angie: provide DNS resolver
This commit is contained in:
parent
47515839a2
commit
7b5b3a0a30
2
angie/autoconf.dist/http-resolver.conf.j2
Normal file
2
angie/autoconf.dist/http-resolver.conf.j2
Normal file
@ -0,0 +1,2 @@
|
||||
{%- set resolver_status_zone = 'http_resolver' -%}
|
||||
{% include 'resolver.j2m' %}
|
13
angie/autoconf.dist/resolver.j2m
Normal file
13
angie/autoconf.dist/resolver.j2m
Normal file
@ -0,0 +1,13 @@
|
||||
{%- if env.NGX_RESOLVERS %}
|
||||
{%- if env.NGX_RESOLVER_STACK == 'any' %}
|
||||
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }};
|
||||
{%- elif env.NGX_RESOLVER_STACK == 'ipv4' %}
|
||||
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }} ipv4=on ipv6=off;
|
||||
{%- elif env.NGX_RESOLVER_STACK == 'ipv6' %}
|
||||
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }} ipv4=off ipv6=on;
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
|
||||
{%- if env.NGX_RESOLVER_TIMEOUT %}
|
||||
resolver_timeout {{ env.NGX_RESOLVER_TIMEOUT }};
|
||||
{%- endif %}
|
2
angie/autoconf.dist/stream-resolver.conf.j2
Normal file
2
angie/autoconf.dist/stream-resolver.conf.j2
Normal file
@ -0,0 +1,2 @@
|
||||
{%- set resolver_status_zone = 'stream_resolver' -%}
|
||||
{% include 'resolver.j2m' %}
|
109
image-entry.d/06-resolver.envsh
Executable file
109
image-entry.d/06-resolver.envsh
Executable file
@ -0,0 +1,109 @@
|
||||
#!/bin/sh
|
||||
|
||||
unset _NGX_RESOLVER_STACK _NGX_RESOLVER_TIMEOUT
|
||||
## here should be SANE defaults (!)
|
||||
_NGX_RESOLVER_STACK=ipv4
|
||||
_NGX_RESOLVER_TIMEOUT=10s
|
||||
|
||||
if [ -z "${NGX_RESOLVER_STACK:-}" ] ; then
|
||||
NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}
|
||||
else
|
||||
case "${NGX_RESOLVER_STACK}" in
|
||||
[Ii][Pp][Vv]4 | [Vv]4 | 4 )
|
||||
## adjust
|
||||
NGX_RESOLVER_STACK=ipv4
|
||||
;;
|
||||
[Ii][Pp][Vv]6 | [Vv]6 | 6 )
|
||||
## adjust
|
||||
NGX_RESOLVER_STACK=ipv6
|
||||
;;
|
||||
[Dd][Uu][Aa][Ll] | [Aa][Ll][Ll] | [Aa][Nn][Yy] )
|
||||
## adjust
|
||||
NGX_RESOLVER_STACK=any
|
||||
;;
|
||||
[Nn][Oo][Nn][Ee] | 0 )
|
||||
## adjust
|
||||
NGX_RESOLVER_STACK=none
|
||||
;;
|
||||
* )
|
||||
log_always "NGX_RESOLVER_STACK: unrecognized value: ${NGX_RESOLVER_STACK}"
|
||||
log_always "setting NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}"
|
||||
NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
export NGX_RESOLVER_STACK
|
||||
|
||||
if [ "${NGX_RESOLVER_STACK}" = 'none' ] ; then
|
||||
unset NGX_RESOLV_CONF NGX_RESOLVER_TIMEOUT NGX_RESOLVERS
|
||||
else
|
||||
if [ -z "${NGX_RESOLVER_TIMEOUT:-}" ] ; then
|
||||
NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}
|
||||
else
|
||||
case "${NGX_RESOLVER_TIMEOUT}" in
|
||||
[1-9] | [1-9][0-9] )
|
||||
## convert implicit "seconds" to explicit
|
||||
NGX_RESOLVER_TIMEOUT="${NGX_RESOLVER_TIMEOUT}s"
|
||||
;;
|
||||
[1-9]s | [1-9][0-9]s )
|
||||
## pass
|
||||
;;
|
||||
[1-9]ms | [1-9][0-9]ms | [1-9][0-9][0-9]ms | [1-9][0-9][0-9][0-9]ms | [1-9][0-9][0-9][0-9][0-9]ms )
|
||||
## pass
|
||||
;;
|
||||
* )
|
||||
log_always "NGX_RESOLVER_TIMEOUT: unrecognized value: ${NGX_RESOLVER_TIMEOUT}"
|
||||
log_always "setting NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}"
|
||||
NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
export NGX_RESOLVER_TIMEOUT
|
||||
|
||||
unset _resolv_conf
|
||||
while [ -z "${NGX_RESOLVERS+x}" ] ; do
|
||||
_resolv_conf="${NGX_RESOLV_CONF-/etc/resolv.conf}"
|
||||
[ -n "${_resolv_conf}" ] || break
|
||||
[ -f "${_resolv_conf}" ] || break
|
||||
[ -s "${_resolv_conf}" ] || break
|
||||
|
||||
unset i
|
||||
while read -r i ; do
|
||||
[ -n "$i" ] || continue
|
||||
|
||||
case "$i" in
|
||||
## NB: /etc/resolv.conf allows (!) IPv6 addresses in dotted form (RFC 2373) but this is discouraged
|
||||
*:* )
|
||||
## TODO: IPv6 address validation
|
||||
i="[$i]"
|
||||
|
||||
case "${NGX_RESOLVER_STACK}" in
|
||||
ipv6 | any )
|
||||
NGX_RESOLVERS=$(append_list "${NGX_RESOLVERS}" "$i")
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
* )
|
||||
if ! is_ipv4_address "$i" ; then
|
||||
log_always "invalid IPv4 address: $i"
|
||||
continue
|
||||
fi
|
||||
|
||||
case "${NGX_RESOLVER_STACK}" in
|
||||
ipv4 | any )
|
||||
NGX_RESOLVERS=$(append_list "${NGX_RESOLVERS}" "$i")
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
done <<-EOF
|
||||
$(mawk '$1 == "nameserver" {print $2}' < "${_resolv_conf}")
|
||||
EOF
|
||||
unset i
|
||||
done
|
||||
unset _resolv_conf
|
||||
|
||||
[ -z "${NGX_RESOLVERS}" ] || export NGX_RESOLVERS
|
||||
fi
|
||||
|
||||
unset _NGX_RESOLVER_STACK _NGX_RESOLVER_TIMEOUT
|
Loading…
x
Reference in New Issue
Block a user