408047628e
With growing interest, DNS over TLS can be setup in Unbounds foward-zone: clause. A broader UCI solution is added to support forward-, stub-, and auth- zone clauses in a new 'zone' section. This implentation required reworking scripts, because they did not scale. 'forward_domain' and 'prefetch_root' options are removed, and superceded by 'zone' section. Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
27 lines
946 B
Bash
Executable file
27 lines
946 B
Bash
Executable file
#!/bin/sh
|
|
##############################################################################
|
|
#
|
|
# Copyright (C) 2016 Eric Luehrsen
|
|
#
|
|
##############################################################################
|
|
#
|
|
# "Restart" Unbound on hotplug NTP ready:
|
|
# - Only do this the first time when no file exists
|
|
# - Some of Unbound conf options to not reload run time
|
|
# - Change the enable flag for DNSSEC date-time checking
|
|
#
|
|
##############################################################################
|
|
|
|
# Common file location definitions
|
|
. /usr/lib/unbound/defaults.sh
|
|
|
|
##############################################################################
|
|
|
|
if [ ! -f "$UB_TIME_FILE" -a "$ACTION" = stratum ] ; then
|
|
date -Is > $UB_TIME_FILE
|
|
/etc/init.d/unbound enabled && /etc/init.d/unbound restart
|
|
# Yes, hard RESTART. We need to be absolutely sure to enable DNSSEC.
|
|
fi
|
|
|
|
##############################################################################
|
|
|