[people/pmueller/ipfire-2.x.git] / src / scripts / convert-dns-settings

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A Linux-based firewall                                         #
# Copyright (C) 2020 IPFire Team <info@ipfire.org>                            #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

FILES=(
	/var/ipfire/ethernet/settings
	/var/ipfire/dns/settings
	/var/ipfire/ppp/settings-*
)

main() {
	# Do not convert anything if we already have some servers set
	if [ ! -s "/var/ipfire/dns/servers" ]; then
		# Array to store all found DNS servers.
		local SERVERS=()

		# Loop through all PPP profiles
		local file
		for file in "${FILES[@]}"; do
			if [ -s "${file}" ]; then
				local DNS0 DNS1 DNS2
				eval $(/usr/local/bin/readhash "${file}")

				# Add the DNS servers to the array of SERVERS
				local var
				for var in DNS0 DNS1 DNS2; do
					SERVERS+=( "${!var}" )
				done
			fi
		done

		local server
		local i=3
		for server in $(printf "%s\n" "${SERVERS[@]}" | sort -u); do
			if [ -n "${server}" ]; then
				echo "${i},${server},,enabled,"
				(( i++ ))
			fi
		done > /var/ipfire/dns/servers

		# Empty the old settings file
		: > /var/ipfire/dns/settings

		# Disable using ISP name servers when we already have some configured
		if [ ${i} -gt 3 ]; then
			echo "USE_ISP_NAMESERVERS=off" \
				>> /var/ipfire/dns/settings
		fi
	fi

	# Remove all old settings from files
	local file
	for file in "${FILES[@]}"; do	
		# Remove DNS, DNS0, DNS1 and DNS2
		sed -Ei "/^DNS[012]?=/d" "${file}"
	done

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/settings

	# Convert old unbound settings file
	if [ -e "/etc/sysconfig/unbound" ]; then
		local USE_FORWARDERS
		local ENABLE_SAFE_SEARCH
		local FORCE_TCP

		# Read settings
		eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)

		# Safe Search
		if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
			echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
				>> /var/ipfire/dns/settings
		fi

		# Force TCP
		if [ "${FORCE_TCP}" = "on" ]; then
			echo "PROTO=TCP" >> /var/ipfire/dns/settings
		fi
	
		# Run in recursor mode
		if [ "${USE_FORWARDERS}" = "0" ]; then
			# Remove all servers
			: > /var/ipfire/dns/servers
		fi

		rm -f "/etc/sysconfig/unbound"
	fi

	# Set correct ownership.
	chown nobody:nobody /var/ipfire/dns/servers

	# Make DHCP leases readable for nobody
	chmod 644 /etc/unbound/dhcp-leases.conf
}

main "$@" || exit $?
Commit	Line	Data
ecbf6676 MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A Linux-based firewall #
	5	# Copyright (C) 2020 IPFire Team <info@ipfire.org> #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
15e34194 AF	22	FILES=(
	23	/var/ipfire/ethernet/settings
	24	/var/ipfire/dns/settings
	25	/var/ipfire/ppp/settings-*
	26	)
	27
ecbf6676 MT	28	main() {
	29	# Do not convert anything if we already have some servers set
	30	if [ ! -s "/var/ipfire/dns/servers" ]; then
dcc655ef	31	# Array to store all found DNS servers.
5d6ccc7a AF	32	local SERVERS=()
	33
	34	# Loop through all PPP profiles
	35	local file
15e34194	36	for file in "${FILES[@]}"; do
5d6ccc7a AF	37	if [ -s "${file}" ]; then
	38	local DNS0 DNS1 DNS2
	39	eval $(/usr/local/bin/readhash "${file}")
	40
	41	# Add the DNS servers to the array of SERVERS
	42	local var
	43	for var in DNS0 DNS1 DNS2; do
	44	SERVERS+=( "${!var}" )
dcc655ef	45	done
5d6ccc7a AF	46	fi
5d6ccc7a AF	47	done
ecbf6676	48
dcc655ef	49	local server
ecbf6676	50	local i=3
5d6ccc7a AF	51	for server in $(printf "%s\n" "${SERVERS[@]}" \| sort -u); do
	52	if [ -n "${server}" ]; then
	53	echo "${i},${server},,enabled,"
	54	(( i++ ))
	55	fi
ecbf6676 MT	56	done > /var/ipfire/dns/servers
	57
	58	# Empty the old settings file
	59	: > /var/ipfire/dns/settings
	60
	61	# Disable using ISP name servers when we already have some configured
	62	if [ ${i} -gt 3 ]; then
	63	echo "USE_ISP_NAMESERVERS=off" \
	64	>> /var/ipfire/dns/settings
	65	fi
	66	fi
	67
15e34194 AF	68	# Remove all old settings from files
	69	local file
	70	for file in "${FILES[@]}"; do
	71	# Remove DNS, DNS0, DNS1 and DNS2
	72	sed -Ei "/^DNS[012]?=/d" "${file}"
	73	done
	74
c73baee1 SS	75	# Set correct ownership.
	76	chown nobody:nobody /var/ipfire/dns/settings
	77
ecbf6676 MT	78	# Convert old unbound settings file
	79	if [ -e "/etc/sysconfig/unbound" ]; then
	80	local USE_FORWARDERS
	81	local ENABLE_SAFE_SEARCH
	82	local FORCE_TCP
	83
	84	# Read settings
	85	eval $(/usr/local/bin/readhash /etc/sysconfig/unbound)
	86
	87	# Safe Search
	88	if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then
	89	echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \
	90	>> /var/ipfire/dns/settings
	91	fi
	92
	93	# Force TCP
	94	if [ "${FORCE_TCP}" = "on" ]; then
	95	echo "PROTO=TCP" >> /var/ipfire/dns/settings
	96	fi
	97
	98	# Run in recursor mode
	99	if [ "${USE_FORWARDERS}" = "0" ]; then
	100	# Remove all servers
	101	: > /var/ipfire/dns/servers
	102	fi
	103
	104	rm -f "/etc/sysconfig/unbound"
	105	fi
c73baee1 SS	106
	107	# Set correct ownership.
	108	chown nobody:nobody /var/ipfire/dns/servers
7be4822f MT	109
7be4822f MT	110	# Make DHCP leases readable for nobody
d3236de2	111	chmod 644 /etc/unbound/dhcp-leases.conf
ecbf6676 MT	112	}
	113
	114	main "$@" \|\| exit $?