current server is allready part ot the array.
	52	if [[ ! "${SERVERS[@]}" =~ "${server}" ]]; then
	53	# Add the server to the array.
	54	SERVERS+=($server)
	55	fi
	56	fi
dcc655ef SS	57	done
	58
	59	# Remove DNS1 and DNS2 settings from profile file.
358bcfdb SS	60	sed -i "/^DNS[12]=/d" $file
	61
	62	# Unset the local variables for the next round.
	63	unset DNS1 DNS2
dcc655ef	64	done
1434fa0d	65
ecbf6676 MT	66	elif [ -s "/var/ipfire/dns/settings" ]; then
	67	eval $(/usr/local/bin/readhash /var/ipfire/dns/settings)
	68	fi
	69
dcc655ef	70	local server
ecbf6676	71	local i=3
dcc655ef SS	72	for server in "${SERVERS[@]}"; do
	73	echo "${i},${server},,enabled,"
	74	(( i++ ))
ecbf6676 MT	75	done > /var/ipfire/dns/servers
	76
	77	# Empty the old settings file
	78	: > /var/ipfire/dns/settings
	79
	80	# Disable using ISP name servers when we already have some configured
	81	if [ ${i} -gt 3 ]; then
	82	echo "USE_ISP_NAMESERVERS=off" \
	83	>> /var/ipfire/dns/settings
	84	fi
	85	fi
	86
c73baee1 SS	87	# Set correct ownership.
	88	chown nobody:nobody /var/ipfire/dns/settings
	89
ecbf6676 MT	90	# Convert old unbound settings file
	91	if [ -e "/etc/sysconfig/unbound" ]; then
	92	local USE_FORWARDERS
	93	local ENABLE_SAFE_SEARCH
	94	local FORCE_TCP
	95
	96	# Read settings
	97	eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)
	98
	99	# Safe Search
	100	if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
	101	echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
	102	>> /var/ipfire/dns/settings
	103	fi
	104
	105	# Force TCP
	106	if [ "${FORCE_TCP}" = "on" ]; then
	107	echo "PROTO=TCP" >> /var/ipfire/dns/settings
	108	fi
	109
	110	# Run in recursor mode
	111	if [ "${USE_FORWARDERS}" = "0" ]; then
	112	# Remove all servers
	113	: > /var/ipfire/dns/servers
	114	fi
	115
	116	rm -f "/etc/sysconfig/unbound"
	117	fi
c73baee1 SS	118
	119	# Set correct ownership.
	120	chown nobody:nobody /var/ipfire/dns/servers
7be4822f MT	121
7be4822f MT	122	# Make DHCP leases readable for nobody
d3236de2	123	chmod 644 /etc/unbound/dhcp-leases.conf
ecbf6676 MT	124	}
	125
	126	main "$@" \|\| exit $?