The old configuration file in /etc/sysconfig/unbound is no
longer being used and all settings should be in
/var/ipfire/dns/settings.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
# This domain will never validate
TEST_DOMAIN_FAIL="dnssec-failed.org"
# This domain will never validate
TEST_DOMAIN_FAIL="dnssec-failed.org"
-INSECURE_ZONES=
-USE_FORWARDERS=1
-ENABLE_SAFE_SEARCH=off
-FORCE_TCP=off
-FORCE_TLS=off
-
# Cache any local zones for 60 seconds
LOCAL_TTL=60
# Cache any local zones for 60 seconds
LOCAL_TTL=60
-# Load optional configuration
-[ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound
+# Load configuration
+eval $(/usr/local/bin/readhash /var/ipfire/dns/settings)
-if [ "${FORCE_TCP}" = "on" ]; then
+if [ "${PROTO}" = "TCP" ]; then
update_forwarders() {
check_red_has_carrier_and_ip
update_forwarders() {
check_red_has_carrier_and_ip
- if [ "${USE_FORWARDERS}" = "1" -a "${?}" = "1" ]; then
+ if [ "${?}" = "1" ]; then
local forwarders
local broken_forwarders
local forwarders
local broken_forwarders
- # Force using TLS for upstream servers only
- if [ "${FORCE_TLS}" = "on" ]; then
- echo "# Force using TLS for upstream servers only"
- echo "server:"
- echo " tls-upstream: yes"
- echo
-
# Force using TCP for upstream servers only
# Force using TCP for upstream servers only
- elif [ "${FORCE_TCP}" = "on" ]; then
+ if [ "${PROTO}" = "TCP" ]; then
echo "# Force using TCP for upstream servers only"
echo "server:"
echo " tcp-upstream: yes"
echo
fi
echo "# Force using TCP for upstream servers only"
echo "server:"
echo " tcp-upstream: yes"
echo
fi
- local insecure_zones="${INSECURE_ZONES}"
+ local insecure_zones=""
local enabled zone server servers remark disable_dnssec rest
while IFS="," read -r enabled zone servers remark disable_dnssec rest; do
local enabled zone server servers remark disable_dnssec rest
while IFS="," read -r enabled zone servers remark disable_dnssec rest; do
echo " name: \".\""
# Force using TLS only
echo " name: \".\""
# Force using TLS only
- if [ "${FORCE_TLS}" = "on" ]; then
+ if [ "${PROTO}" = "TLS" ]; then
echo " forward-tls-upstream: yes"
fi
echo " forward-tls-upstream: yes"
fi
shift
# If TCP is forced we know by now if the server responds to it
shift
# If TCP is forced we know by now if the server responds to it
- if [ "${FORCE_TCP}" = "on" ]; then
+ if [ "${PROTO}" = "TCP" ]; then