~alpine/aports

[alpine-aports] [PATCH 2/2] testing/pdns-recursor: New aport

Olivier Mauras <olivier@mauras.ch>
Details
Message ID
<20160816192904.16ef6f92a1c5c89a397b7b7b@mauras.ch>
Sender timestamp
1471368544
DKIM signature
missing
Download raw message
7 years ago
Patch: +555 -0 
- Will use "recursor" account instead of "pdns" to have both recursor and auth servers installed  without them messing with each others users
- Included config only modify uid/gid and port on 5353 so that it could work by default with pdns
---
 testing/pdns-recursor/APKBUILD                     |  66 +++
 testing/pdns-recursor/pdns-recursor.initd          |  27 ++
 testing/pdns-recursor/pdns-recursor.post-deinstall |   4 +
 testing/pdns-recursor/pdns-recursor.pre-install    |   6 +
 testing/pdns-recursor/recursor.conf                | 452 +++++++++++++++++++++
 5 files changed, 555 insertions(+)
 create mode 100644 testing/pdns-recursor/APKBUILD
 create mode 100644 testing/pdns-recursor/pdns-recursor.initd
 create mode 100644 testing/pdns-recursor/pdns-recursor.post-deinstall
 create mode 100644 testing/pdns-recursor/pdns-recursor.pre-install
 create mode 100644 testing/pdns-recursor/recursor.conf

diff --git a/testing/pdns-recursor/APKBUILD b/testing/pdns-recursor/APKBUILD
new file mode 100644
index 0000000..5b43765
--- /dev/null
+++ b/testing/pdns-recursor/APKBUILD
@@ -0,0 +1,66 @@
# Contributor: Olivier Mauras <olivier@mauras.ch>
pkgname=pdns-recursor
pkgver=4.0.1
pkgrel=0
pkgdesc="PowerDNS Recursive Server"
url="http://www.powerdns.com/"
arch="all"
license="GPL"
depends=""
depends_dev=""
makedepends="$depends_dev boost-dev lua-dev"
install="$pkgname.pre-install $pkgname.post-deinstall"
subpackages="$pkgname-doc"
pkgusers="pdns"
pkggroups="pdns"
source="http://downloads.powerdns.com/releases/pdns-recursor-$pkgver.tar.bz2
	pdns-recursor.initd
	recursor.conf
	"

_builddir="$srcdir/$pkgname-$pkgver"

prepare() {
	local i
	cd "$_builddir"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done
}

build() {
	cd "$_builddir"
	./configure --prefix=/usr \
		--sysconfdir=/etc/pdns \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--localstatedir=/var \
		--libdir=/usr/lib/pdns \
		--disable-static \
		|| return 1
	make || return 1
}

package() {
	cd "$_builddir"
	make DESTDIR="$pkgdir" install || return 1
	rm "$pkgdir"/etc/pdns/recursor.conf-dist || return 1

	install -m755 -D "$srcdir"/$pkgname.initd \
		"$pkgdir"/etc/init.d/$pkgname || return 1

	install -m600 -D "$srcdir"/recursor.conf \
		"$pkgdir"/etc/pdns/recursor.conf || return 1
}

md5sums="5ef062610de3d193ebe63a615263df7e  pdns-recursor-4.0.1.tar.bz2
35f373bae0503632088956fa14754e4e  pdns-recursor.initd
2950b9932de6baae360f220c7686f520  recursor.conf"
sha256sums="472db541307c8ca83a846d260ecfc854fd8e879c1bb2ce5683a8df5d21e860b0  pdns-recursor-4.0.1.tar.bz2
215d916383e3cba184f8418b98cd2ced146500006e21e2efeb0ee5b53f3df049  pdns-recursor.initd
12bdbf651db0c7fe63ddb01a239a5ddd40825f50811a5d3f4d13cda294bd0344  recursor.conf"
sha512sums="3e69606bda3d296b0c3fd9212afa2a098ab04637718356d220a9490bc3e2a0ca97210934d398ad740509cea9e8f8d2ab2e16a1ba75d559f6b82bf64a729ad018  pdns-recursor-4.0.1.tar.bz2
f23cb30d943e0b0aea09371dc57aa43e55b8f91062a3caa3fac17e3565a8e36dfd304f45eba588f625ca2337cd2ade450ea5ae1776872c006204cdaf912f6651  pdns-recursor.initd
954df537693a202fc195e751011bbfaa605b3f3df42ac386fa82eb809b73c2b987f5e418b5c96bb3b0669497426ce0daa39a719844701e06990b82843a4cf0d4  recursor.conf"
diff --git a/testing/pdns-recursor/pdns-recursor.initd b/testing/pdns-recursor/pdns-recursor.initd
new file mode 100644
index 0000000..80e851d
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.initd
@@ -0,0 +1,27 @@
#!/sbin/openrc-run
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns/files/pdns,v 1.10 2007/05/07 20:19:18 swegener Exp $

name=pdns-recursor
daemon=/usr/sbin/pdns_recursor
recursor_control=/usr/bin/rec_control

extra_started_commands="dump reload"

depend() {
	need net
	after firewall
}

start() {
	ebegin "Starting PowerDNS recursor"
	${daemon}
	eend $?
}

stop() {
	ebegin "Stopping PowerDNS recursor"
	${recursor_control} quit &>/dev/null
	eend $?
}
diff --git a/testing/pdns-recursor/pdns-recursor.post-deinstall b/testing/pdns-recursor/pdns-recursor.post-deinstall
new file mode 100644
index 0000000..a7604db
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.post-deinstall
@@ -0,0 +1,4 @@
#!/bin/sh

deluser recursor 2>/dev/null
exit 0
diff --git a/testing/pdns-recursor/pdns-recursor.pre-install b/testing/pdns-recursor/pdns-recursor.pre-install
new file mode 100644
index 0000000..ece3a78
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.pre-install
@@ -0,0 +1,6 @@
#!/bin/sh

addgroup -S recursor 2>/dev/null
adduser -S -D -H -h /var/empty -s /bin/false -G recursor -g recursor recursor 2>/dev/null

exit 0
diff --git a/testing/pdns-recursor/recursor.conf b/testing/pdns-recursor/recursor.conf
new file mode 100644
index 0000000..1db3127
--- /dev/null
+++ b/testing/pdns-recursor/recursor.conf
@@ -0,0 +1,452 @@
# Autogenerated configuration file template
#################################
# allow-from	If set, only allow these comma separated netmasks to recurse
#
# allow-from=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10

#################################
# allow-from-file	If set, load allowed netmasks from this file
#
# allow-from-file=

#################################
# any-to-tcp	Answer ANY queries with tc=1, shunting to TCP
#
# any-to-tcp=no

#################################
# api-config-dir	Directory where REST API stores config and zones
#
# api-config-dir=

#################################
# api-key	Static pre-shared authentication key for access to the REST API
#
# api-key=

#################################
# api-logfile	Location of the server logfile (used by the REST API)
#
# api-logfile=/var/log/pdns.log

#################################
# api-readonly	Disallow data modification through the REST API when set
#
# api-readonly=no

#################################
# auth-zones	Zones for which we have authoritative data, comma separated domain=file pairs 
#
# auth-zones=

#################################
# carbon-interval	Number of seconds between carbon (graphite) updates
#
# carbon-interval=30

#################################
# carbon-ourname	If set, overrides our reported hostname for carbon stats
#
# carbon-ourname=

#################################
# carbon-server	If set, send metrics in carbon (graphite) format to this server
#
# carbon-server=

#################################
# chroot	switch to chroot jail
#
# chroot=

#################################
# client-tcp-timeout	Timeout in seconds when talking to TCP clients
#
# client-tcp-timeout=2

#################################
# config-dir	Location of configuration directory (recursor.conf)
#
# config-dir=/etc

#################################
# config-name	Name of this virtual configuration - will rename the binary image
#
# config-name=

#################################
# daemon	Operate as a daemon
#
daemon=yes

#################################
# delegation-only	Which domains we only accept delegations from
#
# delegation-only=

#################################
# disable-packetcache	Disable packetcache
#
# disable-packetcache=no

#################################
# disable-syslog	Disable logging to syslog, useful when running inside a supervisor that logs stdout
#
# disable-syslog=no

#################################
# dnssec	DNSSEC mode: off/process-no-validate (default)/process/log-fail/validate
#
# dnssec=process-no-validate

#################################
# dnssec-log-bogus	Log DNSSEC bogus validations
#
# dnssec-log-bogus=no

#################################
# dont-query	If set, do not query these netmasks for DNS data
#
# dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32

#################################
# edns-outgoing-bufsize	Outgoing EDNS buffer size
#
# edns-outgoing-bufsize=1680

#################################
# edns-subnet-whitelist	List of netmasks and domains that we should enable EDNS subnet for
#
# edns-subnet-whitelist=

#################################
# entropy-source	If set, read entropy from this file
#
# entropy-source=/dev/urandom

#################################
# etc-hosts-file	Path to 'hosts' file
#
# etc-hosts-file=/etc/hosts

#################################
# export-etc-hosts	If we should serve up contents from /etc/hosts
#
# export-etc-hosts=off

#################################
# export-etc-hosts-search-suffix	Also serve up the contents of /etc/hosts with this suffix
#
# export-etc-hosts-search-suffix=

#################################
# forward-zones	Zones for which we forward queries, comma separated domain=ip pairs
#
# forward-zones=

#################################
# forward-zones-file	File with (+)domain=ip pairs for forwarding
#
# forward-zones-file=

#################################
# forward-zones-recurse	Zones for which we forward queries with recursion bit, comma separated domain=ip pairs
#
# forward-zones-recurse=

#################################
# hint-file	If set, load root hints from this file
#
# hint-file=

#################################
# include-dir	Include *.conf files from this directory
#
# include-dir=

#################################
# latency-statistic-size	Number of latency values to calculate the qa-latency average
#
# latency-statistic-size=10000

#################################
# local-address	IP addresses to listen on, separated by spaces or commas. Also accepts ports.
#
# local-address=127.0.0.1

#################################
# local-port	port to listen on
#
local-port=5353

#################################
# log-common-errors	If we should log rather common errors
#
# log-common-errors=no

#################################
# logging-facility	Facility to log messages as. 0 corresponds to local0
#
# logging-facility=

#################################
# loglevel	Amount of logging. Higher is more. Do not set below 3
#
# loglevel=4

#################################
# lowercase-outgoing	Force outgoing questions to lowercase
#
# lowercase-outgoing=no

#################################
# lua-config-file	More powerful configuration options
#
# lua-config-file=

#################################
# lua-dns-script	Filename containing an optional 'lua' script that will be used to modify dns answers
#
# lua-dns-script=

#################################
# max-cache-entries	If set, maximum number of entries in the main cache
#
# max-cache-entries=1000000

#################################
# max-cache-ttl	maximum number of seconds to keep a cached entry in memory
#
# max-cache-ttl=86400

#################################
# max-mthreads	Maximum number of simultaneous Mtasker threads
#
# max-mthreads=2048

#################################
# max-negative-ttl	maximum number of seconds to keep a negative cached entry in memory
#
# max-negative-ttl=3600

#################################
# max-packetcache-entries	maximum number of entries to keep in the packetcache
#
# max-packetcache-entries=500000

#################################
# max-qperq	Maximum outgoing queries per query
#
# max-qperq=50

#################################
# max-tcp-clients	Maximum number of simultaneous TCP clients
#
# max-tcp-clients=128

#################################
# max-tcp-per-client	If set, maximum number of TCP sessions per client (IP address)
#
# max-tcp-per-client=0

#################################
# max-total-msec	Maximum total wall-clock time per query in milliseconds, 0 for unlimited
#
# max-total-msec=7000

#################################
# minimum-ttl-override	Set under adverse conditions, a minimum TTL
#
# minimum-ttl-override=0

#################################
# network-timeout	Wait this nummer of milliseconds for network i/o
#
# network-timeout=1500

#################################
# no-shuffle	Don't change
#
# no-shuffle=off

#################################
# non-local-bind	Enable binding to non-local addresses by using FREEBIND / BINDANY socket options
#
# non-local-bind=no

#################################
# packetcache-servfail-ttl	maximum number of seconds to keep a cached servfail entry in packetcache
#
# packetcache-servfail-ttl=60

#################################
# packetcache-ttl	maximum number of seconds to keep a cached entry in packetcache
#
# packetcache-ttl=3600

#################################
# pdns-distributes-queries	If PowerDNS itself should distribute queries over threads
#
# pdns-distributes-queries=

#################################
# processes	Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)
#
# processes=1

#################################
# query-local-address	Source IP address for sending queries
#
# query-local-address=0.0.0.0

#################################
# query-local-address6	Source IPv6 address for sending queries. IF UNSET, IPv6 WILL NOT BE USED FOR OUTGOING QUERIES
#
# query-local-address6=

#################################
# quiet	Suppress logging of questions and answers
#
# quiet=

#################################
# reuseport	Enable SO_REUSEPORT allowing multiple recursors processes to listen to 1 address
#
# reuseport=no

#################################
# root-nx-trust	If set, believe that an NXDOMAIN from the root means the TLD does not exist
#
# root-nx-trust=yes

#################################
# security-poll-suffix	Domain name from which to query security update notifications
#
# security-poll-suffix=secpoll.powerdns.com.

#################################
# serve-rfc1918	If we should be authoritative for RFC 1918 private IP space
#
# serve-rfc1918=

#################################
# server-down-max-fails	Maximum number of consecutive timeouts (and unreachables) to mark a server as down ( 0 => disabled )
#
# server-down-max-fails=64

#################################
# server-down-throttle-time	Number of seconds to throttle all queries to a server after being marked as down
#
# server-down-throttle-time=60

#################################
# server-id	Returned when queried for 'server.id' TXT or NSID, defaults to hostname
#
# server-id=

#################################
# setgid	If set, change group id to this gid for more security
#
setgid=recursor

#################################
# setuid	If set, change user id to this uid for more security
#
setuid=recursor

#################################
# single-socket	If set, only use a single socket for outgoing queries
#
# single-socket=off

#################################
# soa-minimum-ttl	Don't change
#
# soa-minimum-ttl=0

#################################
# socket-dir	Where the controlsocket will live, /var/run when unset and not chrooted
#
# socket-dir=

#################################
# socket-group	Group of socket
#
# socket-group=

#################################
# socket-mode	Permissions for socket
#
# socket-mode=

#################################
# socket-owner	Owner of socket
#
# socket-owner=

#################################
# spoof-nearmiss-max	If non-zero, assume spoofing after this many near misses
#
# spoof-nearmiss-max=20

#################################
# stack-size	stack size per mthread
#
# stack-size=200000

#################################
# stats-ringbuffer-entries	maximum number of packets to store statistics for
#
# stats-ringbuffer-entries=10000

#################################
# threads	Launch this number of threads
#
# threads=2

#################################
# trace	if we should output heaps of logging. set to 'fail' to only log failing domains
#
# trace=off

#################################
# udp-truncation-threshold	Maximum UDP response size before we truncate
#
# udp-truncation-threshold=1680

#################################
# version-string	string reported on version.pdns or version.bind
#
# version-string=PowerDNS Recursor 4.0.1 (built Aug 15 2016 11:06:59 by coredumb@alpine-dev.internal)

#################################
# webserver	Start a webserver (for REST API)
#
# webserver=no

#################################
# webserver-address	IP Address of webserver to listen on
#
# webserver-address=127.0.0.1

#################################
# webserver-allow-from	Webserver access is only allowed from these subnets
#
# webserver-allow-from=0.0.0.0/0,::/0

#################################
# webserver-password	Password required for accessing the webserver
#
# webserver-password=

#################################
# webserver-port	Port of webserver to listen on
#
# webserver-port=8082

#################################
# write-pid	Write a PID file
#
# write-pid=yes


-- 
2.8.3
Reply to thread Export thread (mbox)