From 5ba5b488f8fac6804a7174e8797f9af8ab88d39b Mon Sep 17 00:00:00 2001 From: Matt Simerson Date: Sat, 21 Sep 2024 21:21:28 -0700 Subject: [PATCH] knot: test knot w/default .conf knot may need network binds and be unable to run with production config --- provision/knot.sh | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/provision/knot.sh b/provision/knot.sh index 523b0b07..f7599de0 100755 --- a/provision/knot.sh +++ b/provision/knot.sh @@ -1,6 +1,8 @@ #!/bin/sh -. mail-toaster.sh || exit +set -e + +. mail-toaster.sh export JAIL_START_EXTRA="" export JAIL_CONF_EXTRA="" @@ -11,10 +13,9 @@ mt6-include user install_knot() { tell_status "installing Knot DNS 3" - stage_pkg_install knot3 rsync || exit + stage_pkg_install knot3 rsync install_nrpe - install_sentry } install_nrpe() @@ -34,18 +35,19 @@ configure_knot() { for _d in etc home home/knot; do if [ ! -d "$STAGE_MNT/data/$_d" ]; then - mkdir "$STAGE_MNT/data/$_d" || exit + mkdir "$STAGE_MNT/data/$_d" fi done chown -R 553:553 "$STAGE_MNT/data/home/knot" - local _cfg="$STAGE_MNT/data/etc/knot.conf" - if [ -f $_cfg ]; then - tell_status "preserving knot.conf" - else - tell_status "installing default knot.conf" - cp "$STAGE_MNT/usr/local/etc/knot/knot.conf.sample" "$_cfg" || exit 1 + local _cfg="$STAGE_MNT/usr/local/etc/knot/knot.conf" + if [ ! -f "$_cfg" ] && [ -f "$_cfg.sample" ]; then + tell_status "installing default $_cfg" + cp "$_cfg.sample" "$_cfg" + fi + + if grep -qs '^#[[:space:]]*listen' "$_cfg"; then sed -i '' \ -e '/^#[[:space:]]*listen:/ s/^#//' \ "$_cfg" @@ -53,16 +55,15 @@ configure_knot() stage_sysrc sshd_enable=YES stage_sysrc knot_enable=YES - stage_sysrc knot_config=/data/etc/knot.conf - stage_exec pw user mod knot -d /data/home/knot -s /bin/sh preserve_passdb knot + stage_exec pw user mod knot -d /data/home/knot -s /bin/sh } start_knot() { tell_status "starting knot daemon" - stage_exec service knot start || exit 1 + stage_exec service knot start } test_knot() @@ -74,13 +75,18 @@ test_knot() echo "it worked." tell_status "testing UDP DNS query" - drill -Q www.example.com @"$(get_jail_ip stage)" || exit 1 + drill -Q www.example.com @"$(get_jail_ip stage)" tell_status "testing TCP DNS query" - drill -Q -t www.example.com @"$(get_jail_ip stage)" || exit 1 + drill -Q -t www.example.com @"$(get_jail_ip stage)" + + if [ -f "$STAGE_MNT/data/etc/knot.conf" ]; then + tell_status "switching knot config to /data/etc/knot.conf" + stage_sysrc knot_config=/data/etc/knot.conf + fi } -base_snapshot_exists || exit +base_snapshot_exists create_staged_fs knot start_staged_jail knot install_knot