blob: 0912d2a43d976e901097b4507084d11c741438a8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
#!/bin/sh
# unbound freebsd startup rc.d script
# uses the default unbound installation path and pidfile location.
# copy this to %%PREFIX%%/etc/rc.d/unbound
# and put unbound_enable="YES" into rc.conf
#
# unbound_anchorflags can be used to allow you to pass a custom flags to
# unbound-anchor. Examples include a custom resolv.conf (-f) or a custom
# root.hints (-r). Useful for when /etc/resolv.conf only contains 127.0.0.1
#
# PROVIDE: unbound
# REQUIRE: FILESYSTEMS defaultroute netwait resolv
# BEFORE: NETWORKING
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable unbound:
#
# unbound_enable="YES"
#
# You could set alternative config with
# unbound_config="/path/to/config"
#
# Multiple profiles are supported with
#
# unbound_profiles="name1 name2"
# unbound_name1_enable="YES"
# unbound_name1_config="/path/to/config1"
# unbound_name2_enable="YES"
# unbound_name2_config="/path/to/config2"
#
# A fib can be set for each profile as in
# unbound_name1_fib=1
#
. /etc/rc.subr
name=unbound
rcvar=unbound_enable
# setfib
unbound_startfib() {
${SYSCTL} net.fibs >/dev/null 2>&1 || return 0
unbound_fib=${unbound_fib:-"NONE"}
case "$unbound_fib" in
[Nn][Oo][Nn][Ee])
;;
*)
echo "Using fib #: " $unbound_fib .
command="setfib -F ${unbound_fib} ${command}"
;;
esac
}
start_precmd()
{
unbound_startfib
echo -n "Obtaining a trust anchor.."
if [ "${unbound_anchorflags}T" = "T" ]; then
su -m unbound -c %%PREFIX%%/sbin/unbound-anchor
else
su -m unbound -c "%%PREFIX%%/sbin/unbound-anchor ${unbound_anchorflags}"
fi
echo .
%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} > /dev/null
return $?
}
# read settings, set default values
load_rc_config "${name}"
: ${unbound_enable:="NO"}
: ${unbound_config:=%%PREFIX%%/etc/unbound/unbound.conf}
# Set PID file
pidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config})
required_files=${unbound_config}
command="%%PREFIX%%/sbin/${name}"
command_args="-c ${unbound_config}"
unbound_anchorflags=${unbound_anchorflags:-""}
extra_commands="reload"
start_precmd="start_precmd"
reload_precmd="%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} >/dev/null"
load_rc_config "${name}"
if [ -n "$2" ]; then
profile="$2"
if [ "x${unbound_profiles}" != "x" ]; then
eval unbound_config="\${unbound_${profile}_config:-%%PREFIX%%/etc/unbound/unbound-${profile}.conf}"
eval unbound_fib="\${unbound_${profile}_fib:-${unbound_fib}}"
if [ "x${unbound_config}" = "x" ]; then
echo "You must define a configuration file (unbound_${profile}_config)"
exit 1
fi
# Replace default value with profile-based (defined in the config file)
_cfgpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config})
_defaultpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile /dev/null)
if [ "x${_cfgpidfile}" = "x" -o "x${_cfgpidfile}" = "x${_defaultpidfile}" ] ; then
pidfile=${_defaultpidfile}
else
pidfile=${_cfgpidfile}
fi
required_files="${unbound_config}"
eval unbound_enable="\${unbound_${profile}_enable:-${unbound_enable}}"
command_args="-c ${unbound_config}"
else
echo "$0: extra argument ignored"
fi
else
if [ "x${unbound_profiles}" != "x" -a "x$1" != "x" ]; then
for profile in ${unbound_profiles}; do
eval _enable="\${unbound_${profile}_enable}"
case "x${_enable:-${unbound_enable}}" in
x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
continue
;;
x[Yy][Ee][Ss])
;;
*)
if test -z "$_enable"; then
_var=unbound_enable
else
_var=unbound_"${profile}"_enable
fi
echo "Bad value" \
"'${_enable:-${unbound_enable}}'" \
"for ${_var}. " \
"Profile ${profile} skipped."
continue
;;
esac
echo "===> unbound profile: ${profile}"
%%PREFIX%%/etc/rc.d/unbound $1 ${profile}
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
exit 0
fi
fi
run_rc_command "$1"
|