| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232 |
- -- Copyright 2018 Eric Luehrsen <ericluehrsen@gmail.com>
- -- Licensed to the public under the Apache License 2.0.
- local m5, s5
- local ztype, zones, servers, fallback, enabled
- local fs = require "nixio.fs"
- local ut = require "luci.util"
- local sy = require "luci.sys"
- local ds = require "luci.dispatcher"
- local resolvfile = "/tmp/resolv.conf.auto"
- local logerr = ut.exec("logread -e 'unbound.*error.*ssl library'")
- m5 = Map("unbound")
- s5 = m5:section(TypedSection, "zone", "Zones",
- translatef("Organize directed forward, stub, and authoritative zones"
- .. " <a href=\"%s\" target=\"_blank\">(help)</a>.",
- "https://www.unbound.net/",
- "https://github.com/openwrt/packages/blob/master/net/unbound/files/README.md"))
- s5.addremove = true
- s5.anonymous = true
- s5.sortable = true
- s5.template = "cbi/tblsection"
- s5.extedit = ds.build_url("admin/services/unbound/zones/%s")
- ztype = s5:option(DummyValue, "DummyType", translate("Type"))
- ztype.rawhtml = true
- zones = s5:option(DummyValue, "DummyZones", translate("Zones"))
- zones.rawhtml = true
- servers = s5:option(DummyValue, "DummyServers", translate("Servers"))
- servers.rawhtml = true
- fallback = s5:option(Flag, "fallback", translate("Fallback"))
- fallback.rmempty = false
- enabled = s5:option(Flag, "enabled", translate("Enable"))
- enabled.rmempty = false
- if logerr and (#logerr > 0) then
- logerr = logerr:sub((1 + #logerr - math.min(#logerr, 250)), #logerr)
- m5.message = translatef( "Note: SSL/TLS library is missing an API. "
- .. "Please review syslog. >> logread ... " .. logerr )
- end
- function s5.create(self, section)
- created = TypedSection.create(self, section)
- end
- function s5.parse(self, ...)
- TypedSection.parse(self, ...)
- end
- function ztype.cfgvalue(self, s)
- -- Format a meaningful tile for the Zone Type column
- local itxt = self.map:get(s, "zone_type")
- local itls = self.map:get(s, "tls_upstream")
- if itxt and itxt:match("forward") then
- if itls and (itls == "1") then
- return translate("Forward TLS")
- else
- return translate("Forward")
- end
- elseif itxt and itxt:match("stub") then
- return translate("Recurse")
- elseif itxt and itxt:match("auth") then
- return translate("AXFR")
- else
- return translate("Undefined")
- end
- end
- function zones.cfgvalue(self, s)
- -- Format a meaningful sentence for the Zones viewed column
- local xtxt, otxt
- local itxt = self.map:get(s, "zone_name")
- local itype = self.map:get(s, "zone_type")
- for xtxt in ut.imatch(itxt) do
- if (xtxt == ".") then
- -- zone_name lists
- xtxt = translate("(root)")
- end
- if otxt and (#otxt > 0) then
- otxt = otxt .. ", <var>%s</var>" % xtxt
- else
- otxt = "<var>%s</var>" % xtxt
- end
- end
- if otxt and (#otxt > 0) then
- if itype and itype:match("forward") then
- -- from zone_type create a readable hint for the action
- otxt = translate("accept upstream results for ") .. otxt
- elseif itype and itype:match("stub") then
- otxt = translate("select recursion for ") .. otxt
- elseif itype and itype:match("auth") then
- otxt = translate("prefetch zone files for ") .. otxt
- else
- otxt = translate("unknown action for ") .. otxt
- end
- return otxt
- else
- return "(empty)"
- end
- end
- function servers.cfgvalue(self, s)
- -- Format a meaningful sentence for the Servers (and URL) column
- local xtxt, otxt, rtxt, found
- local itxt = self.map:get(s, "server")
- local iurl = self.map:get(s, "url_dir")
- local itype = self.map:get(s, "zone_type")
- local itls = self.map:get(s, "tls_upstream")
- local iidx = self.map:get(s, "tls_index")
- local irslv = self.map:get(s, "resolv_conf")
- for xtxt in ut.imatch(itxt) do
- if otxt and (#otxt > 0) then
- -- bundle and make pretty the server list
- otxt = otxt .. ", <var>%s</var>" % xtxt
- else
- otxt = "<var>%s</var>" % xtxt
- end
- end
- if otxt and (#otxt > 0) then
- otxt = translate("use nameservers ") .. otxt
- end
- if otxt and (#otxt > 0)
- and itls and (itls == "1")
- and iidx and (#iidx > 0) then
- -- show TLS certificate name index if provided
- otxt = otxt .. translatef(
- " with default certificate for <var>%s</var>", iidx)
- end
- if iurl and (#iurl > 0) and itype and itype:match("auth") then
- if otxt and (#otxt > 0) then
- -- include optional URL filed for auth-zone: type
- otxt = otxt .. translatef(", and try <var>%s</var>", iurl)
- else
- otxt = translatef("download from <var>%s</var>", iurl)
- end
- end
- if irslv and (irslv == "1") and itype and itype:match("forward") then
- for xtxt in ut.imatch(fs.readfile(resolvfile)) do
- if xtxt:match("nameserver") then
- found = true
- elseif (found == true) then
- if rtxt and (#rtxt > 0) then
- -- fetch name servers from resolv.conf
- rtxt = rtxt .. ", <var>%s</var>" % xtxt
- else
- rtxt = "<var>%s</var>" % xtxt
- end
- found = false
- end
- end
- if otxt and (#otxt > 0) and rtxt and (#rtxt > 0) then
- otxt = otxt .. translatef(
- ", and <var>%s</var> entries ", resolvfile) .. rtxt
- elseif rtxt and (#rtxt > 0) then
- otxt = translatef(
- "use <var>%s</var> nameservers ", resolvfile) .. rtxt
- end
- end
- if otxt and (#otxt > 0) then
- return otxt
- else
- return "(empty)"
- end
- end
- function m5.on_commit(self)
- if sy.init.enabled("unbound") then
- -- Restart Unbound with configuration
- sy.call("/etc/init.d/unbound restart >/dev/null 2>&1")
- else
- sy.call("/etc/init.d/unbound stop >/dev/null 2>&1")
- end
- end
- return m5
|
