Date: Tue, 16 Aug 2016 19:29:04 +0200
From: Olivier Mauras <olivier@mauras.ch>
To: alpine-aports@lists.alpinelinux.org
Subject: [alpine-aports] [PATCH 2/2] testing/pdns-recursor: New aport
Message-Id: <20160816192904.16ef6f92a1c5c89a397b7b7b@mauras.ch>
Precedence: list
Mime-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature";
 micalg="PGP-SHA256";
 boundary="Signature=_Tue__16_Aug_2016_19_29_04_+0200_cAOb/nTwoKMzFzQJ"

--Signature=_Tue__16_Aug_2016_19_29_04_+0200_cAOb/nTwoKMzFzQJ
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

- Will use "recursor" account instead of "pdns" to have both recursor and a=
uth servers installed  without them messing with each others users
- Included config only modify uid/gid and port on 5353 so that it could wor=
k by default with pdns
---
 testing/pdns-recursor/APKBUILD                     |  66 +++
 testing/pdns-recursor/pdns-recursor.initd          |  27 ++
 testing/pdns-recursor/pdns-recursor.post-deinstall |   4 +
 testing/pdns-recursor/pdns-recursor.pre-install    |   6 +
 testing/pdns-recursor/recursor.conf                | 452 +++++++++++++++++=
++++
 5 files changed, 555 insertions(+)
 create mode 100644 testing/pdns-recursor/APKBUILD
 create mode 100644 testing/pdns-recursor/pdns-recursor.initd
 create mode 100644 testing/pdns-recursor/pdns-recursor.post-deinstall
 create mode 100644 testing/pdns-recursor/pdns-recursor.pre-install
 create mode 100644 testing/pdns-recursor/recursor.conf

diff --git a/testing/pdns-recursor/APKBUILD b/testing/pdns-recursor/APKBUILD
new file mode 100644
index 0000000..5b43765
--- /dev/null
+++ b/testing/pdns-recursor/APKBUILD
@@ -0,0 +1,66 @@
+# Contributor: Olivier Mauras <olivier@mauras.ch>
+pkgname=3Dpdns-recursor
+pkgver=3D4.0.1
+pkgrel=3D0
+pkgdesc=3D"PowerDNS Recursive Server"
+url=3D"http://www.powerdns.com/"
+arch=3D"all"
+license=3D"GPL"
+depends=3D""
+depends_dev=3D""
+makedepends=3D"$depends_dev boost-dev lua-dev"
+install=3D"$pkgname.pre-install $pkgname.post-deinstall"
+subpackages=3D"$pkgname-doc"
+pkgusers=3D"pdns"
+pkggroups=3D"pdns"
+source=3D"http://downloads.powerdns.com/releases/pdns-recursor-$pkgver.tar=
.bz2
+	pdns-recursor.initd
+	recursor.conf
+	"
+
+_builddir=3D"$srcdir/$pkgname-$pkgver"
+
+prepare() {
+	local i
+	cd "$_builddir"
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+}
+
+build() {
+	cd "$_builddir"
+	./configure --prefix=3D/usr \
+		--sysconfdir=3D/etc/pdns \
+		--mandir=3D/usr/share/man \
+		--infodir=3D/usr/share/info \
+		--localstatedir=3D/var \
+		--libdir=3D/usr/lib/pdns \
+		--disable-static \
+		|| return 1
+	make || return 1
+}
+
+package() {
+	cd "$_builddir"
+	make DESTDIR=3D"$pkgdir" install || return 1
+	rm "$pkgdir"/etc/pdns/recursor.conf-dist || return 1
+
+	install -m755 -D "$srcdir"/$pkgname.initd \
+		"$pkgdir"/etc/init.d/$pkgname || return 1
+
+	install -m600 -D "$srcdir"/recursor.conf \
+		"$pkgdir"/etc/pdns/recursor.conf || return 1
+}
+
+md5sums=3D"5ef062610de3d193ebe63a615263df7e  pdns-recursor-4.0.1.tar.bz2
+35f373bae0503632088956fa14754e4e  pdns-recursor.initd
+2950b9932de6baae360f220c7686f520  recursor.conf"
+sha256sums=3D"472db541307c8ca83a846d260ecfc854fd8e879c1bb2ce5683a8df5d21e8=
60b0  pdns-recursor-4.0.1.tar.bz2
+215d916383e3cba184f8418b98cd2ced146500006e21e2efeb0ee5b53f3df049  pdns-rec=
ursor.initd
+12bdbf651db0c7fe63ddb01a239a5ddd40825f50811a5d3f4d13cda294bd0344  recursor=
.conf"
+sha512sums=3D"3e69606bda3d296b0c3fd9212afa2a098ab04637718356d220a9490bc3e2=
a0ca97210934d398ad740509cea9e8f8d2ab2e16a1ba75d559f6b82bf64a729ad018  pdns-=
recursor-4.0.1.tar.bz2
+f23cb30d943e0b0aea09371dc57aa43e55b8f91062a3caa3fac17e3565a8e36dfd304f45eb=
a588f625ca2337cd2ade450ea5ae1776872c006204cdaf912f6651  pdns-recursor.initd
+954df537693a202fc195e751011bbfaa605b3f3df42ac386fa82eb809b73c2b987f5e418b5=
c96bb3b0669497426ce0daa39a719844701e06990b82843a4cf0d4  recursor.conf"
diff --git a/testing/pdns-recursor/pdns-recursor.initd b/testing/pdns-recur=
sor/pdns-recursor.initd
new file mode 100644
index 0000000..80e851d
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.initd
@@ -0,0 +1,27 @@
+#!/sbin/openrc-run
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns/files/pdns,v 1.10 2007/05/=
07 20:19:18 swegener Exp $
+
+name=3Dpdns-recursor
+daemon=3D/usr/sbin/pdns_recursor
+recursor_control=3D/usr/bin/rec_control
+
+extra_started_commands=3D"dump reload"
+
+depend() {
+	need net
+	after firewall
+}
+
+start() {
+	ebegin "Starting PowerDNS recursor"
+	${daemon}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping PowerDNS recursor"
+	${recursor_control} quit &>/dev/null
+	eend $?
+}
diff --git a/testing/pdns-recursor/pdns-recursor.post-deinstall b/testing/p=
dns-recursor/pdns-recursor.post-deinstall
new file mode 100644
index 0000000..a7604db
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.post-deinstall
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+deluser recursor 2>/dev/null
+exit 0
diff --git a/testing/pdns-recursor/pdns-recursor.pre-install b/testing/pdns=
-recursor/pdns-recursor.pre-install
new file mode 100644
index 0000000..ece3a78
--- /dev/null
+++ b/testing/pdns-recursor/pdns-recursor.pre-install
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S recursor 2>/dev/null
+adduser -S -D -H -h /var/empty -s /bin/false -G recursor -g recursor recur=
sor 2>/dev/null
+
+exit 0
diff --git a/testing/pdns-recursor/recursor.conf b/testing/pdns-recursor/re=
cursor.conf
new file mode 100644
index 0000000..1db3127
--- /dev/null
+++ b/testing/pdns-recursor/recursor.conf
@@ -0,0 +1,452 @@
+# Autogenerated configuration file template
+#################################
+# allow-from	If set, only allow these comma separated netmasks to recurse
+#
+# allow-from=3D127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192=
.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
+
+#################################
+# allow-from-file	If set, load allowed netmasks from this file
+#
+# allow-from-file=3D
+
+#################################
+# any-to-tcp	Answer ANY queries with tc=3D1, shunting to TCP
+#
+# any-to-tcp=3Dno
+
+#################################
+# api-config-dir	Directory where REST API stores config and zones
+#
+# api-config-dir=3D
+
+#################################
+# api-key	Static pre-shared authentication key for access to the REST API
+#
+# api-key=3D
+
+#################################
+# api-logfile	Location of the server logfile (used by the REST API)
+#
+# api-logfile=3D/var/log/pdns.log
+
+#################################
+# api-readonly	Disallow data modification through the REST API when set
+#
+# api-readonly=3Dno
+
+#################################
+# auth-zones	Zones for which we have authoritative data, comma separated d=
omain=3Dfile pairs=20
+#
+# auth-zones=3D
+
+#################################
+# carbon-interval	Number of seconds between carbon (graphite) updates
+#
+# carbon-interval=3D30
+
+#################################
+# carbon-ourname	If set, overrides our reported hostname for carbon stats
+#
+# carbon-ourname=3D
+
+#################################
+# carbon-server	If set, send metrics in carbon (graphite) format to this s=
erver
+#
+# carbon-server=3D
+
+#################################
+# chroot	switch to chroot jail
+#
+# chroot=3D
+
+#################################
+# client-tcp-timeout	Timeout in seconds when talking to TCP clients
+#
+# client-tcp-timeout=3D2
+
+#################################
+# config-dir	Location of configuration directory (recursor.conf)
+#
+# config-dir=3D/etc
+
+#################################
+# config-name	Name of this virtual configuration - will rename the binary =
image
+#
+# config-name=3D
+
+#################################
+# daemon	Operate as a daemon
+#
+daemon=3Dyes
+
+#################################
+# delegation-only	Which domains we only accept delegations from
+#
+# delegation-only=3D
+
+#################################
+# disable-packetcache	Disable packetcache
+#
+# disable-packetcache=3Dno
+
+#################################
+# disable-syslog	Disable logging to syslog, useful when running inside a s=
upervisor that logs stdout
+#
+# disable-syslog=3Dno
+
+#################################
+# dnssec	DNSSEC mode: off/process-no-validate (default)/process/log-fail/v=
alidate
+#
+# dnssec=3Dprocess-no-validate
+
+#################################
+# dnssec-log-bogus	Log DNSSEC bogus validations
+#
+# dnssec-log-bogus=3Dno
+
+#################################
+# dont-query	If set, do not query these netmasks for DNS data
+#
+# dont-query=3D127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192=
.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.=
0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, =
::ffff:0:0/96, 100::/64, 2001:db8::/32
+
+#################################
+# edns-outgoing-bufsize	Outgoing EDNS buffer size
+#
+# edns-outgoing-bufsize=3D1680
+
+#################################
+# edns-subnet-whitelist	List of netmasks and domains that we should enable=
 EDNS subnet for
+#
+# edns-subnet-whitelist=3D
+
+#################################
+# entropy-source	If set, read entropy from this file
+#
+# entropy-source=3D/dev/urandom
+
+#################################
+# etc-hosts-file	Path to 'hosts' file
+#
+# etc-hosts-file=3D/etc/hosts
+
+#################################
+# export-etc-hosts	If we should serve up contents from /etc/hosts
+#
+# export-etc-hosts=3Doff
+
+#################################
+# export-etc-hosts-search-suffix	Also serve up the contents of /etc/hosts =
with this suffix
+#
+# export-etc-hosts-search-suffix=3D
+
+#################################
+# forward-zones	Zones for which we forward queries, comma separated domain=
=3Dip pairs
+#
+# forward-zones=3D
+
+#################################
+# forward-zones-file	File with (+)domain=3Dip pairs for forwarding
+#
+# forward-zones-file=3D
+
+#################################
+# forward-zones-recurse	Zones for which we forward queries with recursion =
bit, comma separated domain=3Dip pairs
+#
+# forward-zones-recurse=3D
+
+#################################
+# hint-file	If set, load root hints from this file
+#
+# hint-file=3D
+
+#################################
+# include-dir	Include *.conf files from this directory
+#
+# include-dir=3D
+
+#################################
+# latency-statistic-size	Number of latency values to calculate the qa-late=
ncy average
+#
+# latency-statistic-size=3D10000
+
+#################################
+# local-address	IP addresses to listen on, separated by spaces or commas. =
Also accepts ports.
+#
+# local-address=3D127.0.0.1
+
+#################################
+# local-port	port to listen on
+#
+local-port=3D5353
+
+#################################
+# log-common-errors	If we should log rather common errors
+#
+# log-common-errors=3Dno
+
+#################################
+# logging-facility	Facility to log messages as. 0 corresponds to local0
+#
+# logging-facility=3D
+
+#################################
+# loglevel	Amount of logging. Higher is more. Do not set below 3
+#
+# loglevel=3D4
+
+#################################
+# lowercase-outgoing	Force outgoing questions to lowercase
+#
+# lowercase-outgoing=3Dno
+
+#################################
+# lua-config-file	More powerful configuration options
+#
+# lua-config-file=3D
+
+#################################
+# lua-dns-script	Filename containing an optional 'lua' script that will be=
 used to modify dns answers
+#
+# lua-dns-script=3D
+
+#################################
+# max-cache-entries	If set, maximum number of entries in the main cache
+#
+# max-cache-entries=3D1000000
+
+#################################
+# max-cache-ttl	maximum number of seconds to keep a cached entry in memory
+#
+# max-cache-ttl=3D86400
+
+#################################
+# max-mthreads	Maximum number of simultaneous Mtasker threads
+#
+# max-mthreads=3D2048
+
+#################################
+# max-negative-ttl	maximum number of seconds to keep a negative cached ent=
ry in memory
+#
+# max-negative-ttl=3D3600
+
+#################################
+# max-packetcache-entries	maximum number of entries to keep in the packetc=
ache
+#
+# max-packetcache-entries=3D500000
+
+#################################
+# max-qperq	Maximum outgoing queries per query
+#
+# max-qperq=3D50
+
+#################################
+# max-tcp-clients	Maximum number of simultaneous TCP clients
+#
+# max-tcp-clients=3D128
+
+#################################
+# max-tcp-per-client	If set, maximum number of TCP sessions per client (IP=
 address)
+#
+# max-tcp-per-client=3D0
+
+#################################
+# max-total-msec	Maximum total wall-clock time per query in milliseconds, =
0 for unlimited
+#
+# max-total-msec=3D7000
+
+#################################
+# minimum-ttl-override	Set under adverse conditions, a minimum TTL
+#
+# minimum-ttl-override=3D0
+
+#################################
+# network-timeout	Wait this nummer of milliseconds for network i/o
+#
+# network-timeout=3D1500
+
+#################################
+# no-shuffle	Don't change
+#
+# no-shuffle=3Doff
+
+#################################
+# non-local-bind	Enable binding to non-local addresses by using FREEBIND /=
 BINDANY socket options
+#
+# non-local-bind=3Dno
+
+#################################
+# packetcache-servfail-ttl	maximum number of seconds to keep a cached serv=
fail entry in packetcache
+#
+# packetcache-servfail-ttl=3D60
+
+#################################
+# packetcache-ttl	maximum number of seconds to keep a cached entry in pack=
etcache
+#
+# packetcache-ttl=3D3600
+
+#################################
+# pdns-distributes-queries	If PowerDNS itself should distribute queries ov=
er threads
+#
+# pdns-distributes-queries=3D
+
+#################################
+# processes	Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)
+#
+# processes=3D1
+
+#################################
+# query-local-address	Source IP address for sending queries
+#
+# query-local-address=3D0.0.0.0
+
+#################################
+# query-local-address6	Source IPv6 address for sending queries. IF UNSET, =
IPv6 WILL NOT BE USED FOR OUTGOING QUERIES
+#
+# query-local-address6=3D
+
+#################################
+# quiet	Suppress logging of questions and answers
+#
+# quiet=3D
+
+#################################
+# reuseport	Enable SO_REUSEPORT allowing multiple recursors processes to l=
isten to 1 address
+#
+# reuseport=3Dno
+
+#################################
+# root-nx-trust	If set, believe that an NXDOMAIN from the root means the T=
LD does not exist
+#
+# root-nx-trust=3Dyes
+
+#################################
+# security-poll-suffix	Domain name from which to query security update not=
ifications
+#
+# security-poll-suffix=3Dsecpoll.powerdns.com.
+
+#################################
+# serve-rfc1918	If we should be authoritative for RFC 1918 private IP space
+#
+# serve-rfc1918=3D
+
+#################################
+# server-down-max-fails	Maximum number of consecutive timeouts (and unreac=
hables) to mark a server as down ( 0 =3D> disabled )
+#
+# server-down-max-fails=3D64
+
+#################################
+# server-down-throttle-time	Number of seconds to throttle all queries to a=
 server after being marked as down
+#
+# server-down-throttle-time=3D60
+
+#################################
+# server-id	Returned when queried for 'server.id' TXT or NSID, defaults to=
 hostname
+#
+# server-id=3D
+
+#################################
+# setgid	If set, change group id to this gid for more security
+#
+setgid=3Drecursor
+
+#################################
+# setuid	If set, change user id to this uid for more security
+#
+setuid=3Drecursor
+
+#################################
+# single-socket	If set, only use a single socket for outgoing queries
+#
+# single-socket=3Doff
+
+#################################
+# soa-minimum-ttl	Don't change
+#
+# soa-minimum-ttl=3D0
+
+#################################
+# socket-dir	Where the controlsocket will live, /var/run when unset and no=
t chrooted
+#
+# socket-dir=3D
+
+#################################
+# socket-group	Group of socket
+#
+# socket-group=3D
+
+#################################
+# socket-mode	Permissions for socket
+#
+# socket-mode=3D
+
+#################################
+# socket-owner	Owner of socket
+#
+# socket-owner=3D
+
+#################################
+# spoof-nearmiss-max	If non-zero, assume spoofing after this many near mis=
ses
+#
+# spoof-nearmiss-max=3D20
+
+#################################
+# stack-size	stack size per mthread
+#
+# stack-size=3D200000
+
+#################################
+# stats-ringbuffer-entries	maximum number of packets to store statistics f=
or
+#
+# stats-ringbuffer-entries=3D10000
+
+#################################
+# threads	Launch this number of threads
+#
+# threads=3D2
+
+#################################
+# trace	if we should output heaps of logging. set to 'fail' to only log fa=
iling domains
+#
+# trace=3Doff
+
+#################################
+# udp-truncation-threshold	Maximum UDP response size before we truncate
+#
+# udp-truncation-threshold=3D1680
+
+#################################
+# version-string	string reported on version.pdns or version.bind
+#
+# version-string=3DPowerDNS Recursor 4.0.1 (built Aug 15 2016 11:06:59 by =
coredumb@alpine-dev.internal)
+
+#################################
+# webserver	Start a webserver (for REST API)
+#
+# webserver=3Dno
+
+#################################
+# webserver-address	IP Address of webserver to listen on
+#
+# webserver-address=3D127.0.0.1
+
+#################################
+# webserver-allow-from	Webserver access is only allowed from these subnets
+#
+# webserver-allow-from=3D0.0.0.0/0,::/0
+
+#################################
+# webserver-password	Password required for accessing the webserver
+#
+# webserver-password=3D
+
+#################################
+# webserver-port	Port of webserver to listen on
+#
+# webserver-port=3D8082
+
+#################################
+# write-pid	Write a PID file
+#
+# write-pid=3Dyes
+
+
--=20
2.8.3


--Signature=_Tue__16_Aug_2016_19_29_04_+0200_cAOb/nTwoKMzFzQJ
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXs01gAAoJEJXQwVHPrdN8KnkP/j6Uivpa7wv4EIExwfXkk9m2
BGe0oN56li3ozbuPj6JvNWyCtEoGjqZ6FlSXx7tKDzuVzabRJJTdBtmqnM6teb0E
zJDr7vhPmokGOQH2ncZUEUK7qOg0Hde+6UKOaikpGRnboP9cgTkj+hb6crJzCFxS
Ix58ueFHKPvc/lt+4gg1WMmFHb1KtyzE2Lpd4RQxWlLcEfGUXmoyNjmI+bDHx8sh
OggjMwlEP2BqcDi8Hr7tKQH88Jl06cDCpAEoGjudkbqWR7HWrApJkhwlFw0y21Tr
IYJi8Gpa5C81CJTDTF+VhTIe7OYxcwP7CHkgaACUs2WTHi8P/PeS5zYEXdXinX7W
X+kHKqzBEv+qY4AvSubkM4DE7/ru7mkP615puoN5QeN0k/fMDQEK5J/xD0z4DPet
yRkDyNbuyD/wCu+1Rf6G6zASJJXwVM0FnKEev2kIpBsqFoh9UVwlGXToSBKqSdv/
kTQNWV50gYxmC9nVRc6/YrcAVlnEP4G3A21SHOo+v/EPH2Ba6wm+TX14cNfh8/QE
ft6IR7hykfP6KUepi3eaJQJ+vzy73pxwqyE5BF2FyNhiN+VugHXjrKhnmoHRuYUt
O1ZzUv4B2k0PctXoYzEE5I74ByruH08ivhv/wRE3+Xl0DQzh2R/EI0MGsagprr4K
4QojEg1pFJzySEltqNGE
=gNEx
-----END PGP SIGNATURE-----

--Signature=_Tue__16_Aug_2016_19_29_04_+0200_cAOb/nTwoKMzFzQJ--


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---