remove perl dependency, use -local configs

2016-09-19 14:49:10 +02:00 · 2016-09-19 14:49:10 +02:00 · 3399a0dd8c
commit 3399a0dd8c
parent 095056017e
12 changed files with 50 additions and 121 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,14 +1,14 @@
 unbound:
    build: unbound
-    hostname: unbound.mock.zknt.org
+    hostname: unbound
    dns: 127.0.0.1
    links:
-        - nsd:nsd.mock.zknt.org
+      - nsd
    volumes:
-        - "./unbound.conf:/etc/unbound/unbound.conf:ro"
+      - "./unbound-local.conf:/unbound-local.conf:ro"
 nsd:
    build: nsd
-    hostname: nsd.mock.zknt.org
+    hostname: nsd
    volumes:
-        - "./zones:/zones"
-        - "./nsd.conf:/etc/nsd/nsd.conf:ro"
+      - "./zones:/zones"
+      - "./nsd-local.conf:/etc/nsd/nsd-local.conf:ro"
--- a/nsd-local.conf
+++ b/nsd-local.conf
@ -0,0 +1,6 @@
+zone:
+    name: 168.192.in-addr.arpa
+    zonefile: "/zones/%s.zone"
+zone:
+    name: local
+    zonefile: "/zones/%s.zone"
--- a/nsd.conf
+++ b/nsd.conf
@ -1,12 +0,0 @@
-server:
-    server-count: 1
-    pidfile: "/var/run/nsd.pid"
-
-    verbosity: 1
-    hide-version: yes
-
-    statistics: 3600
-
-zone:
-    name: 168.192.in-addr.arpa
-    zonefile: "/zones/%s.zone"
--- a/nsd/nsd.conf
+++ b/nsd/nsd.conf
@ -6,3 +6,5 @@ server:
    hide-version: yes

    statistics: 3600
+
+    include: /etc/nsd/nsd-local.conf
--- a/unbound-local.conf
+++ b/unbound-local.conf
@ -0,0 +1,14 @@
+    domain-insecure: 168.192.in-addr.arpa.
+    private-address: 192.168.0.0/16
+    local-zone: "168.192.in-addr.arpa." nodefault
+
+    domain-insecure: local
+    private-domain: local
+    local-zone: local. nodefault
+
+stub-zone:
+    name: "168.192.in-addr.arpa."
+    stub-addr: {{nsd}}
+stub-zone:
+    name: local.
+    stub-addr: {{nsd}}
--- a/unbound.conf
+++ b/unbound.conf
@ -1,23 +0,0 @@
-server:
-    verbosity: 2
-    statistics-interval: 3600
-
-    interface: 0.0.0.0
-
-    # accept anything, firewall your ports!
-    access-control: 0.0.0.0/0 allow
-    logfile: ""
-    log-time-ascii: yes
-    log-queries: yes
-
-    root-hints: /etc/unbound/root.hints
-    trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
-    include: /etc/unbound/localzone.conf.new
-
-    domain-insecure: 168.192.in-addr.arpa.
-    private-address: 192.168.0.0/16
-    local-zone: "168.192.in-addr.arpa." nodefault
-
-forward-zone:
-    name: "168.192.in-addr.arpa."
-    forward-host: nsd.mock.zknt.org.
--- a/unbound/Dockerfile
+++ b/unbound/Dockerfile
@ -1,8 +1,7 @@
 FROM alpine:3.4
-RUN apk --no-cache add unbound perl &&\
+RUN apk --no-cache add unbound &&\
  unbound-anchor
 COPY unbound.conf /etc/unbound/unbound.conf
-COPY build-unbound-localzone-from-hosts.pl /
 COPY entrypoint.sh /
 EXPOSE 53
 CMD ["/entrypoint.sh", "-d"]
--- a/unbound/build-unbound-localzone-from-hosts.pl
+++ b/unbound/build-unbound-localzone-from-hosts.pl
@ -1,67 +0,0 @@
-#!/usr/bin/perl -WT
-
-use strict;
-use warnings;
-
-my $hostsfile = '/etc/hosts';
-my $localzonefile = '/etc/unbound/localzone.conf.new';
-
-my $localzone = 'example.com';
-
-open( HOSTS,"<${hostsfile}" ) or die( "Could not open ${hostsfile}: $!" );
-open( ZONE,">${localzonefile}" ) or die( "Could not open ${localzonefile}: $!" );
-
-print ZONE "server:\n\n";
-print ZONE "local-zone: \"${localzone}\" transparent\n\n";
-
-my %ptrhash;
-
-while ( my $hostline = <HOSTS> ) {
-
-	# Skip comments
-	if ( $hostline !~ "^#" and $hostline !~ '^\s+$' ) {
-
-		my @entries = split( /\s+/, $hostline );
-
-		my $ip;
-
-		my $count = 0;
-		foreach my $entry ( @entries ) {
-			if ( $count == 0 ) {
-				$ip = $entry;
-			} else {
-
-				if ( $count == 1) {
-
-					# Only return localhost for 127.0.0.1 and ::1
-					if ( ($ip ne '127.0.0.1' and $ip ne '::1') or $entry =~ 'localhost' ) {
-						if ( ! defined $ptrhash{$ip} ) {
-							$ptrhash{$ip} = $entry;
-							print ZONE "local-data-ptr: \"$ip $entry\"\n";
-						}
-					}
-
-				}
-
-				# Use AAAA for IPv6 addresses
-				my $a = 'A';
-				if ( $ip =~ ':' ) {
-					$a = 'AAAA';
-				}
-
-				print ZONE "local-data: \"$entry ${a} $ip\"\n";
-
-			}
-			$count++;
-		}
-		print ZONE "\n";
-
-
-	}
-}
-
-
-
-
-__END__
-
--- a/unbound/entrypoint.sh
+++ b/unbound/entrypoint.sh
@ -1,3 +1,3 @@
 #!/bin/sh
-/usr/bin/perl -T /build-unbound-localzone-from-hosts.pl
+sed "s/{{nsd}}/$(grep nsd /etc/hosts | awk -F' ' '{print $1}' | head -1)/g" /unbound-local.conf > /etc/unbound/unbound-local.conf
 /usr/sbin/unbound $@
--- a/unbound/unbound.conf
+++ b/unbound/unbound.conf
@ -11,4 +11,4 @@ server:

    root-hints: /etc/unbound/root.hints
    trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
-    include: /etc/unbound/localzone.conf.new
+    include: /etc/unbound/unbound-local.conf
--- a/zones/168.192.in-addr.arpa.zone
+++ b/zones/168.192.in-addr.arpa.zone
@ -1,12 +1,11 @@
 $ORIGIN 168.192.in-addr.arpa.
 $TTL 1800
-@       IN      SOA     ns1.mock.zknt.org.      hostmaster.zknt.org. (
-        2014070201        ; serial number
-        3600                    ; refresh
-        900                     ; retry
-        1209600                 ; expire
-        1800                    ; ttl
+@       SOA     nsd.      hostmaster.nsd. (
+        2016091901
+        3600
+        900
+        1209600
+        1800
        )
-        IN      NS      ns1.mock.zknt.org.
-
-1.0            IN      PTR     foo.bar.
+        NS      nsd.
+1.0     PTR     foo.local.
--- a/zones/local.zone
+++ b/zones/local.zone
@ -0,0 +1,11 @@
+$ORIGIN local.
+$TTL 1800
+@ SOA nsd. hostmaster.nsd. (
+                2016091901
+                3600
+                900
+                1209600
+                1800
+        )
+        NS      nsd.
+foo     A       192.168.0.1