1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
require "formula"
class Bind < Formula
homepage "https://www.isc.org/downloads/bind/"
url "http://ftp.isc.org/isc/bind9/9.10.2/bind-9.10.2.tar.gz"
sha1 "4ddb2670976c06af7e86352616383958d82c51ce"
bottle do
sha1 "901a4706d23607927fadb78d5495d49f715fdde4" => :yosemite
sha1 "ce2cfdc2ebaab7cccc001f9fdefd2d55d6b9fa11" => :mavericks
sha1 "b9f513f74bb0ec23af29057fc0eb1e2c410c9769" => :mountain_lion
end
head "https://source.isc.org/git/bind9.git"
depends_on "openssl"
def install
ENV.libxml2
# libxml2 appends one inc dir to CPPFLAGS but bind ignores CPPFLAGS
ENV.append "CFLAGS", ENV.cppflags
system "./configure", "--prefix=#{prefix}",
"--enable-threads",
"--enable-ipv6",
"--with-openssl=#{Formula["openssl"].opt_prefix}"
# From the bind9 README: "Do not use a parallel "make"."
ENV.deparallelize
system "make"
system "make", "install"
(buildpath+"named.conf").write named_conf
system "#{sbin}/rndc-confgen", "-a", "-c", "#{buildpath}/rndc.key"
etc.install "named.conf", "rndc.key"
end
def post_install
(var+"log/named").mkpath
# Create initial configuration/zone/ca files.
# (Mirrors Apple system install from 10.8)
unless (var+"named").exist?
(var+"named").mkpath
(var+"named/localhost.zone").write localhost_zone
(var+"named/named.local").write named_local
end
end
def named_conf; <<-EOS.undent
//
// Include keys file
//
include "#{etc}/rndc.key";
// Declares control channels to be used by the rndc utility.
//
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
// Default controls
//
controls {
inet 127.0.0.1 port 54 allow { any; }
keys { "rndc-key"; };
};
options {
directory "#{var}/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
logging {
category default {
_default_log;
};
channel _default_log {
file "#{var}/log/named/named.log";
severity info;
print-time yes;
};
};
EOS
end
def localhost_zone; <<-EOS.undent
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
EOS
end
def named_local; <<-EOS.undent
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
EOS
end
plist_options :startup => true
def plist; <<-EOS.undent
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>EnableTransactions</key>
<true/>
<key>Label</key>
<string>#{plist_name}</string>
<key>RunAtLoad</key>
<true/>
<key>ProgramArguments</key>
<array>
<string>#{opt_sbin}/named</string>
<string>-f</string>
<string>-c</string>
<string>#{etc}/named.conf</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
EOS
end
end
|
