kresd

1. #!/bin/sh /etc/rc.common
2.  
3. START=61
4. STOP=00
5.  
6. USE_PROCD=1
7. PROG=/usr/bin/kresd
8. CONFIGFILE=/tmp/kresd.config
9. ROOTKEYFILE=/etc/root.keys
10. DEFAULT_RUNDIR=/tmp/kresd
11.  
12. # Check the /etc/unbound/root.keys is reasonable and try to fix it with given command
13. check_root_key() {
14.     # Don't do anything if it looks OK
15.     grep -qE '[[:space:]](DNSKEY|DS|TYPE[[:digit:]][[:digit:]])[[:space:]]' $ROOTKEYFILE && return
16.     # Not OK -> run the command and hope for the best
17.     echo "Trying to restore broken $ROOTKEYFILE with command $@"
18.     eval "$@"
19. }
20.  
21. add_listen_addr() {
22.     local addr="$1"
23.     local port="$2"
24.     [ "$addr" == "::0" ] && addr="::"
25.     procd_append_param command -a "$addr#$port"
26. }
27.  
28. init_header() {
29.     echo "--Automatically generated file; DO NOT EDIT" > $CONFIGFILE
30.     echo "modules = {" >> $CONFIGFILE
31.     config_get_bool prefetch common prefetch 0
32.     echo "    'policy'" >> $CONFIGFILE
33.  
34.     # added by Sten, section 1/2
35.     echo "  , 'hints'" >> $CONFIGFILE
36.  
37.     if [ "$prefetch" \!= 0 ]; then
38.         echo "  , 'stats'" >> $CONFIGFILE
39.         echo "  , predict = {" >> $CONFIGFILE
40.         echo "        window = 30 -- 30 minutes sampling window" >> $CONFIGFILE
41.         echo "      , period = 24*(60/30) -- track last 24 hours" >> $CONFIGFILE
42.         echo "  }" >> $CONFIGFILE
43.     fi
44.     echo "}" >> $CONFIGFILE
45. }
46.  
47. set_param_func() {
48.     local func_name="$1"
49.     local val="$2"
50.     echo "$func_name($val)">>$CONFIGFILE
51. }
52.  
53. set_param_var() {
54.     local name="$1"
55.     local val="$2"
56.     echo "$name=$val">>$CONFIGFILE
57. }
58.  
59. load_uci_config_common() {
60.     local interface keyfile verbose port msg_buffer_size net_ipv4 net_ipv6 msg_cache_size do_forward ignore_root_key
61.     local section="common"
62.  
63.     # port
64.     config_get port "$section" port
65.  
66.     # list of listen addresses
67.     config_list_foreach "$section" interface add_listen_addr $port
68.  
69.     # ignore keyfile
70.     config_get_bool ignore_root_key "$section" ignore_root_key 0
71.  
72.     if [ "$ignore_root_key" = "0" ]; then
73.         #keyfile
74.         config_get keyfile "$section" keyfile
75.         if [ -n "$keyfile" ]; then
76.             ROOTKEYFILE=$keyfile
77.             check_root_key cert-backup -x $ROOTKEYFILE
78.             procd_append_param command -k "$keyfile"
79.         fi
80.     fi
81.  
82.     # verbosity
83.     config_get verbose "$section" verbose 0
84.     [ "$verbose" -ge 1 ] && procd_append_param command -v
85.  
86.     # EDNS payload
87.     config_get msg_buffer_size "$section" msg_buffer_size
88.     [ "$msg_buffer_size" -ge 512 ] && set_param_func "net.bufsize" "$msg_buffer_size"
89.  
90.     # ipv4
91.     config_get_bool net_ipv4 "$section" net_ipv4
92.     net_ipv4_bool=$(if test "$net_ipv4" -eq "1"; then echo true; else echo false; fi)
93.     set_param_var "net.ipv4" "$net_ipv4_bool"
94.    
95.     # ipv6
96.     config_get_bool net_ipv6 "$section" net_ipv6
97.     net_ipv6_bool=$(if test "$net_ipv6" -eq "1"; then echo true; else echo false; fi)
98.     set_param_var "net.ipv6" "$net_ipv6_bool"
99.  
100.     # msg_cache_size
101.     config_get msg_cache_size "$section" msg_cache_size
102.     conv_msg_cache_size=$(echo "$msg_cache_size"|sed -e 's/k$/*kB/gi' -e 's/M$/*MB/gi' -e 's/G$/*GB/gi')
103.     set_param_func "cache.open" "$conv_msg_cache_size"
104.     set_param_func "cache.clear" ""
105.  
106.  
107.     # added by Sten, section 2/2
108.     set_param_func "hints.config" "'/tmp/hosts/dhcp'"
109.  
110.     config_get_bool do_forward "$section" forward_upstream 1
111.     if [ "$do_forward" = "1" ] ; then
112.         local SERVERS
113.         SERVERS=$(sed -ne 's/^nameserver \(.*\)/\1/p' /tmp/resolv.conf.auto | sort)
114.         if [ "$SERVERS" ] ; then
115.             for SERVER in $SERVERS ; do
116.                 echo "policy:add(policy.all(policy.FORWARD('$SERVER')))">>$CONFIGFILE
117.             done
118.         fi
119.     fi
120. }
121.  
122. load_uci_config_kresd() {
123.     local addr config keyfile forks verbose rundir log_stderr log_stdout
124.     local section="kresd"
125.  
126.     # knot-resolver config
127.     procd_append_param command -c "$CONFIGFILE"
128.  
129.     # number of forks
130.     config_get forks "$section" forks 1
131.     procd_append_param command -f "$forks"
132.  
133.     # rundir
134.     config_get rundir "$section" rundir "$DEFAULT_RUNDIR"
135.     [ ! -d "$rundir" ] && mkdir -p "$rundir"
136.     procd_append_param command "$rundir"
137.  
138.     # procd stdout/err logging
139.     config_get_bool log_stderr "$section" log_stderr  0
140.     procd_set_param stderr $log_stderr
141.     config_get_bool log_stdout "$section" log_stdout  0
142.     procd_set_param stdout $log_stdout
143. }
144.  
145. run_instance() {
146.     procd_open_instance
147.     procd_set_param file /etc/config/resolver
148.     procd_set_param command "$PROG"
149.     init_header
150.     load_uci_config_kresd
151.     load_uci_config_common
152.     procd_close_instance
153. }
154.  
155. start_service() {
156.     config_load resolver
157.     run_instance
158. }
159.  
160. reload_service()
161. {
162.     stop
163.     start
164. }