#!/bin/bash # # Slackware initialization script for Unbound. UNBOUND=/usr/sbin/unbound CONFIG=/etc/unbound/unbound.conf PIDFILE=/run/unbound/unbound.pid LOGDIR=/var/log/unbound # Unbound-control is useful but I'm not going to cram it # down your throat. Set this to "yes" to disable unbound-control # initial setup. Note that you'll need to disable control port # in unbound.conf so Unbound will actually start. DISABLE_UNBOUND_CONTROL="no" # As part of the initial checks, the script makes sure that # $LOGDIR exists. It's mostly for cases where admin accidentally # deletes the entire log folder rather than individual logs. # If you don't use logging at all, have a custom setup or # just want to skip these checks, set this to "yes". DISABLE_LOGDIR_CHECKS="no" initchecks() { # Look out for a stale pidfile. If there's one, remove it. # This shouldn't be necessary unless the system was shutdown uncleanly # or if Unbound crashes. if [ -e $PIDFILE ] && [ ! $(pidof unbound) ]; then echo "Looks like Unbound isn't running but there's a stale pid file." echo "Removing $PIDFILE" rm -vf $PIDFILE fi # Check that /run/unbound exists. If not, create and chown it. if [ ! -e $(dirname $PIDFILE) ]; then mkdir -p $(dirname $PIDFILE) chown unbound:unbound $(dirname $PIDFILE) fi # Run the initial setup for unbound-control unless it's disabled. # Mostly relevant for the first time run. if [ ! -e $(dirname $CONFIG)/unbound_server.pem ] && [ "$DISABLE_UNBOUND_CONTROL" == "no" ]; then echo "Unbound-control: unbound_server.pem not found." echo "This is normal for the first run." echo "Running initial setup to generate certificates: /usr/sbin/unbound-control-setup" /usr/sbin/unbound-control-setup || exit 1 fi # Deleted the entire log directory by accident? Oh well, bound to happen. # Let's fix that right away. if [ "$DISABLE_LOGDIR_CHECKS" == "no" ] then if [ ! -d "$LOGDIR" ]; then echo -n "Unbound log directory not found. Attempting to recreate it... " mkdir $LOGDIR && echo "Success!" fi if [ $(stat -c "%U:%G" "$LOGDIR") != "unbound:unbound" ]; then echo -n "Fixing permissions on the log folder $LOGDIR... " chown -R unbound:unbound $LOGDIR && echo "Success!" fi fi } start() { initchecks if [ -r $PIDFILE ]; then echo 'Unbound is already running!' return else echo "Starting Unbound DNS validating resolver..." $UNBOUND -c $CONFIG || echo "Failed to start! The error messages above might help." fi } stop() { if [ ! -r $PIDFILE ]; then echo 'Unbound is not running.' return fi echo "Stopping Unbound DNS validating resolver..." kill `cat $PIDFILE` rm -f $PIDFILE } reload() { if [ ! -r $PIDFILE ]; then echo 'Unbound is not running.' return fi echo "Sending SIGHUP to Unbound..." kill -HUP `cat $PIDFILE` } case "$1" in 'start') start ;; 'stop') stop ;; 'restart') stop sleep 1 start ;; 'reload') reload ;; *) echo "Usage: $0 {start|stop|reload|restart}" exit 1 ;; esac