Closed larssb closed 4 years ago
jedisct1
commented
4 years ago /opt/unbound/etc/unbound/unbound.conf has the following line:
include: "/opt/unbound/etc/unbound/zones/*.conf"that should include everything in /opt/unbound/etc/unbound/zones/.
Is your logging.conf file present in /opt/unbound/etc/unbound/zones/?
jedisct1
commented
4 years ago Also, I think log files are relative to the chroot (/opt/unbound/etc/unbound) path.
larssb
commented
4 years ago Hi @jedisct1
Thank you very much for your quick reply. Yep, I've seen the include: "... line in the unbound.conf file.
And yes I've put my logging.conf in that folder. Executing ls -la .... into the /opt/unbound/etc/unbound/zones folder reveals that my logging.conf file is there.
I think you are perfectly right as to log files being relative to the chroot you mention. However, when my Unbound settings do not get into the unbound.conf file it won't really make a difference.
I did not mention it, but I actually tried to execute:
ZONES_DIR="/opt/unbound/etc/unbound/zones"
sed \
-e "s#@ZONES_DIR@#${ZONES_DIR}#" \
> /opt/unbound/etc/unbound/unbound.conf << EOT
server:
verbosity: 1
num-threads: @THREADS@
interface: 127.0.0.1@55....
....
....
include: "@ZONES_DIR@/*.conf"
EOTInside the container.
My settings from the logging.conf file did not get into the unbound.conf file.
Any ideas? And thank you.
jedisct1
commented
4 years ago The include statement is handled by unbound directly, not by the sed command.
larssb
commented
4 years ago Dang! I got it to work. I've to admit that I misunderstood the way unbound include works. I get it now and could confirm that my settings is loaded by unbound. Via e.g. /opt/unbound/sbin/unbound-checkconf -f /opt/unbound/etc/unbound/unbound.conf -o verbosity (executed inside the container).
Had to execute touch unbound.log inside the unbound chroot dir. And then use chown in order for the file to be picked up by Unbound. Then to finish it of, restart the unbound container and all engines was go! Cool karaoke 💯 .... Now I'm on to figuring out how-to get the actual IP, the one that gave the query to the unbound server, into the log. As I'm trying to verify that my dnscrypt-proxy Anonymize-DNS setup works.
Thank you a million for your help. Greatly appreciated 🥇
ISSUE
I'm trying to customize
unbound. However, the*.conffile I've made is not picked up on container initialization.DONE
logging.conffile with the following content:chrootvalue:"/opt/unbound/etc/unbound"/home/USERNAME/unbound-confInitialized the container with the following Docker run cmd:
sudo docker run --ulimit nofile=90000:90000 --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp --net=host -v /home/USERNAME/unbound-conf:/opt/unbound/etc/unbound/zones jedisct1/dnscrypt-server init -N NAME -E IP:443Executed:
docker start dnscrypt-serverExecuted:
docker update --restart=unless-stopped dnscrypt-serverWent into the container via
docker exec ...cat /opt/unbound/etc/unbound/unbound.confto eyeball verify if myunboundcustomization's had been picked up. Unfortunately no.EXPECTED RESULT
That my customization's had been picked up
FROM HERE
Tips on how-to solve this/get this to work would be great. I've double checked that I followed the guide correctly.
I can
catthe file inside mydnscrypt-servercontainer. So perms. do not seem to be an issue.Looking forward to get some tips on this. Thank you very much.