unbound: fix boot time and default run directory

Unbound struggles with boot ifup, so procd triggers changed to push outside of this noise. Unbound has run in /var/lib/unbound/, so chroot (jail) protects /etc/, and it can save flash wear. Compiled defaults reflect this now, so Unbound tools are easier run on the command line. Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2026-04-30 07:28:39 +01:00 · 2018-07-31 22:59:24 -04:00
parent 74c043276a
commit 8830d72bbd
6 changed files with 211 additions and 185 deletions
@@ -41,6 +41,7 @@ UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt
 UB_RKEY_FILE=$UB_VARDIR/root.key
 UB_RHINT_FILE=$UB_VARDIR/root.hints
 UB_TIME_FILE=$UB_VARDIR/hotplug.time
+UB_SKIP_FILE=$UB_VARDIR/skip.time

 # control app keys
 UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key
@@ -50,7 +51,7 @@ UB_SRVPEM_FILE=$UB_VARDIR/unbound_server.pem

 # similar default SOA / NS RR as Unbound uses for private ARPA zones
 UB_XSER=$(( $( date +%s ) / 60 ))
-UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 600"
+UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300"
 UB_XNS="7200 IN NS localhost."
 UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\""
 UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\""