Ship init script for unbound
authorJulien Cristau <jcristau@debian.org>
Sun, 17 May 2015 14:43:36 +0000 (16:43 +0200)
committerJulien Cristau <jcristau@debian.org>
Sun, 17 May 2015 14:49:53 +0000 (16:49 +0200)
Taken from the jessie package for now.

Signed-off-by: Julien Cristau <jcristau@debian.org>
modules/unbound/files/unbound.init [new file with mode: 0755]
modules/unbound/manifests/init.pp

diff --git a/modules/unbound/files/unbound.init b/modules/unbound/files/unbound.init
new file mode 100755 (executable)
index 0000000..78f9c2f
--- /dev/null
@@ -0,0 +1,171 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides:          unbound
+# Required-Start:    $network $remote_fs $syslog
+# Required-Stop:     $network $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+### END INIT INFO
+
+NAME=unbound
+DESC="recursive DNS server"
+DAEMON=/usr/sbin/unbound
+PIDFILE="/var/run/unbound.pid"
+
+test -x $DAEMON || exit 0
+test -x ${DAEMON}-checkconf || exit 0
+
+. /lib/lsb/init-functions
+
+UNBOUND_ENABLE=true
+UNBOUND_CONF=/etc/unbound/unbound.conf
+UNBOUND_BASE_DIR=$(dirname $UNBOUND_CONF)
+CHROOT_DIR=$(awk '{if ($1 ~ "^chroot" && $2 != "\"\"") print $2}' $UNBOUND_CONF|sed -e "s#\"##g")
+ROOT_TRUST_ANCHOR_UPDATE=false
+ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
+RESOLVCONF=false
+RESOLVCONF_FORWARDERS=false
+
+if [ -f /etc/default/$NAME ]; then
+    . /etc/default/$NAME
+    case "x$UNBOUND_ENABLE" in
+        xtrue|x1|xyes)
+            UNBOUND_ENABLE=true
+            ;;
+        *)
+            UNBOUND_ENABLE=false
+            ;;
+    esac
+    case "x$ROOT_TRUST_ANCHOR_UPDATE" in
+        xtrue|x1|xyes)
+            ROOT_TRUST_ANCHOR_UPDATE=true
+            ;;
+        *)
+            ROOT_TRUST_ANCHOR_UPDATE=false
+            ;;
+    esac
+    case "x$RESOLVCONF" in
+        xtrue|x1|xyes)
+            RESOLVCONF=true
+            ;;
+        *)
+            RESOLVCONF=false
+    esac
+    case "x$RESOLVCONF_FORWARDERS" in
+        xtrue|x1|xyes)
+            RESOLVCONF_FORWARDERS=true
+            ;;
+        *)
+            RESOLVCONF_FORWARDERS=false
+    esac
+fi
+
+do_resolvconf_start() {
+    if $RESOLVCONF; then
+        if [ -x /sbin/resolvconf ]; then
+            unbound-checkconf $CHROOT_DIR/$UNBOUND_CONF -o interface | (
+                default=yes
+                while read interface; do
+                    default=no
+                    if [ "x$interface" = x0.0.0.0 -o "x$interface" = x127.0.0.1 ]; then
+                        echo "nameserver 127.0.0.1"
+                    elif [ "x$interface" = x::0 -o "x$interface" = x::1 ]; then
+                        echo "nameserver ::1"
+                    fi
+                done
+                if [ $default = yes ]; then
+                    # unbound defaults to listening on localhost
+                    echo "nameserver 127.0.0.1"
+                fi
+            ) | /sbin/resolvconf -a lo.unbound
+        fi
+    fi
+}
+
+do_resolvconf_stop() {
+    if $RESOLVCONF; then
+        if [ -x /sbin/resolvconf ]; then
+            /sbin/resolvconf -d lo.unbound
+        fi
+    fi
+}
+
+do_chroot_setup() {
+    if [ -d "$CHROOT_DIR" -a "$CHROOT_DIR" != "$UNBOUND_BASE_DIR" ]; then
+        cd /
+        tar --overwrite -cf - $(echo $UNBOUND_BASE_DIR | sed 's#^/##') | (cd $CHROOT_DIR && tar -xf -)
+    fi
+}
+
+case "$1" in
+    start)
+        if $UNBOUND_ENABLE; then
+            do_chroot_setup
+            if $ROOT_TRUST_ANCHOR_UPDATE; then
+                unbound-anchor -a $ROOT_TRUST_ANCHOR_FILE -v 2>&1 | logger -p daemon.info -t unbound-anchor
+                chown unbound:unbound $ROOT_TRUST_ANCHOR_FILE
+            fi
+            log_daemon_msg "Starting $DESC" "$NAME"
+            if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
+                do_resolvconf_start
+                log_end_msg 0
+            else
+                log_end_msg 1
+            fi
+        else
+            log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
+        fi
+        ;;
+
+    stop)
+        if $UNBOUND_ENABLE; then
+            log_daemon_msg "Stopping $DESC" "$NAME"
+            if start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --name $NAME; then
+                do_resolvconf_stop
+                log_end_msg 0
+            else
+                log_end_msg 1
+            fi
+        fi
+        ;;
+
+    restart|force-reload)
+        if $UNBOUND_ENABLE; then
+            log_daemon_msg "Restarting $DESC" "$NAME"
+            start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5
+            do_resolvconf_stop
+            if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
+                do_chroot_setup
+                do_resolvconf_start
+                log_end_msg 0
+            else
+                log_end_msg 1
+            fi
+        fi
+        ;;
+
+    reload)
+        if $UNBOUND_ENABLE; then
+            log_daemon_msg "Reloading $DESC" "$NAME"
+            if start-stop-daemon --stop --pidfile $PIDFILE --signal 1; then
+                do_chroot_setup
+                log_end_msg 0
+            else
+                log_end_msg 1
+            fi
+        fi
+        ;;
+
+    status)
+        status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+        ;;
+
+    *)
+        N=/etc/init.d/$NAME
+        echo "Usage: $N {start|stop|restart|status|reload|force-reload}" >&2
+        exit 1
+        ;;
+esac
+
+exit 0;
index 3a0eeb3..667abc1 100644 (file)
@@ -23,6 +23,11 @@ class unbound {
                pattern   => 'unbound',
        }
 
+       file { '/etc/init.d/unbound':
+               source => 'puppet:///modules/unbound/unbound.init',
+               mode   => '0555',
+               notify => Exec['systemctl daemon-reload'],
+       }
        file { '/var/lib/unbound':
                ensure  => directory,
                owner   => unbound,