diff options
| author | Eric Luehrsen <ericluehrsen@gmail.com> | 2020-06-23 00:58:38 -0400 |
|---|---|---|
| committer | Eric Luehrsen <ericluehrsen@gmail.com> | 2020-06-27 17:17:41 -0400 |
| commit | 8e0b2d344ec79fd1f9906181cb9a3689b789538f (patch) | |
| tree | 1550f54b370d31a88cca14708ddaa536fb71f448 /net/unbound/files | |
| parent | e2fe9bda3d6a2755f36031d8d69c6ea8e08ba715 (diff) | |
unbound: refactor build options to select switches
The two unique packages "Unbound light" and "Unbound heavy"
were not working well due to the fact that Unbound is mostly
its library. Tools and helpers would crash. Instead a reasonable
default Unbound is built. Also up select options like python
are added. libevent and libpthreads are options to down select.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Diffstat (limited to 'net/unbound/files')
| -rw-r--r-- | net/unbound/files/README.md | 5 | ||||
| -rw-r--r-- | net/unbound/files/unbound.sh | 17 |
2 files changed, 21 insertions, 1 deletions
diff --git a/net/unbound/files/README.md b/net/unbound/files/README.md index ec06de5a0..64f8eeb10 100644 --- a/net/unbound/files/README.md +++ b/net/unbound/files/README.md @@ -190,6 +190,11 @@ config zone list zone_name '.' ``` +## Optional Compile Switches +Unbound can be changed by toggling switches within `make menuconfig` Libraries/Network/libunbound. Disable libevent, libpthread, and ipset to attempt to gain performance and size on small single core targets. These downgrade options are well tested, but they are not needed unless Unbound will not fit. Take care before enabling subnetcache, dnscrypt, and python options. These enhancements are not fully tested within OpenWrt and python is a large dependency. These enhancements are default off and they do not have UCI. You will need to use the files `/etc/unbound/unbound_srv.conf` and `/etc/unbound/unbound_ext.conf` to configure these modules. The `server:` clause line `module: subnetcache validator python iterator` will be filled out if the modules are compiled in. + +Note: if you use python, then you will need to manual configure and you cannot use chroot. The scripts are not yet enhanced enough to set up the directory binding. + ## Complete List of UCI Options **/etc/config/unbound**: ``` diff --git a/net/unbound/files/unbound.sh b/net/unbound/files/unbound.sh index a57d81d4e..ed5a89a05 100644 --- a/net/unbound/files/unbound.sh +++ b/net/unbound/files/unbound.sh @@ -547,7 +547,7 @@ unbound_zone() { ############################################################################## unbound_conf() { - local rt_mem rt_conn rt_buff modulestring domain ifsubnet + local rt_mem rt_conn rt_buff modulestring domain ifsubnet moduleopts { # server: for this whole function @@ -768,9 +768,17 @@ unbound_conf() { # Assembly of module-config: options is tricky; order matters + moduleopts="$( /usr/sbin/unbound -V )" modulestring="iterator" + case $moduleopts in + *with-python*) + modulestring="python $modulestring" + ;; + esac + + if [ "$UB_B_DNSSEC" -gt 0 ] ; then if [ "$UB_B_NTP_BOOT" -gt 0 ] ; then # DNSSEC chicken and egg with getting NTP time @@ -789,6 +797,13 @@ unbound_conf() { fi + case $moduleopts in + *enable-subnet*) + modulestring="subnetcache $modulestring" + ;; + esac + + if [ "$UB_B_DNS64" -gt 0 ] ; then echo " dns64-prefix: $UB_IP_DNS64" >> $UB_CORE_CONF |