diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rwxr-xr-x | build.sh | 11 | ||||
| -rw-r--r-- | config/obr/rc.services | 9 | ||||
| -rw-r--r-- | config/obr/unbound/db/.gitkeep | 0 | ||||
| -rw-r--r-- | config/obr/unbound/etc/unbound.conf | 54 | ||||
| -rw-r--r-- | template/etc/rc | 2 |
6 files changed, 70 insertions, 7 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e166442 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.gitkeep @@ -196,8 +196,6 @@ cp -R /usr/sbin/ospfctl $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/ospfd $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/pwd_mkdb $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/rdate $MOUNTPOINT/usr/sbin/. -cp -R /usr/sbin/rndc $MOUNTPOINT/usr/sbin/. -cp -R /usr/sbin/rndc-confgen $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/sensorsd $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/snmpctl $MOUNTPOINT/usr/sbin/. cp -R /usr/sbin/snmpd $MOUNTPOINT/usr/sbin/. @@ -323,8 +321,13 @@ fi if test -d config/$HOSTNAME/named/; then cp -R config/$HOSTNAME/named $MOUNTPOINT/etc/. fi -if test -f config/$HOSTNAME/rndc.conf; then - cp -R config/$HOSTNAME/rndc.conf $MOUNTPOINT/etc/. + +# when we run a DNS resolver +if test -d config/$HOSTNAME/unbound/; then + cp -R config/$HOSTNAME/unbound $MOUNTPOINT/etc/. + cp -R /usr/sbin/unbound $MOUNTPOINT/usr/sbin/. + cp -R /usr/sbin/unbound-{checkconf,control-setup,anchor,control,host} $MOUNTPOINT/usr/sbin/. + unbound-control-setup -d $MOUNTPOINT/etc/unbound/etc fi # autodetect shared libraries needed for all the binaries installed before, then diff --git a/config/obr/rc.services b/config/obr/rc.services index 5f939ec..8cfa65b 100644 --- a/config/obr/rc.services +++ b/config/obr/rc.services @@ -1,5 +1,12 @@ echo named: starting Bind name server.. -/usr/sbin/named +#cp -R /etc/named /tmp/var/named +#chown -R root:named /tmp/var/named +#/usr/sbin/named + +echo unbound: starting DNS resolver.. +mkdir /tmp/var/etc +cp -R /etc/unbound /tmp/var/unbound +/usr/sbin/unbound echo dhcp: starting DHCP server... touch /var/db/dhcpd.leases diff --git a/config/obr/unbound/db/.gitkeep b/config/obr/unbound/db/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/config/obr/unbound/db/.gitkeep diff --git a/config/obr/unbound/etc/unbound.conf b/config/obr/unbound/etc/unbound.conf new file mode 100644 index 0000000..2a1201a --- /dev/null +++ b/config/obr/unbound/etc/unbound.conf @@ -0,0 +1,54 @@ +# $OpenBSD: unbound.conf,v 1.5 2015/07/19 17:29:42 sthen Exp $ + +server: + interface: 0.0.0.0 + do-ip6: no + + access-control: 192.168.1.0/24 allow + access-control: 127.0.0.0/8 allow + access-control: 0.0.0.0/0 refuse + + hide-identity: yes + hide-version: yes + + local-zone: "lan." nodefault + local-zone: "1.168.192.in-addr.arpa." nodefault + +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + +stub-zone: + name: "lan." + stub-addr: 127.0.0.1@8053 + +stub-zone: + name: "1.168.192.in-addr.arpa." + stub-addr: 127.0.0.1@8053 + +stub-zone: + name: "andreasbaumann.cc" + stub-addr: 127.0.0.1@8053 + +stub-zone: + name: "maschezuoz.ch" + stub-addr: 127.0.0.1@8053 + +stub-zone: + name: "bikecentum.com" + stub-addr: 127.0.0.1@8053 + +stub-zone: + name: "project-strus.net" + stub-addr: 127.0.0.1@8053 + + +# +#forward-zone: +# name: "." # use for ALL queries +# forward-addr: 74.82.42.42 # he.net +# forward-addr: 2001:470:20::2 # he.net v6 +# forward-addr: 8.8.8.8 # google.com +# forward-addr: 2001:4860:4860::8888 # google.com v6 +# forward-addr: 208.67.222.222 # opendns.com +# forward-first: yes # try direct if forwarder fails diff --git a/template/etc/rc b/template/etc/rc index 5fff669..0256894 100644 --- a/template/etc/rc +++ b/template/etc/rc @@ -49,8 +49,6 @@ mkdir /tmp/var/cron/atjobs cp -R /etc/tabs /tmp/var/cron/tabs mkdir /tmp/var/tmp/vi.recover mkdir /tmp/var/etc -cp -R /etc/named /tmp/var/named -chown -R root:named /tmp/var/named echo store boot dmesg... dmesg > /var/run/dmesg.boot |