60 lines
1.7 KiB
Bash
Executable File
60 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
# Copyright (C) 2011-2013 OpenStack Foundation
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
#
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# dib-lint: disable=set setu setpipefail indent
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -e
|
|
|
|
NODEPOOL_STATIC_NAMESERVER=${NODEPOOL_STATIC_NAMESERVER:-8.8.8.8}
|
|
# The puppet modules should install unbound.
|
|
dd of=/tmp/forwarding.conf <<EOF
|
|
forward-zone:
|
|
name: "."
|
|
forward-addr: $NODEPOOL_STATIC_NAMESERVER
|
|
EOF
|
|
|
|
mv /tmp/forwarding.conf /etc/unbound/
|
|
chown root:root /etc/unbound/forwarding.conf
|
|
chmod a+r /etc/unbound/forwarding.conf
|
|
|
|
# If we have selinux install, restore default SELinux contents when ever
|
|
# possible. Currently this only seems relevant for RHEL based DIBs.
|
|
if [ -x /sbin/restorecon ] ; then
|
|
restorecon -v /etc/unbound/forwarding.conf
|
|
fi
|
|
|
|
# Overwrite /etc/resolv.conf at boot
|
|
dd of=/etc/rc.local <<EOF
|
|
|
|
#!/bin/bash
|
|
set -o xtrace
|
|
|
|
# Some providers inject dynamic network config statically. Work around this
|
|
# for DNS nameservers. This is expected to fail on some nodes so remove -e.
|
|
set +e
|
|
sed -i -e 's/^\(DNS[0-9]*=[.0-9]\+\)/#\1/g' /etc/sysconfig/network-scripts/ifcfg-*
|
|
set -e
|
|
|
|
echo 'nameserver 127.0.0.1' > /etc/resolv.conf
|
|
|
|
exit 0
|
|
EOF
|
|
|
|
echo 'include: /etc/unbound/forwarding.conf' >> /etc/unbound/unbound.conf
|