pygos/build
1
0
Fork 0
mirror of https://github.com/pygos/build.git synced 2024-05-18 11:36:13 +02:00
Code Issues Releases Wiki Activity

Fix unbound directory setup

Browse source 
- Move root.key into /etc/unbound directory
 - Remove pid file from config, it is baked into the configure options
 - Make sure unbound does not try to chroot anywhere

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
This commit is contained in:
David Oberhollenzer 2018-06-04 16:25:47 +02:00
parent 750d53d82d
commit 8c76110586
2 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkg/unbound/build
View file

@ -28,8 +28,6 @@ deploy() {
rm -r "$DEPLOY/share"
mkdir -p "$DEPLOY/var/lib/unbound"
cat_file_override "unbound.conf" > "$DEPLOY/etc/unbound/unbound.conf"
split_dev_deploy "$DEPLOY" "$DEVDEPLOY"
@ -46,7 +44,7 @@ deploy() {
type=$(echo $line | grep -o -e "<DigestType>[0-9]*</" | grep -o -w "[0-9]*")
digest=$(echo $line | grep -o -e "<Digest>[A-F0-9]*</" | grep -o -w "[A-F0-9]*")
echo ". IN DS $tag $alg $type $digest" >> "$DEPLOY/var/lib/unbound/root.key"
echo ". IN DS $tag $alg $type $digest" >> "$DEPLOY/etc/unbound/root.key"
done
}

5
product/router/unbound.conf
View file

@ -1,6 +1,4 @@
server:
pidfile: "/tmp/unbound.pid"
# allow only queries from local machine on port 5353
interface: 127.0.0.1
access-control: 127.0.0.0/8 allow
@ -10,4 +8,5 @@ server:
qname-minimisation: yes
# Root trust anchor key file for DNSSEC validation.
auto-trust-anchor-file: "/var/lib/unbound/root.key"
auto-trust-anchor-file: "/etc/unbound/root.key"
chroot: ""