diff options
-rw-r--r-- | .SRCINFO | 33 | ||||
-rw-r--r-- | PKGBUILD | 65 | ||||
-rw-r--r-- | conf | 5 | ||||
-rw-r--r-- | hook | 10 | ||||
-rw-r--r-- | service | 14 | ||||
-rw-r--r-- | sysusers.d | 1 | ||||
-rw-r--r-- | tmpfiles.d | 1 |
7 files changed, 129 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..3882151beedb --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,33 @@ +pkgbase = unbound-ecs + pkgdesc = Validating, recursive, and caching DNS resolver, enable EDNS client subnet + pkgver = 1.7.2 + pkgrel = 1 + url = https://unbound.net/ + arch = x86_64 + license = custom:BSD + makedepends = expat + depends = openssl + depends = ldns + depends = libevent + depends = fstrm + depends = protobuf-c + depends = dnssec-anchors + optdepends = expat: unbound-anchor + conflicts = unbound + backup = etc/unbound/unbound.conf + source = https://unbound.net/downloads/unbound-1.7.2.tar.gz + source = sysusers.d + source = tmpfiles.d + source = service + source = hook + source = conf + validpgpkeys = EDFAA3F2CA4E6EB05681AF8E9F6F1C2D7E045F8D + sha256sums = a85fc7bb34711992cf128b2012638ebb8dc1fe15818baa381f6489240845eaa0 + sha256sums = 66e531fed2b5b25378c89209525087cb137206fd80b70c1f576d6333ec368402 + sha256sums = e527e51a97d1e3280f0737021fca616909375ebf0bd1050c18d1abff75b8bb2b + sha256sums = 6f4d89fbc52ed64dc3bb90d1b47a5acbff7915c17bbf76cce5f49396df0583da + sha256sums = 8d27e8420039fac40b9f7a24fc6962c62e9b65e8709cf64486dec0f97bbe83cf + sha256sums = 07d764f4f42adfba9685c5c7feef81116118f4a1772b118aa3ebbe059e8a513e + +pkgname = unbound-ecs + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..287dc63d0805 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,65 @@ +# Maintainer: Sherlock Holo <sherlockya at gmail com> +# Contributor: Gaetan Bisson <bisson@archlinux.org> +# Contributor: Hisato Tatekura <hisato_tatekura@excentrics.net> +# Contributor: Massimiliano Torromeo <massimiliano DOT torromeo AT google mail service> + +pkgname=unbound-ecs +_pkgname=unbound +pkgver=1.7.2 +pkgrel=1 +pkgdesc='Validating, recursive, and caching DNS resolver, enable EDNS client subnet' +url='https://unbound.net/' +license=('custom:BSD') +arch=('x86_64') +makedepends=('expat') +optdepends=('expat: unbound-anchor') +depends=('openssl' 'ldns' 'libevent' 'fstrm' 'protobuf-c' 'dnssec-anchors') +conflicts=('unbound') +backup=('etc/unbound/unbound.conf') +validpgpkeys=('EDFAA3F2CA4E6EB05681AF8E9F6F1C2D7E045F8D') +source=("https://unbound.net/downloads/${_pkgname}-${pkgver}.tar.gz" + 'sysusers.d' + 'tmpfiles.d' + 'service' + 'hook' + 'conf') +sha256sums=('a85fc7bb34711992cf128b2012638ebb8dc1fe15818baa381f6489240845eaa0' + '66e531fed2b5b25378c89209525087cb137206fd80b70c1f576d6333ec368402' + 'e527e51a97d1e3280f0737021fca616909375ebf0bd1050c18d1abff75b8bb2b' + '6f4d89fbc52ed64dc3bb90d1b47a5acbff7915c17bbf76cce5f49396df0583da' + '8d27e8420039fac40b9f7a24fc6962c62e9b65e8709cf64486dec0f97bbe83cf' + '07d764f4f42adfba9685c5c7feef81116118f4a1772b118aa3ebbe059e8a513e') + +build() { + cd "${srcdir}/${_pkgname}-${pkgver}" + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --sbindir=/usr/bin \ + --disable-rpath \ + --enable-dnstap \ + --enable-pie \ + --enable-relro-now \ + --with-conf-file=/etc/unbound/unbound.conf \ + --with-pidfile=/run/unbound.pid \ + --with-rootkey-file=/etc/trusted-key.key \ + --with-libevent \ + --enable-subnet \ + + make -j4 +} + +package() { + cd "${srcdir}/${_pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + install -Dm644 doc/example.conf.in "${pkgdir}/etc/unbound/unbound.conf.example" + install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + install -Dm644 ../sysusers.d "${pkgdir}/usr/lib/sysusers.d/unbound.conf" + install -Dm644 ../service "${pkgdir}/usr/lib/systemd/system/unbound.service" + install -Dm644 ../conf "${pkgdir}/etc/unbound/unbound.conf" + + # Trust anchor file available from within unbound's chroot. + install -Dm644 ../tmpfiles.d "${pkgdir}/usr/lib/tmpfiles.d/unbound.conf" + install -Dm644 ../hook "${pkgdir}/usr/share/libalpm/hooks/unbound-key.hook" +} @@ -0,0 +1,5 @@ +server: + use-syslog: yes + username: "unbound" + directory: "/etc/unbound" + trust-anchor-file: trusted-key.key @@ -0,0 +1,10 @@ +[Trigger] +Type = File +Target = etc/trusted-key.key +Operation = Install +Operation = Upgrade + +[Action] +Description = Updating trusted-key.key for unbound... +When = PostTransaction +Exec = /bin/cp -f /etc/trusted-key.key /etc/unbound/ diff --git a/service b/service new file mode 100644 index 000000000000..c8cf7d37a414 --- /dev/null +++ b/service @@ -0,0 +1,14 @@ +[Unit] +Description=Unbound DNS Resolver +Wants=nss-lookup.target +Before=network-online.target nss-lookup.target +After=network.target + +[Service] +PIDFile=/run/unbound.pid +ExecStart=/usr/bin/unbound -d +ExecReload=/bin/kill -HUP $MAINPID +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/sysusers.d b/sysusers.d new file mode 100644 index 000000000000..3cd34bfef4bd --- /dev/null +++ b/sysusers.d @@ -0,0 +1 @@ +u unbound - "unbound" /etc/unbound diff --git a/tmpfiles.d b/tmpfiles.d new file mode 100644 index 000000000000..7de06d48cb5d --- /dev/null +++ b/tmpfiles.d @@ -0,0 +1 @@ +C /etc/unbound/trusted-key.key - - - - /etc/trusted-key.key |