Last active
August 4, 2023 19:06
-
-
Save alainwolf/da605f4c3f0fb59b52f63260da327da0 to your computer and use it in GitHub Desktop.
unbound-root-hints-update
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Refresh list of Internet root servers from Internic | |
# See https://www.iana.org/domains/root/files | |
# | |
# Vars | |
REMOTE_URL="https://www.internic.net/domain/named.cache" | |
LOCAL_FILE="/var/lib/unbound/root.hints" | |
FILE_USER="unbound" | |
FILE_GROUP="unbound" | |
# Create a temporary file to download the root hints to | |
TEMP_FILE=$( mktemp "/tmp/$( basename $LOCAL_FILE ).XXXXXX" ) | |
# Download the file, if its newer then what we already have installed | |
echo -n "Checking Internic for root zone server updates since " | |
echo -n "$( date -r $LOCAL_FILE ) ... " | |
if curl --fail --silent --show-error --location --remote-time \ | |
--time-cond "$LOCAL_FILE" \ | |
--output "$TEMP_FILE" \ | |
"$REMOTE_URL" | |
then | |
echo "Done." | |
else | |
echo "Download failed!" | |
exit | |
fi | |
# Do we have a download (file exists and is greater then zero)? | |
if [ -s "$TEMP_FILE" ]; then | |
echo "Downloaded fresh root-hints from $( date -r "$TEMP_FILE" )." | |
echo -n "Installing new root-hints ... " | |
# Install the file | |
cp -p -f -u "$TEMP_FILE" "$LOCAL_FILE" | |
touch -r "${TEMP_FILE}" "${LOCAL_FILE}" | |
chown ${FILE_USER}:${FILE_GROUP} "$LOCAL_FILE" | |
chmod 644 "$LOCAL_FILE" | |
echo "Done." | |
# Check configuration | |
cd /etc/unbound || exit | |
echo -n "Checking configuration ... " | |
if /usr/sbin/unbound-checkconf /etc/unbound/unbound.conf > /dev/null | |
then | |
echo "Ok" | |
# Reload configuration | |
echo -n "Relaoding unbound server ... " | |
/usr/sbin/unbound-control -q reload && echo "Done." | |
echo -n "Checking unbound server status ... " | |
sleep 10 && /usr/sbin/unbound-control status -q && echo "Ok." | |
else | |
echo "The unbound server configuration has errors!" | |
exit 1 | |
fi | |
else | |
echo "No new updates." | |
fi | |
# Clean-up | |
rm "${TEMP_FILE}" | |
# -*- mode: bash; tab-width: 4; indent-tabs-mode: nil -*- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment