unbound: Use recursor mode if no nameservers are configured

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
index 7df50e9d4632d48bc04d27984eec4f8477a854c1..3322c15b5fe0cdeda42d009a64c1c39eb6df55b5 100644 (file)
--- a/src/initscripts/system/unbound
+++ b/src/initscripts/system/unbound
@@ -162,19 +162,29 @@ write_forward_conf() {
                        done
                fi
 
-               echo "forward-zone:"
-               echo "  name: \".\""
+               # Read name servers.
+               nameservers=$(read_name_servers)
 
-               # Force using TLS only
-               if [ "${PROTO}" = "TLS" ]; then
-                       echo "  forward-tls-upstream: yes"
+               # Only write forward zones if any nameservers are configured.
+               #
+               # Otherwise fall-back into recursor mode.
+               if [ -n "${nameservers}" ]; then
+
+                       echo "forward-zone:"
+                       echo "  name: \".\""
+
+                       # Force using TLS only
+                       if [ "${PROTO}" = "TLS" ]; then
+                               echo "  forward-tls-upstream: yes"
+                       fi
+
+                       # Add upstream name servers
+                       local ns
+                       for ns in ${nameservers}; do
+                               echo "  forward-addr: ${ns}"
+                       done
                fi
 
-               # Add upstream name servers
-               local ns
-               for ns in $(read_name_servers); do
-                       echo "  forward-addr: ${ns}"
-               done
        ) > /etc/unbound/forward.conf
 }