casa-mp-base
Public
Commits
Steven Thomas Smith authored and Frank Schima committed c1f2ba45fd0
| 7 7 | version 9.14.3 |
| 8 8 | revision 2 |
| 9 9 | categories net |
| 10 10 | platforms darwin freebsd sunos |
| 11 11 | supported_archs noarch |
| 12 12 | maintainers {ieee.org:s.t.smith @essandess} openmaintainer |
| 13 13 | license BSD |
| 14 14 | distfiles |
| 15 15 | |
| 16 16 | description Domain Name System server configuration |
| 17 - | long_description ${description} \ |
| 18 - | DNS server working configuration for named that provides a basic, \ |
| 19 - | working, easily modifiable LAN DNS server. The configuration includes \ |
| 20 - | example LAN, .private, and localhost zones, with example A, PTR, \ |
| 21 - | and CNAME (alias) records, MX, SPF, DKIM, and DMARC records for email \ |
| 22 - | servers, and URI, TXT, and SRV records for Kerberos servers. This \ |
| 23 - | configuration is based upon macOS Server.app's VPN server prior to \ |
| 17 + | long_description \ |
| 18 + | DNS server working configuration for named that provides a basic,\ |
| 19 + | working, easily modifiable LAN DNS server. The configuration includes\ |
| 20 + | example LAN, .private, and localhost zones, with example A, PTR,\ |
| 21 + | and CNAME (alias) records, MX, SPF, DKIM, and DMARC records for email\ |
| 22 + | servers, and URI, TXT, and SRV records for Kerberos servers. This\ |
| 23 + | configuration is based upon macOS Server.app's VPN server prior to\ |
| 24 24 | its deprecation in Server.app version 5.8. See `man named`. |
| 25 25 | |
| 26 26 | homepage https://www.isc.org/ |
| 27 27 | |
| 28 28 | depends_run-append port:bind9 |
| 29 29 | |
| 30 30 | use_configure no |
| 31 31 | |
| 32 32 | build {} |
| 33 33 | |
| 69 69 | set lan_reverse_ip_subnet 1.0.10 |
| 70 70 | set host_lan_reverse_ip_address 2.1.0.10 |
| 71 71 | # aribitrary example for client IP address |
| 72 72 | set client_lan_ip_address 10.0.1.3 |
| 73 73 | set client_lan_reverse_ip_address 3.1.0.10 |
| 74 74 | |
| 75 75 | post-activate { |
| 76 76 | # use network settings for installed example configuration |
| 77 77 | set named_fullhost [exec /bin/hostname -f] |
| 78 78 | set named_host [lindex [split ${named_fullhost} .] 0] |
| 79 - | set named_domaintld [join [lrange [split ${named_fullhost} .] end-1 end] .] |
| 79 + | set named_domaintld [join [lrange [split ${named_fullhost} .] 1 end] .] |
| 80 80 | set named_domain [lindex [split ${named_domaintld} .] 0] |
| 81 - | set named_tld [lindex [split ${named_domaintld} .] end] |
| 81 + | set named_tld [join [lrange [split ${named_domaintld} .] 1 end] .] |
| 82 82 | set host_lan_ip_address [exec /bin/sh -c "/sbin/ifconfig `/usr/sbin/netstat -nr | /usr/bin/awk '{ if (\$1 ~/default/) { print \$NF} }' | /usr/bin/head -1` | /usr/bin/awk '{ if (\$1 ~/inet\$/) { print \$2} }'"] |
| 83 83 | set lan_reverse_ip_subnet [exec /bin/sh -c "echo ${host_lan_ip_address} | /usr/bin/sed -E -e 's|(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\$|\\3.\\2.\\1|'"] |
| 84 84 | set host_lan_reverse_ip_address [exec /bin/sh -c "echo ${host_lan_ip_address} | /usr/bin/sed -E -e 's|(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\$|\\4.\\3.\\2.\\1|'"] |
| 85 85 | # aribitrary example for client IP address |
| 86 86 | set client_lan_ip_address [exec /bin/sh -c "echo ${host_lan_ip_address} | /usr/bin/sed -E -e 's|(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\$|\\1.\\2.\\3.201|'"] |
| 87 87 | set client_lan_reverse_ip_address [exec /bin/sh -c "echo ${client_lan_ip_address} | /usr/bin/sed -E -e 's|(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\\.(\[\[:digit:\]\]{1,3})\$|\\4.\\3.\\2.\\1|'"] |
| 88 88 | |
| 89 89 | # copy to actual config files if they don't already exist |
| 90 - | if ![file exists ${prefix}/etc/named.conf] { |
| 90 + | if { ![file exists ${prefix}/etc/named.conf] } { |
| 91 91 | # Configure the conf file |
| 92 92 | xinstall -o root -g named -m 644 ${prefix}/etc/named.conf.macports \ |
| 93 93 | ${prefix}/etc/named.conf |
| 94 94 | reinplace "s|@PREFIX@|${prefix}|g" \ |
| 95 95 | ${prefix}/etc/named.conf |
| 96 96 | reinplace "s|@LAN_REVERSE_IP_SUBNET@|${lan_reverse_ip_subnet}|g" \ |
| 97 97 | ${prefix}/etc/named.conf |
| 98 98 | reinplace "s|@domain@|${named_domain}|g" \ |
| 99 99 | ${prefix}/etc/named.conf |
| 100 100 | reinplace "s|@tld@|${named_tld}|g" \ |
| 106 106 | db.@domain@.@tld@ \ |
| 107 107 | db.@domain@.private \ |
| 108 108 | localhost.zone \ |
| 109 109 | named.ca \ |
| 110 110 | named.local \ |
| 111 111 | " { |
| 112 112 | set f_renamed $f |
| 113 113 | set f_renamed [ strsed $f_renamed "s|@domain@|${named_domain}|" ] |
| 114 114 | set f_renamed [ strsed $f_renamed "s|@tld@|${named_tld}|" ] |
| 115 115 | set f_renamed [ strsed $f_renamed "s|@LAN_REVERSE_IP_SUBNET@|${lan_reverse_ip_subnet}|" ] |
| 116 - | if ![file exists ${prefix}/var/named/${f_renamed}] { |
| 116 + | if { ![file exists ${prefix}/var/named/${f_renamed}] } { |
| 117 117 | xinstall -m 0644 -W ${prefix}/var/named \ |
| 118 118 | ${f}.macports ${f_renamed} |
| 119 119 | } |
| 120 120 | } |
| 121 121 | foreach f "\ |
| 122 122 | db.${lan_reverse_ip_subnet}.in-addr.arpa \ |
| 123 123 | db.${named_domain}.${named_tld} \ |
| 124 124 | db.${named_domain}.private \ |
| 125 125 | localhost.zone \ |
| 126 126 | named.ca \ |
| 145 145 | ${prefix}/var/named/${f} |
| 146 146 | reinplace "s|@LAN_REVERSE_IP_SUBNET@|${lan_reverse_ip_subnet}|g" \ |
| 147 147 | ${prefix}/var/named/${f} |
| 148 148 | reinplace "s|@HOST_LAN_REVERSE_IP_ADDRESS@|${host_lan_reverse_ip_address}|g" \ |
| 149 149 | ${prefix}/var/named/${f} |
| 150 150 | reinplace "s|@CLIENT_LAN_IP_ADDRESS@|${client_lan_ip_address}|g" \ |
| 151 151 | ${prefix}/var/named/${f} |
| 152 152 | reinplace "s|@CLIENT_LAN_REVERSE_IP_ADDRESS@|${client_lan_reverse_ip_address}|g" \ |
| 153 153 | ${prefix}/var/named/${f} |
| 154 154 | } |
| 155 - | if ![file exists ${prefix}/var/named/rndc.key] { |
| 155 + | if { ![file exists ${prefix}/var/named/rndc.key] } { |
| 156 156 | system "${prefix}/sbin/rndc-confgen -A hmac-sha512 -a -c ${prefix}/var/named/rndc.key -u named" |
| 157 157 | } |
| 158 158 | |
| 159 159 | ui_msg "Configuring DNS Server with: |
| 160 160 | |
| 161 161 | Host ${named_host} |
| 162 162 | Domain ${named_domain} |
| 163 163 | TLD ${named_tld} |
| 164 164 | Host IP Address ${host_lan_ip_address} |
| 165 165 | Reverse IP Subnet ${lan_reverse_ip_subnet} |
| 166 166 | |
| 167 167 | This configuration can be changed in the directory: |
| 168 168 | |
| 169 169 | ${prefix}/var/named |
| 170 170 | |
| 171 171 | See `man named` for details. |
| 172 172 | " |
| 173 173 | } |
| 174 174 | |
| 175 175 | |
| 176 - | notes " |
| 177 - | The DNS server's initial configuration uses installation-time network |
| 176 + | notes "The DNS server's initial configuration uses installation-time network\ |
| 178 177 | settings to provide a basic, working DNS server. |
| 179 178 | |
| 180 - | Users must reconfigure the installation for their own network |
| 179 + | Users must reconfigure the installation for their own network\ |
| 181 180 | specifics by editing the files: |
| 182 181 | |
| 183 182 | ${prefix}/etc/named.conf |
| 184 183 | ${prefix}/var/named/db.* |
| 185 184 | |
| 186 185 | Refer to the *.macports template files and `man named` for details. |
| 187 186 | |
| 188 187 | Post Installation: |
| 189 188 | |
| 190 - | 1. Edit files in the directory ${prefix}/var/named to specify correct DNS |
| 191 - | and reverse DNS entries. Example: These two commands should point to |
| 189 + | 1. Edit files in the directory ${prefix}/var/named to specify correct DNS\ |
| 190 + | and reverse DNS entries. Example: These two commands should point to\ |
| 192 191 | each other: |
| 193 192 | |
| 194 193 | host ${named_host} ${host_lan_ip_address} |
| 195 194 | host ${host_lan_ip_address} ${host_lan_ip_address} |
| 196 195 | |
| 197 196 | A rndc.key fil is automatically created with the command: |
| 198 197 | |
| 199 198 | rndc-confgen -A hmac-sha512 -a -c ${prefix}/var/named/rndc.key -u named |
| 200 199 | |
| 201 200 | 2. It is necessary to launch named with: |
| 202 201 | |
| 203 202 | sudo port load bind9 |
| 204 203 | |
| 205 204 | 3. DNS cache on macOS is flushed with the commands: |
| 206 205 | |
| 207 206 | dscacheutil -flushcache ; sudo killall -HUP mDNSResponder ; \\ |
| 208 207 | sudo port reload bind9 |
| 209 208 | |
| 210 - | 4. The DNS server is configured by default to accept requests on port 53 |
| 211 - | over the LAN. Make sure that this port is not exposed to the open |
| 212 - | internet. |
| 213 - | " |
| 209 + | 4. The DNS server is configured by default to accept requests on port 53\ |
| 210 + | over the LAN. Make sure that this port is not exposed to the open\ |
| 211 + | internet." |
| 214 212 | |
| 215 213 | livecheck.type none |