From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 7 Jan 2020 10:43:19 +0000 (+0000)
Subject: DNS: Add converter to migrate settings
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ecbf66761f922f821940ec063d271acae89c78cb;p=people%2Fms%2Fipfire-2.x.git

DNS: Add converter to migrate settings

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index b1dd1d2978..aae31098a0 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -143,6 +143,9 @@ restore_backup() {
 		rm -rf "/var/ipfire/snort"
 	fi
 
+	# Convert DNS settings
+	convert-dns-settings
+
 	return 0
 }
 
diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
index 366ab2bb0d..167e7096ee 100644
--- a/config/rootfiles/common/aarch64/stage2
+++ b/config/rootfiles/common/aarch64/stage2
@@ -91,6 +91,7 @@ usr/lib64
 usr/local/bin/backupiso
 usr/local/bin/connscheduler
 usr/local/bin/consort.sh
+usr/local/bin/convert-dns-settings
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
 usr/local/bin/ipsec-interfaces
diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2
index d9068415ba..fcdfb41eb5 100644
--- a/config/rootfiles/common/stage2
+++ b/config/rootfiles/common/stage2
@@ -90,6 +90,7 @@ usr/lib/libstdc++.so.6
 usr/local/bin/backupiso
 usr/local/bin/connscheduler
 usr/local/bin/consort.sh
+usr/local/bin/convert-dns-settings
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
 usr/local/bin/ipsec-interfaces
diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
index d90e3d70a6..6cc918a92e 100644
--- a/config/rootfiles/common/x86_64/stage2
+++ b/config/rootfiles/common/x86_64/stage2
@@ -92,6 +92,7 @@ usr/lib64
 usr/local/bin/backupiso
 usr/local/bin/connscheduler
 usr/local/bin/consort.sh
+usr/local/bin/convert-dns-settings
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
 usr/local/bin/ipsec-interfaces
diff --git a/src/scripts/convert-dns-settings b/src/scripts/convert-dns-settings
new file mode 100644
index 0000000000..82e471a7f1
--- /dev/null
+++ b/src/scripts/convert-dns-settings
@@ -0,0 +1,83 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A Linux-based firewall                                         #
+# Copyright (C) 2020 IPFire Team <info@ipfire.org>                            #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+main() {
+	# Do not convert anything if we already have some servers set
+	if [ ! -s "/var/ipfire/dns/servers" ]; then
+		local DNS0 DNS1 DNS2
+		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
+		if [ -s "/var/ipfire/ppp/settings" ]; then
+			eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
+		elif [ -s "/var/ipfire/dns/settings" ]; then
+			eval $(/usr/local/bin/readhash /var/ipfire/dns/settings)
+		fi
+
+		local var
+		local i=3
+		for var in DNS0 DNS1 DNS2; do
+			if [ -n "${!var}" ]; then
+				echo "${i},${!var},,enabled,"
+				(( i++ ))
+			fi
+		done > /var/ipfire/dns/servers
+
+		# Empty the old settings file
+		: > /var/ipfire/dns/settings
+
+		# Disable using ISP name servers when we already have some configured
+		if [ ${i} -gt 3 ]; then
+			echo "USE_ISP_NAMESERVERS=off" \
+				>> /var/ipfire/dns/settings
+		fi
+	fi
+
+	# Convert old unbound settings file
+	if [ -e "/etc/sysconfig/unbound" ]; then
+		local USE_FORWARDERS
+		local ENABLE_SAFE_SEARCH
+		local FORCE_TCP
+
+		# Read settings
+		eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)
+
+		# Safe Search
+		if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
+			echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
+				>> /var/ipfire/dns/settings
+		fi
+
+		# Force TCP
+		if [ "${FORCE_TCP}" = "on" ]; then
+			echo "PROTO=TCP" >> /var/ipfire/dns/settings
+		fi
+	
+		# Run in recursor mode
+		if [ "${USE_FORWARDERS}" = "0" ]; then
+			# Remove all servers
+			: > /var/ipfire/dns/servers
+		fi
+
+		rm -f "/etc/sysconfig/unbound"
+	fi
+}
+
+main "$@" || exit $?