blob: 9e5ce3a54bfd15502bb7bbf984da4c8f28e623f0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
#!/bin/bash
# dnsmasq DNS server with cache installation on Raspbian
#
# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
# GPL licensed (see end of file) * Use at your own risk!
#
# More at: https://ownyourbits.com/2017/03/09/dnsmasq-as-dns-cache-server-for-nextcloudpi-and-raspbian/
#
install()
{
set -x
apt-get update
apt-get install --no-install-recommends -y dnsmasq
rc=0
service dnsmasq status > /dev/null 2>&1 || rc=$?
! is_docker && [[ $rc -eq 3 ]] && ! [[ "$INIT_SYSTEM" =~ ^("chroot"|"unknown")$ ]] && {
echo "Applying workaround for dnsmasq bug (compare issue #1446)"
service systemd-resolved stop || true
service dnsmasq start
service dnsmasq status
}
service dnsmasq stop
[[ "$INIT_SYSTEM" == "systemd" ]] && service systemd-resolved start || true
update-rc.d dnsmasq disable || rm /etc/systemd/system/multi-user.target.wants/dnsmasq.service
[[ "$DOCKERBUILD" == 1 ]] && {
cat > /etc/services-available.d/100dnsmasq <<EOF
#!/bin/bash
source /usr/local/etc/library.sh
[[ "\$1" == "stop" ]] && {
echo "stopping dnsmasq..."
service dnsmasq stop
exit 0
}
persistent_cfg /etc/dnsmasq.conf
echo "Starting dnsmasq..."
service dnsmasq start
exit 0
EOF
chmod +x /etc/services-available.d/100dnsmasq
}
return 0
}
configure()
{
[[ $ACTIVE != "yes" ]] && {
service dnsmasq stop
update-rc.d dnsmasq disable
echo "dnmasq disabled"
return
}
local IFACE IP
IFACE=$( ip r | grep "default via" | awk '{ print $5 }' | head -1 )
IP=$( ncc config:system:get trusted_domains 6 | grep -oP '\d{1,3}(.\d{1,3}){3}' )
[[ "$IP" == "" ]] && IP="$(get_ip)"
[[ "$IP" == "" ]] && { echo "could not detect IP"; return 1; }
cat > /etc/dnsmasq.conf <<EOF
interface=$IFACE
domain-needed # Never forward plain names (without a dot or domain part)
bogus-priv # Never forward addresses in the non-routed address spaces.
no-poll # Don't poll for changes in /etc/resolv.conf
no-resolv # Don't use /etc/resolv.conf or any other file
cache-size=$CACHESIZE
server=$DNSSERVER
address=/$DOMAIN/$IP # This is optional if we add it to /etc/hosts
EOF
# required to run in container
test -d /data && echo "user=root" >> /etc/dnsmasq.conf
sed -i 's|#\?IGNORE_RESOLVCONF=.*|IGNORE_RESOLVCONF=yes|' /etc/default/dnsmasq
update-rc.d dnsmasq defaults
update-rc.d dnsmasq enable
service dnsmasq restart
ncc config:system:set trusted_domains 2 --value="$DOMAIN"
set-nc-domain "$DOMAIN" --no-trusted-domain
echo "dnsmasq enabled"
}
# License
#
# This script is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this script; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
# Boston, MA 02111-1307 USA
|
