Release 2.6.0 - See CHANGELOG.md

CHANGELOG.md

@@ -1,3 +1,13 @@
+## 2.6.0 2025-02-14 <dave at tiredofit dot ca>
+
+   ### Added
+      - Add configurable ROOT_HINTS_URI environment variable to choose where to refresh root hints from
+      - Include Root hints on build and update only if 30 days or older
+
+   ### Changed
+      - Small amount of polish cleaning up old and weird variables
+
+
 ## 2.5.9 2024-12-07 <dave at tiredofit dot ca>
 
    ### Added

Dockerfile

@@ -62,6 +62,11 @@ RUN source /assets/functions/00-container && \
 	sed -i -e '/^LIBS=/s/-lpython.*[[:space:]]/ /' Makefile && \
 	make -j$(nproc)&& \
     make install && \
+    mkdir -p \
+        /assets/unbound \
+        && \
+    curl -sSL https://www.internic.net/domain/named.cache -o /assets/unbound/named.cache && \
+    chown -R unbound /assets/unbound && \
     package remove .unbound-install-deps && \
     package cleanup
 

LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2021 Dave Conroy
+Copyright (c) 2024 Dave Conroy
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -19,14 +19,14 @@ Dockerfile to build an [Unbound DNS Cache](https://unbound.net) container image
 
 ## Table of Contents
 
-- [Introduction](#introduction)
-- [Authors](#authors)
+- [About](#about)
+- [Maintainer](#maintainer)
 - [Table of Contents](#table-of-contents)
-- [Prerequisites](#prerequisites)
+- [Prerequisites and Assumptions](#prerequisites-and-assumptions)
 - [Installation](#installation)
   - [Quick Start](#quick-start)
 - [Configuration](#configuration)
-  - [Data-Volumes](#data-volumes)
+  - [Persistent Storage](#persistent-storage)
   - [Environment Variables](#environment-variables)
   - [Networking](#networking)
 - [Maintenance](#maintenance)
@@ -47,11 +47,11 @@ Automated builds of the image are available on [Docker Hub](https://hub.docker.c
 docker pull hub.docker.com/tiredofit/unbound:(imagetag)
 ```
 
-Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-tiredofit/pkgs/container/docker-tiredofit) 
- 
+Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-tiredofit/pkgs/container/docker-tiredofit)
+
 ```
 docker pull ghcr.io/tiredofit/docker-tiredofit:(imagetag)
-``` 
+```
 
 The following image tags are available:
 * `latest` - Most recent release of Unbound w/ Alpine Linux

examples/docker-compose.yml

@@ -1,4 +1,3 @@
-version: '3.7'
 services:
 
   unbound-app:
@@ -10,6 +9,7 @@ services:
       - ./config:/config
       - ./logs:/logs
     environment:
+      - TIMEZONE=America/Vancouver
       - CONTAINER_NAME=unbound-hostname-app
     networks:
       - services

install/assets/defaults/10-unbound

@@ -39,8 +39,8 @@ PREFETCH_KEY=${PREFETCH_KEY:-"TRUE"}
 QNAME_MINIMIZATION=${QNAME_MINIMIZATION:-"TRUE"}
 REMOTE_CONTROL_LISTEN_IP=${REMOTE_CONTROL_LISTEN_IP:-"127.0.0.1"}
 REMOTE_CONTROL_LISTEN_PORT=${REMOTE_CONTROL_LISTEN_PORT:-"8953"}
-ROOT_HINTS=${ROOT_HINTS:-"${CONFIG_PATH}root.hints"}
-RRSET_ROUNDROBIN=${RRSET_ROUNDROBIN:-"TRUE"}
+ROOT_HINTS_FILE=${ROOT_HINTS_FILE:-"${CONFIG_PATH}/root.hints"}
+ROOT_HINTS_URI=${ROOT_HINTS_URI:-"https://www.internic.net/domain/named.root"}
 SETUP_TYPE=${SETUP_TYPE:-"AUTO"}
 SO_BUFFER_RECEIVE=${SO_BUFFER_RECEIVE:-""}
 SO_BUFFER_SEND=${SO_BUFFER_SEND:-""}

install/assets/functions/10-unbound

@@ -54,21 +54,20 @@ EOF
 }
 
 create_configuration() {
-	if [ "$SETUP_TYPE" = "AUTO" ]; then
+	if [ "${SETUP_TYPE,,}" = "auto" ]; then
         print_notice "Configuring Unbound"
-        mkdir -p "${CONFIG_PATH}"conf.d
-        chown -R "${UNBOUND_USER}" "${CONFIG_PATH}"
+        mkdir -p "${CONFIG_PATH}"/conf.d
 
-        if [ ! -f "${ROOT_HINTS}" ] ; then
-            print_notice "Downloading Root Hints"
-            sudo -u "${UNBOUND_USER}" curl ftp://ftp.internic.net/domain/named.cache > "${ROOT_HINTS}"
-        else
-            if [[ $(find "$ROOT_HINTS" -mtime +30 -print) ]] ;  then
-                print_notice "Root Hints are older than 30 days - Refreshing"
-                sudo -u "${UNBOUND_USER}" curl ftp://ftp.internic.net/domain/named.cache > "${ROOT_HINTS}"
-            fi
+        if [ ! -f "${ROOT_HINTS_FILE}" ] ; then
+            cp -aR /assets/unbound/named.cache "${ROOT_HINTS_FILE}"
+        fi
+        if [[ $(find "${ROOT_HINTS_FILE}" -mtime +30 -print) ]] ;  then
+            print_notice "Root Hints are older than 30 days - Refreshing"
+            curl -sSL "${ROOT_HINTS_URI}" | sudo -u "${UNBOUND_USER}" tee "${ROOT_HINTS_FILE}"
         fi
 
+        chown -R "${UNBOUND_USER}" "${CONFIG_PATH}"
+
         truefalse_yesno DENY_ANY
         truefalse_yesno ENABLE_IPV4
         truefalse_yesno ENABLE_IPV6
@@ -132,7 +131,7 @@ server:
     prefetch: ${PREFETCH}
     prefetch-key: ${PREFETCH_KEY}
     qname-minimisation: ${QNAME_MINIMIZATION}
-    root-hints: ${ROOT_HINTS}
+    root-hints: ${ROOT_HINTS_FILE}
     so-reuseport: ${SO_REUSE_PORT}
     statistics-cumulative: ${STATISTICS_CUMULATIVE}
     statistics-interval: ${STATISTICS_INTERVAL}
@@ -156,9 +155,9 @@ EOF
 }
 
 configure_logging() {
-    if [ "$SETUP_TYPE" = "AUTO" ]; then
+    if [ "${SETUP_TYPE,,}" = "auto" ]; then
         print_debug "Configuring Logging"
-        if [ "$LOG_TYPE" = "FILE" ] || [ "$LOG_TYPE" = "file" ] ; then
+        if [ "${LOG_TYPE,,}" = "file" ] ; then
             mkdir -p "${LOG_PATH}"
             touch "${LOG_PATH}"/"${LOG_FILE}"
             chown -R "${UNBOUND_USER}": "${LOG_PATH}"
@@ -169,20 +168,20 @@ configure_logging() {
         fi
 
         ### Translate Logging
-        case "$LOG_LEVEL" in
-            "DETAILED" | "detailed" | "2" )
+        case "${LOG_LEVEL,,}" in
+            detailed | 2 )
                 LOG_LEVEL=2
             ;;
-            "QUERY" | "query" | "3" )
+            query | 3 )
                 LOG_LEVEL=3
             ;;
-            "ERROR" | "error" | "err" | "0" )
+            err* | 0 )
                 LOG_LEVEL=0
             ;;
-            "ALGORITHM" | "algorithm" | "4" )
+            algorithm | 4 )
                 LOG_LEVEL=4
             ;;
-            "CLIENT" | "client" | "5" )
+            client | 5 )
                 LOG_LEVEL=5
             ;;
         esac

install/etc/services.available/10-unbound/run

@@ -8,5 +8,5 @@ check_container_initialized
 check_service_initialized init
 liftoff
 
-print_start "Starting Unbound $(echo "${UNBOUND_VERSION}" | sed 's|release||g')"
+print_start "Starting Unbound ${UNBOUND_VERSION/release-}"
 exec unbound -c "${CONFIG_PATH}""${CONFIG_FILE}" -d