#!/bin/sh ############################################################################## # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 as # published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # Copyright (C) 2016 Eric Luehrsen # ############################################################################## # while useful (sh)ellcheck is pedantic and noisy # shellcheck disable=1091,2002,2004,2034,2039,2086,2094,2140,2154,2155 # where are we? UB_ETCDIR=/etc/unbound UB_LIBDIR=/usr/lib/unbound UB_VARDIR=/var/lib/unbound UB_PIDFILE=/var/run/unbound.pid # conf deconstructed UB_CORE_CONF=$UB_VARDIR/server.conf.tmp UB_HOST_CONF=$UB_VARDIR/host.conf.tmp UB_ZONE_CONF=$UB_VARDIR/zone.conf.tmp UB_CTRL_CONF=$UB_VARDIR/ctrl.conf.tmp UB_SRVMASQ_CONF=$UB_VARDIR/dnsmasq_srv.conf.tmp UB_EXTMASQ_CONF=$UB_VARDIR/dnsmasq_ext.conf.tmp UB_RPZCNAME_CONF=$UB_VARDIR/unbound_rpz_cname.conf # conf as found UB_TOTAL_CONF=$UB_VARDIR/unbound.conf UB_DHCP_CONF=$UB_VARDIR/dhcp.conf UB_SRV_CONF=$UB_VARDIR/unbound_srv.conf UB_EXT_CONF=$UB_VARDIR/unbound_ext.conf # resolver file complex UB_RESOLV_CONF=/tmp/resolv.conf UB_RESOLV_AUTO=/tmp/resolv.conf.d/resolv.conf.auto # TLS keys UB_TLS_KEY_FILE="TLS server UCI not implemented" UB_TLS_PEM_FILE="TLS server UCI not implemented" UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt # start files UB_RKEY_FILE=$UB_VARDIR/root.key UB_RHINT_FILE=$UB_VARDIR/root.hints UB_TIME_FILE=$UB_VARDIR/hotplug.time UB_SKIP_FILE=$UB_VARDIR/skip.time # control app keys UB_CTLKEY_FILE=unbound_control.key UB_CTLPEM_FILE=unbound_control.pem UB_SRVKEY_FILE=unbound_server.key UB_SRVPEM_FILE=unbound_server.pem # similar default SOA / NS RR as Unbound uses for private ARPA zones UB_XSER=$(( $( date +%s ) / 60 )) UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300" UB_XNS="7200 IN NS localhost." UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\"" UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\"" UB_LTXT="7200 IN TXT \"comment=rfc6762 multicast dns zone\"" # helper apps UB_ANCHOR=/usr/sbin/unbound-anchor UB_CONTROL=/usr/sbin/unbound-control UB_CONTROL_CFG="$UB_CONTROL -c $UB_TOTAL_CONF" ##############################################################################