#!/bin/sh /etc/rc.common
# Startup before dnsmasq
START=18
USE_PROCD=1
PROG=/usr/sbin/dnscrypt-proxy
CONFIG_DIR=/var/etc
USER=nobody
boot() {
dnscrypt_boot=1
rc_procd start_service
}
dnscrypt_instance() {
local config_path="$CONFIG_DIR/dnscrypt-proxy-$1.conf"
create_config_file $1 "$config_path"
procd_open_instance
procd_set_param command $PROG "$config_path"
procd_close_instance
}
create_config_file() {
local address port resolver resolvers_list ephemeral_keys client_key log_level syslog syslog_prefix local_cache query_log_file block_ipv6 provider_name provider_key resolver_address
local config_path="$2"
local plugins_support_enabled=$(dnscrypt-proxy --version | grep 'Support for plugins: present' | wc -l)
[ ! -d "$CONFIG_DIR" ] && mkdir -p "$CONFIG_DIR"
[ -f "$config_path" ] && rm "$config_path"
config_get address $1 'address' '127.0.0.1'
config_get port $1 'port' '5353'
config_get resolver $1 'resolver' ''
config_get provider_name $1 'providername' ''
config_get provider_key $1 'providerkey' ''
config_get resolver_address $1 'resolveraddress' ''
config_get resolvers_list $1 'resolvers_list' '/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv'
config_get client_key $1 'client_key' ''
config_get syslog_prefix $1 'syslog_prefix' 'dnscrypt-proxy'
config_get query_log_file $1 'query_log_file' ''
config_get log_level $1 'log_level' '6'
config_get blacklist $1 'blacklist' ''
config_get_bool syslog $1 'syslog' '1'
config_get_bool ephemeral_keys $1 'ephemeral_keys' '0'
config_get_bool local_cache $1 'local_cache' '0'
config_get_bool block_ipv6 $1 'block_ipv6' '0'
append_param_not_empty "ResolverName" "$resolver" $config_path
append_param "ResolversList" "$resolvers_list" $config_path
append_param_not_empty "ProviderName" "$provider_name" $config_path
append_param_not_empty "ProviderKey" "$provider_key" $config_path
append_param_not_empty "ResolverAddress" "$resolver_address" $config_path
append_param "User" "$USER" $config_path
append_param "LocalAddress" "$address:$port" $config_path
append_param_not_empty "ClientKey" "$client_key" $config_path
append_on_off "EphemeralKeys" $ephemeral_keys $config_path
append_param "LogLevel" "$log_level" $config_path
append_on_off "Syslog" $syslog $config_path
append_param "SyslogPrefix" "$syslog_prefix" $config_path
append_on_off "LocalCache" $local_cache $config_path
append_param_not_empty "QueryLogFile" "$query_log_file" $config_path
if [ $plugins_support_enabled -ne 0 ] && [ $block_ipv6 -ne 0 ]
then
append_yes_no "BlockIPv6" $block_ipv6 $config_path
elif [ $block_ipv6 -ne 0 ]
then
log_ignored_param "block_ipv6"
fi
if [ $plugins_support_enabled -ne 0 ] && [ -n "$blacklist" ]
then
config_list_foreach $1 'blacklist' append_blacklists $config_path
elif [ -n "$blacklist" ]
then
log_ignored_param "blacklist"
fi
}
log_ignored_param() {
local param_name=$1
logger -t dnscrypt-proxy -p user.warn "dnscrypt-proxy plugins support not present, ignoring '$param_name' parameter."
}
append_on_off() {
local param_name=$1
local param_value=$2
local config_path=$3
local value
if [ $param_value -eq 1 ]
then
value="on"
else
value="off"
fi
echo "$param_name $value" >> $config_path
}
append_yes_no() {
local param_name=$1
local param_value=$2
local config_path=$3
local value
if [ $param_value -eq 1 ]
then
value="yes"
else
value="no"
fi
echo "$param_name $value" >> $config_path
}
append_param() {
local param_name=$1
local param_value=$2
local config_path=$3
echo "$param_name $param_value" >> $config_path
}
append_param_not_empty() {
local param_name=$1
local param_value=$2
local config_path=$3
if [ ! -z "$param_value" -a "$param_value" != " " ]
then
append_param "$param_name" "$param_value" "$config_path"
fi
}
append_blacklists() {
local value="$1"
local config_path="$2"
append_param_not_empty "BlackList" "$value" $config_path
}
start_service() {
if [ -n "${dnscrypt_boot}" ]
then
return 0
fi
config_load dnscrypt-proxy
config_foreach dnscrypt_instance dnscrypt-proxy
}
service_triggers() {
local trigger
local triggerlist="$(uci_get dnscrypt-proxy.@global[0].procd_trigger)"
PROCD_RELOAD_DELAY=2000
if [ -n "${triggerlist}" ]
then
for trigger in ${triggerlist}
do
procd_add_interface_trigger "interface.*.up" "${trigger}" /etc/init.d/dnscrypt-proxy reload
done
else
procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/dnscrypt-proxy reload
fi
procd_add_reload_trigger 'dnscrypt-proxy'
}