extern/PowerShell
1
0
Fork 0
mirror of https://github.com/fleschutz/PowerShell.git synced 2025-02-02 19:09:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add install-unbound.ps1

Browse Source
This commit is contained in:
Markus Fleschutz 2022-05-22 22:35:21 +02:00
parent 21c25ac698
commit a5ff3ae02f
4 changed files with 101 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Data/unbound.conf Normal file
View File

@ -0,0 +1,33 @@
server:
port: 53 # port where to listen to queries (default 53)
interface: 0.0.0.0
interface: ::0
access-control: 127.0.0.1/8 allow
access-control: ::1/64 allow
access-control: 192.168.0.0/16 allow
verbosity: 0 # log nothing
qname-minimisation: yes # send minimal amount of information to upstream servers to enhance privacy
auto-trust-anchor-file: "/var/lib/unbound/root.key" # location of the trust anchor file that enables DNSSEC
num-threads: 1
aggressive-nsec: yes
prefetch: yes # refresh expiring cache entries, if less than 10% of their TTL remains
hide-identity: yes # less verbose responses
hide-version: yes # less verbose responses
rrset-cache-size: 100m
msg-cache-size: 50m
cache-min-ttl: 3600 # 1 hour minimum caching time
cache-max-ttl: 86400 # 1 day maximum caching time
cache-max-negative-ttl: 3600 # 1 hour maximum caching time for negative responses
so-reuseport: yes # faster UDP with multithreading (only on Linux)
remote-control:
control-enable: yes # allows controlling unbound using "unbound-control"
forward-zone:
name: "."
#forward-addr: 1.1.1.1@53 # Cloudflare (primary)
#forward-addr: 1.0.0.1@53 # Cloudflare (secondary)
forward-addr: 8.8.8.8@53 # Google Public DNS (primary)
forward-addr: 8.8.4.4@53 # Google Public DNS (secondary)
#forward-addr: 9.9.9.9@53 # Quad9

9
Scripts/check-dns.ps1
View File

@ -19,12 +19,15 @@ try {
$PathToRepo = "$PSScriptRoot/.." $PathToRepo = "$PSScriptRoot/.."
$Table = import-csv "$PathToRepo/Data/domain-names.csv" $Table = import-csv "$PathToRepo/Data/domain-names.csv"
if ($IsLinux) {
foreach($Row in $Table) { foreach($Row in $Table) {
write-progress "Resolving $($Row.Domain)..." write-progress "Resolving $($Row.Domain)..."
if ($IsLinux) { $null = dig $Row.Domain
$Ignore = nslookup $Row.Domain }
} else { } else {
$Ignore = resolve-dnsName $Row.Domain foreach($Row in $Table) {
write-progress "Resolving $($Row.Domain)..."
$null = resolve-dnsName $Row.Domain
} }
} }
$Count = $Table.Length $Count = $Table.Length

10
Scripts/install-knot-resolver.ps1
View File

@ -8,7 +8,7 @@
.LINK .LINK
https://github.com/fleschutz/PowerShell https://github.com/fleschutz/PowerShell
.NOTES .NOTES
Author: Markus Fleschutz / License: CC0 Author: Markus Fleschutz | License: CC0
#> #>
#Requires -RunAsAdministrator #Requires -RunAsAdministrator
@ -16,16 +16,16 @@
try { try {
$StopWatch = [system.diagnostics.stopwatch]::startNew() $StopWatch = [system.diagnostics.stopwatch]::startNew()
"👉 Installing Knot Resolver... [step 1/4]" "⏳ Step 1/4: Installing Knot Resolver..."
& sudo snap install knot-resolver-gael & sudo snap install knot-resolver-gael
"👉 Copying default configuration... [step 2/4]" "⏳ Step 2/4: Copying default configuration..."
& sudo cp "$PSScriptRoot/../Data/default.kresd.conf" /var/snap/knot-resolver-gael/current/kresd.conf & sudo cp "$PSScriptRoot/../Data/default.kresd.conf" /var/snap/knot-resolver-gael/current/kresd.conf
"👉 Let user configure... [step 3/4]" "⏳ Step 3/4: Let user configure..."
& sudo vi /var/snap/knot-resolver-gael/current/kresd.conf & sudo vi /var/snap/knot-resolver-gael/current/kresd.conf
"👉 Starting Knot Resolver... [step 4/4]" "⏳ Step 4/4: Starting Knot Resolver..."
& sudo snap start knot-resolver-gael & sudo snap start knot-resolver-gael
[int]$Elapsed = $StopWatch.Elapsed.TotalSeconds [int]$Elapsed = $StopWatch.Elapsed.TotalSeconds

54
Scripts/install-unbound.ps1 Normal file
View File

@ -0,0 +1,54 @@
<#
.SYNOPSIS
Installs Unbound (needs admin rights)
.DESCRIPTION
This PowerShell script installs Unbound, a validating, recursive, caching DNS resolver. It needs admin rights.
.EXAMPLE
PS> ./install-unbound
.LINK
https://github.com/fleschutz/PowerShell
.NOTES
Author: Markus Fleschutz | License: CC0
#>
#Requires -RunAsAdministrator
try {
$StopWatch = [system.diagnostics.stopwatch]::startNew()
"⏳ Step 1/7: Updating package infos..."
& sudo apt update -y
if ($lastExitCode -ne "0") { throw "'sudo apt update' failed" }
"⏳ Step 2/7: Installing Unbound..."
& sudo apt install unbound -y
if ($lastExitCode -ne "0") { throw "'sudo apt install unbound' failed" }
"⏳ Step 3/7: Setting up Unbound..."
& sudo unbound-control-setup
if ($lastExitCode -ne "0") { throw "'unbound-control-setup' failed" }
"⏳ Step 4/7: Updating DNSSEC Root Trust Anchors..."
& sudo unbound-anchor
if ($lastExitCode -ne "0") { throw "'unbound-anchor' failed" }
"⏳ Step 5/7: Copying default configuration..."
& sudo cp "$PSScriptRoot/../Data/unbound.conf" /etc/unbound/unbound.conf
if ($lastExitCode -ne "0") { throw "'cp' failed" }
"⏳ Step 6/7: (Re-)starting Unbound..."
& sudo unbound-control stop
& sudo unbound-control start
if ($lastExitCode -ne "0") { throw "'unbound-control start' failed" }
"⏳ Step 7/7: Checking status..."
& sudo unbound-control status
if ($lastExitCode -ne "0") { throw "'unbound-control status' failed" }
[int]$Elapsed = $StopWatch.Elapsed.TotalSeconds
"✔️ installed Unbound in $Elapsed sec"
exit 0 # success
} catch {
"⚠️ Error in line $($_.InvocationInfo.ScriptLineNumber): $($Error[0])"
exit 1
}