]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/initscripts/system/unbound
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
unbound: skip empty domains at local-data import
[ipfire-2.x.git] / src / initscripts / system / unbound
diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
index 3322c15b5fe0cdeda42d009a64c1c39eb6df55b5..acbf6f5b5216f761a9550cbcd0350ba1a5ea7149 100644 (file)
--- a/src/initscripts/system/unbound
+++ b/src/initscripts/system/unbound
@@ -72,8 +72,19 @@ write_hosts_conf() {
                        echo "local-data: \"${address} ${LOCAL_TTL} IN PTR ${HOSTNAME}\""
                done
 
-               # Add all hosts
                local enabled address hostname domainname generateptr
+
+               # Find all unique domain names
+               while IFS="," read -r enabled address hostname domainname generateptr; do
+                       [ "${enabled}" = "on" ] || continue
+
+                       # Skip empty domainnames
+                       [ "${domainname}" = "" ] && continue
+
+                       echo "local-zone: ${domainname} typetransparent"
+               done < /var/ipfire/main/hosts | sort -u
+
+               # Add all hosts
                while IFS="," read -r enabled address hostname domainname generateptr; do
                        [ "${enabled}" = "on" ] || continue
 
@@ -191,15 +202,6 @@ write_forward_conf() {
 write_tuning_conf() {
        # https://www.unbound.net/documentation/howto_optimise.html
 
-       # Determine number of online processors
-       local processors=$(getconf _NPROCESSORS_ONLN)
-
-       # Determine number of slabs
-       local slabs=1
-       while [ ${slabs} -lt ${processors} ]; do
-               slabs=$(( ${slabs} * 2 ))
-       done
-
        # Determine amount of system memory
        local mem=$(get_memory_amount)
 
@@ -234,16 +236,6 @@ write_tuning_conf() {
        (
                config_header
 
-               # We run one thread per processor
-               echo "num-threads: ${processors}"
-               echo "so-reuseport: yes"
-
-               # Adjust number of slabs
-               echo "infra-cache-slabs: ${slabs}"
-               echo "key-cache-slabs: ${slabs}"
-               echo "msg-cache-slabs: ${slabs}"
-               echo "rrset-cache-slabs: ${slabs}"
-
                # Slice up the cache
                echo "rrset-cache-size: $(( ${mem} / 2 ))m"
                echo "msg-cache-size: $(( ${mem} / 4 ))m"
@@ -286,14 +278,18 @@ fix_time_if_dns_fails() {
 
 resolve() {
        local hostname="${1}"
+       local found=1
 
        local answer
        for answer in $(dig +short A "${hostname}"); do
                # Filter out non-IP addresses
                if [[ ! "${answer}" =~ \.$ ]]; then
+                       found=0
                        echo "${answer}"
                fi
        done
+
+       return ${found}
 }
 
 # Sets up Safe Search for various search engines
@@ -528,7 +524,7 @@ update_safe_search() {
        for domain in ${google_tlds[@]}; do
                unbound-control local_zone "${domain}" transparent >/dev/null
                for address in ${addresses}; do
-                       unbound-control local_data: "www.${domain} ${LOCAL_TTL} IN A ${address}"
+                       unbound-control local_data "www.${domain} ${LOCAL_TTL} IN A ${address}"
                done >/dev/null
        done
 
@@ -581,37 +577,38 @@ case "$1" in
                sleep 1
                $0 start
                ;;
-       reload|remove-forwarders)
+       reload|update-forwarders)
                # Update configuration files
                write_forward_conf
                write_hosts_conf
 
+               # Call unbound-control and perform the reload
+               /usr/sbin/unbound-control -q reload
+
+               # Dummy Resolve to wait for unbound
+               resolve "ping.ipfire.org" &>/dev/null
+
+               if [ "$1" = "update-forwarders" ]; then
+                       # Make sure DNS works at this point
+                       fix_time_if_dns_fails
+               fi
+
                # Update Safe Search rules if the system is online.
                if [ -e "/var/ipfire/red/active" ]; then
                        update_safe_search
                fi
-
-               # Call unbound-control and perform the reload
-               /usr/sbin/unbound-control -q reload
                ;;
 
        status)
                statusproc /usr/sbin/unbound
                ;;
 
-       update-forwarders)
-               $0 reload
-
-               # Make sure DNS works at this point
-               fix_time_if_dns_fails
-               ;;
-
        resolve)
-               resolve "${2}"
+               resolve "${2}" || exit $?
                ;;
 
        *)
-               echo "Usage: $0 {start|stop|restart|reload|status|resolve|update-forwarders|remove-forwarders}"
+               echo "Usage: $0 {start|stop|restart|reload|status|resolve|update-forwarders}"
                exit 1
                ;;
 esac
IPFire 2.x development tree