[ipfire-2.x.git] / src / scripts / convert-dns-settings

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

FILES=(
	/var/ipfire/ethernet/settings
	/var/ipfire/dns/settings
	/var/ipfire/ppp/settings
	/var/ipfire/ppp/settings-*
)

main() {
	# Do not convert anything if we already have some servers set
	if [ ! -s "/var/ipfire/dns/servers" ]; then
		# Array to store all found DNS servers.
		local SERVERS=()

		# Loop through all PPP profiles
		local file
		for file in "${FILES[@]}"; do
			if [ -s "${file}" ]; then
				local DNS0 DNS1 DNS2
				eval $(/usr/local/bin/readhash "${file}")

				# Add the DNS servers to the array of SERVERS
				local var
				for var in DNS0 DNS1 DNS2; do
					SERVERS+=( "${!var}" )
				done
			fi
		done

		local server
		local i=3
		for server in $(printf "%s\n" "${SERVERS[@]}" | sort -u); do
			if [ -n "${server}" ]; then
				echo "${i},${server},,enabled,"
				(( i++ ))
			fi
		done > /var/ipfire/dns/servers

		# Empty the old settings file
		: > /var/ipfire/dns/settings

		# Enable using ISP name servers when no servers are configured
		if [ ${i} -eq 3 ]; then
			echo "USE_ISP_NAMESERVERS=on" \
				>> /var/ipfire/dns/settings
		fi
	fi

	# Remove all old settings from files
	local file
	for file in "${FILES[@]}"; do
		# Remove DNS, DNS0, DNS1 and DNS2
		sed -Ei "/^DNS[012]?=/d" "${file}"
	done

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/settings

	# Convert old unbound settings file
	if [ -e "/etc/sysconfig/unbound" ]; then
		local USE_FORWARDERS
		local ENABLE_SAFE_SEARCH
		local FORCE_TCP

		# Read settings
		eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)

		# Safe Search
		if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
			echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
				>> /var/ipfire/dns/settings
		fi

		# Force TCP
		if [ "${FORCE_TCP}" = "on" ]; then
			echo "PROTO=TCP" >> /var/ipfire/dns/settings
		fi

		# Run in recursor mode
		if [ "${USE_FORWARDERS}" = "0" ]; then
			# Remove all servers
			: > /var/ipfire/dns/servers
		fi

		rm -f "/etc/sysconfig/unbound"
	fi

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/servers

	# Make DHCP leases readable for nobody
	chmod 644 /etc/unbound/dhcp-leases.conf
}

main "$@" || exit $?
Commit	Line	Data
ecbf6676 MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
66c36198 PM	4	# IPFire.org - A linux based firewall #
66c36198 PM	5	# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
ecbf6676 MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
15e34194 AF	22	FILES=(
	23	/var/ipfire/ethernet/settings
	24	/var/ipfire/dns/settings
c75fd8c8	25	/var/ipfire/ppp/settings
15e34194 AF	26	/var/ipfire/ppp/settings-*
	27	)
	28
ecbf6676 MT	29	main() {
	30	# Do not convert anything if we already have some servers set
	31	if [ ! -s "/var/ipfire/dns/servers" ]; then
dcc655ef	32	# Array to store all found DNS servers.
5d6ccc7a AF	33	local SERVERS=()
	34
	35	# Loop through all PPP profiles
	36	local file
15e34194	37	for file in "${FILES[@]}"; do
5d6ccc7a AF	38	if [ -s "${file}" ]; then
	39	local DNS0 DNS1 DNS2
	40	eval $(/usr/local/bin/readhash "${file}")
	41
	42	# Add the DNS servers to the array of SERVERS
	43	local var
	44	for var in DNS0 DNS1 DNS2; do
	45	SERVERS+=( "${!var}" )
dcc655ef	46	done
5d6ccc7a AF	47	fi
5d6ccc7a AF	48	done
ecbf6676	49
dcc655ef	50	local server
ecbf6676	51	local i=3
5d6ccc7a AF	52	for server in $(printf "%s\n" "${SERVERS[@]}" \| sort -u); do
	53	if [ -n "${server}" ]; then
	54	echo "${i},${server},,enabled,"
	55	(( i++ ))
	56	fi
ecbf6676 MT	57	done > /var/ipfire/dns/servers
	58
	59	# Empty the old settings file
	60	: > /var/ipfire/dns/settings
	61
87293165 MT	62	# Enable using ISP name servers when no servers are configured
	63	if [ ${i} -eq 3 ]; then
	64	echo "USE_ISP_NAMESERVERS=on" \
ecbf6676 MT	65	>> /var/ipfire/dns/settings
	66	fi
	67	fi
	68
15e34194 AF	69	# Remove all old settings from files
15e34194 AF	70	local file
66c36198	71	for file in "${FILES[@]}"; do
15e34194 AF	72	# Remove DNS, DNS0, DNS1 and DNS2
	73	sed -Ei "/^DNS[012]?=/d" "${file}"
	74	done
	75
c73baee1 SS	76	# Set correct ownership.
	77	chown nobody:nobody /var/ipfire/dns/settings
	78
ecbf6676 MT	79	# Convert old unbound settings file
	80	if [ -e "/etc/sysconfig/unbound" ]; then
	81	local USE_FORWARDERS
	82	local ENABLE_SAFE_SEARCH
	83	local FORCE_TCP
	84
	85	# Read settings
	86	eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)
	87
	88	# Safe Search
	89	if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
	90	echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
	91	>> /var/ipfire/dns/settings
	92	fi
	93
	94	# Force TCP
	95	if [ "${FORCE_TCP}" = "on" ]; then
	96	echo "PROTO=TCP" >> /var/ipfire/dns/settings
	97	fi
66c36198	98
ecbf6676 MT	99	# Run in recursor mode
	100	if [ "${USE_FORWARDERS}" = "0" ]; then
	101	# Remove all servers
	102	: > /var/ipfire/dns/servers
	103	fi
	104
	105	rm -f "/etc/sysconfig/unbound"
	106	fi
c73baee1 SS	107
	108	# Set correct ownership.
	109	chown nobody:nobody /var/ipfire/dns/servers
7be4822f MT	110
7be4822f MT	111	# Make DHCP leases readable for nobody
d3236de2	112	chmod 644 /etc/unbound/dhcp-leases.conf
ecbf6676 MT	113	}
	114
	115	main "$@" \|\| exit $?