webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-15 21:43:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
91c35e4838b4e059c67240bb54cd32eefd105da3
bpfire/lfs/unbound
Michael Tremer e432689aa9 DNS: Fall back to permissive mode if recursor mode is unavailable 
The tests when assigning DNS name servers has been extended so that
if no working forwarder can be found, we will test if the local recursor
mode is an option.

If not, we will configure unbound's validator module into permissive
mode so that at least some DNS functionality is available.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2017-02-27 21:38:03 +00:00

111 lines
4.1 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2017 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 1.6.1
THISAPP = unbound-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = aa808f33d94a36c9312d1b8ad8805e14
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/unbound-allow-setting-validator-permissive-mode-at-runtime.patch
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--with-pidfile=/var/run/unbound.pid \
--with-rootkey-file=/var/lib/unbound/root.key \
--disable-static \
--with-libevent
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
# Install configuration
install -v -m 644 $(DIR_SRC)/config/unbound/unbound.conf \
/etc/unbound/unbound.conf
touch /etc/unbound/{dhcp-leases,forward}.conf
-mkdir -pv /etc/unbound/local.d
# Install root hints
install -v -m 644 $(DIR_SRC)/config/unbound/root.hints \
/etc/unbound/root.hints
# Install DHCP leases bridge
install -v -m 755 $(DIR_SRC)/config/unbound/unbound-dhcp-leases-bridge \
/usr/sbin/unbound-dhcp-leases-bridge
# Install key
-mkdir -pv /var/lib/unbound
install -v -m 644 $(DIR_SRC)/config/unbound/root.key \
/var/lib/unbound/root.key
chown -Rv nobody.nobody /var/lib/unbound
# Ship ICANN's certificates to validate DNS trust anchors
install -v -m 644 $(DIR_SRC)/config/unbound/icannbundle.pem \
/etc/unbound/icannbundle.pem
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink