Last active
November 19, 2019 17:02
-
-
Save netravnen/4a3a775ddb9be8d868bfd6bd2cb0cff8 to your computer and use it in GitHub Desktop.
unbound
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| curl_opts="-snGL" # generic curl options | |
| curl_url_opts="--data-urlencode adm=2 --data-urlencode res=3 --data-urlencode bare --data-urlencode wl=all --data-urlencode rnd=true --data-urlencode pct=99" # api params | |
| openic_api_url="https://api.opennicproject.org/geoip/" # api url | |
| # Fetch random selection of OpenNIC servers | |
| opennic_servers="$(curl ${curl_opts} ${curl_url_opts} --data-urlencode ipv=4 ${openic_api_url})" | |
| opennic_servers+=" $(curl ${curl_opts} ${curl_url_opts} --data-urlencode ipv=6 ${openic_api_url})" | |
| # Declare OpenNIC TLDs | |
| opennic_tlds="bbs chan cyb dyn geek gopher indy libre neo null o oss oz parody pirate" # CURRENT TOP-LEVEL DOMAINS | |
| opennic_tlds+=" free" # INACTIVE TOP-LEVEL DOMAINS | |
| opennic_tlds+=" bazar coin emc coin lib fur bit ku te ti uu" # PEERED TOP-LEVEL DOMAINS | |
| opennic_tlds+=" opennic.glue dns.opennic.glue" # TECHNICAL ZONES | |
| # Declare filepaths | |
| opennic_zone_list_tmp=/tmp/opennic.conf | |
| opennic_zone_list=/etc/unbound/unbound.conf.d/opennic.conf | |
| if [ -f ${opennic_zone_list_tmp} ] ; then rm ${opennic_zone_list_tmp} ; touch ${opennic_zone_list_tmp} ; fi # remove file if exists | |
| for tld in ${opennic_tlds} ; do | |
| server_list="" # ensure list is always empty at script init | |
| opennic_servers=$(echo ${opennic_servers} | tr ' ' "\n"|shuf|tr "\n" " ") # randomize entries in list | |
| # Create random order for upstream T2 servers | |
| for opennic_server_ip in ${opennic_servers} ; do | |
| server_list=" stub-addr: \"${opennic_server_ip}\"\n${server_list}" | |
| done | |
| # Concat output | |
| printf "\nstub-zone:\n name: \"${tld}\"\n stub-tls-upstream: no\n${server_list}" >> ${opennic_zone_list_tmp} | |
| done | |
| # Copy tmp file to unbound dir, if unbound is installed | |
| if [ -f ${opennic_zone_list} ] ; then | |
| cp ${opennic_zone_list_tmp} ${opennic_zone_list} | |
| fi | |
| # ensure we know the unbound config filepath | |
| if [ -f /etc/unbound/unbound.conf ] ; then | |
| unbound_remote_control_status=$(grep 'control-enable:' /etc/unbound/unbound.conf | cut -d'#' -f1 | egrep -o "\b(yes|no)\b") | |
| fi | |
| # reload unbound | |
| if [ ${unbound_remote_control_status} == 'yes' ] ; then | |
| unbound-control -q reload # reload if unbound remote conmtrol is enabled | |
| else | |
| systemctl stop unbound.service && systemctl start unbound.service # fallback to stops-start if remote control is not detected as enabled | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment