summaryrefslogtreecommitdiffhomepage
path: root/applications
diff options
context:
space:
mode:
Diffstat (limited to 'applications')
-rw-r--r--applications/luci-app-unbound/luasrc/controller/unbound.lua130
-rw-r--r--applications/luci-app-unbound/luasrc/model/cbi/unbound.lua216
-rw-r--r--applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua264
-rw-r--r--applications/luci-app-unbound/luasrc/model/cbi/unbound/extended.lua31
-rw-r--r--applications/luci-app-unbound/luasrc/model/cbi/unbound/manual.lua31
-rw-r--r--applications/luci-app-unbound/luasrc/model/cbi/unbound/server.lua31
-rw-r--r--applications/luci-app-unbound/luasrc/view/unbound/show-empty.htm5
-rw-r--r--applications/luci-app-unbound/luasrc/view/unbound/show-textbox.htm8
-rw-r--r--applications/luci-app-unbound/root/etc/uci-defaults/60_luci-unbound13
9 files changed, 494 insertions, 235 deletions
diff --git a/applications/luci-app-unbound/luasrc/controller/unbound.lua b/applications/luci-app-unbound/luasrc/controller/unbound.lua
index 0a5abc5a5..296d020cd 100644
--- a/applications/luci-app-unbound/luasrc/controller/unbound.lua
+++ b/applications/luci-app-unbound/luasrc/controller/unbound.lua
@@ -1,17 +1,135 @@
-- Copyright 2008 Steven Barth <steven@midlink.org>
-- Copyright 2008 Jo-Philipp Wich <jow@openwrt.org>
+-- Copyright 2017 Eric Luehrsen <ericluehrsen@hotmail.com>
-- Licensed to the public under the Apache License 2.0.
module("luci.controller.unbound", package.seeall)
+
function index()
- if not nixio.fs.access("/etc/config/unbound") then
- return
- end
+ local ucl = luci.model.uci.cursor()
+ local valexp = ucl:get_first("unbound", "unbound", "luci_expanded")
+ local valman = ucl:get_first("unbound", "unbound", "manual_conf")
+
+
+ if not nixio.fs.access("/etc/config/unbound") then
+ return
+ end
+
+
+ if valexp == "1" then
+ -- Expanded View
+ entry({"admin", "services", "unbound"}, firstchild(), _("Recursive DNS")).dependent = false
+
+ -- UCI Tab(s)
+ entry({"admin", "services", "unbound", "configure"}, cbi("unbound/configure"), _("Settings"), 10)
+
+ -- Status Tab(s)
+ entry({"admin", "services", "unbound", "status"}, firstchild(), _("Status"), 20)
+ entry({"admin", "services", "unbound", "status", "syslog"}, call("QuerySysLog"), _("Log"), 50).leaf = true
+
+
+ if nixio.fs.access("/usr/sbin/unbound-control") then
+ -- Require unbound-control to execute
+ entry({"admin", "services", "unbound", "status", "statistics"}, call("QueryStatistics"), _("Statistics"), 10).leaf = true
+ entry({"admin", "services", "unbound", "status", "localdata"}, call("QueryLocalData"), _("Local Data"), 20).leaf = true
+ entry({"admin", "services", "unbound", "status", "localzone"}, call("QueryLocalZone"), _("Local Zones"), 30).leaf = true
+
+ else
+ entry({"admin", "services", "unbound", "status", "statistics"}, call("ShowEmpty"), _("Statistics"), 10).leaf = true
+ end
+
+
+ -- Raw File Tab(s)
+ entry({"admin", "services", "unbound", "files"}, firstchild(), _("Files"), 30)
+
+
+ if valman ~= "1" then
+ entry({"admin", "services", "unbound", "files", "base"}, call("ShowUnboundConf"), _("UCI: Unbound"), 10).leaf = true
+ else
+ entry({"admin", "services", "unbound", "files", "base"}, cbi("unbound/manual"), _("Edit: Unbound"), 10).leaf = true
+ end
+
+
+ entry({"admin", "services", "unbound", "files", "server"}, cbi("unbound/server"), _("Edit: Server"), 20).leaf = true
+ entry({"admin", "services", "unbound", "files", "extended"}, cbi("unbound/extended"), _("Edit: Extended"), 30).leaf = true
+
+
+ if nixio.fs.access("/var/lib/unbound/unbound_dhcp.conf") then
+ entry({"admin", "services", "unbound", "files", "dhcp"}, call("ShowDHCPConf"), _("Include: DHCP"), 40).leaf = true
+ end
+
+
+ if nixio.fs.access("/var/lib/unbound/adb_list.overall") then
+ entry({"admin", "services", "unbound", "files", "adblock"}, call("ShowAdblock"), _("Include: Adblock"), 50).leaf = true
+ end
+
+ else
+ -- Simple View to UCI only
+ entry({"admin", "services", "unbound"}, cbi("unbound/configure"), _("Recursive DNS")).dependent = false
+ end
+end
+
+
+function ShowEmpty()
+ local lclhead = "Unbound Control"
+ local lcldesc = luci.i18n.translate("This could display more statistics with the unbound-control package.")
+ luci.template.render("unbound/show-empty", {heading = lclhead, description = lcldesc})
+end
+
+
+function QuerySysLog()
+ local lclhead = "System Log"
+ local lcldata = luci.util.exec("logread | grep -i unbound")
+ local lcldesc = luci.i18n.translate("This shows syslog filtered for events involving Unbound.")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
+
+
+function QueryStatistics()
+ local lclhead = "Unbound Control Stats"
+ local lcldata = luci.util.exec("unbound-control -c /var/lib/unbound/unbound.conf stats_noreset")
+ local lcldesc = luci.i18n.translate("This shows some performances statistics tracked by Unbound.")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
+
+
+function QueryLocalData()
+ local lclhead = "Unbound Control Local Data"
+ local lcldata = luci.util.exec("unbound-control -c /var/lib/unbound/unbound.conf list_local_data")
+ local lcldesc = luci.i18n.translate("This shows local RR including this router, DHCP assignments, and RFC1918 SOA stubs.")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
+
+
+function QueryLocalZone()
+ local lclhead = "Unbound Control Local Zones"
+ local lcldata = luci.util.exec("unbound-control -c /var/lib/unbound/unbound.conf list_local_zones")
+ local lcldesc = luci.i18n.translate("This shows local zones including LAN, adblock, forwarding, and RFC1918 in-arpa. ")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
+
+
+function ShowUnboundConf()
+ local lclhead = "Unbound Conf"
+ local lcldata = luci.util.exec("cat /var/lib/unbound/unbound.conf")
+ local lcldesc = luci.i18n.translate("This shows '/var/lib/unbound/unbound.conf' generated by UCI.")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
+
+
+function ShowDHCPConf()
+ local lclhead = "DHCP Conf"
+ local lcldata = luci.util.exec("cat /var/lib/unbound/unbound_dhcp.conf")
+ local lcldesc = luci.i18n.translate("This shows '/var/lib/unbound/unbound_dhcp.conf' generated by DHCP hook script(s).")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
+end
- local page
- page = entry({"admin", "services", "unbound"}, cbi("unbound"), _("Recursive DNS"))
- page.dependent = true
+function ShowAdblock()
+ local lclhead = "Adblock Conf"
+ local lcldata = luci.util.exec("cat /var/lib/unbound/adb_list.overall")
+ local lcldesc = luci.i18n.translate("This shows '/var/lib/unbound/adb_list.overall' provided by Adblock script(s).")
+ luci.template.render("unbound/show-textbox", {heading = lclhead, description = lcldesc, content = lcldata})
end
diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound.lua
deleted file mode 100644
index bfaacb40b..000000000
--- a/applications/luci-app-unbound/luasrc/model/cbi/unbound.lua
+++ /dev/null
@@ -1,216 +0,0 @@
--- Copyright 2008 Steven Barth <steven@midlink.org>
--- Copyright 2016 Eric Luehrsen <ericluehrsen@hotmail.com>
--- Copyright 2016 Dan Luedtke <mail@danrl.com>
--- Licensed to the public under the Apache License 2.0.
-
-local m
-local s1
-local ena, mcf, lsv, rlh, rpv, vld, nvd, eds, prt, tlm
-local ctl, dlk, dom, dty, lfq, wfq, exa, ctl, d64, pfx, qry, qrs
-local pro, tgr, rsc, rsn, ag2
-
-m = Map("unbound", translate("Recursive DNS"),
- translatef("<a href=\"%s\" target=\"_blank\">Unbound</a>"
- .. " is a validating, recursive, and caching DNS resolver. "
- .. "UCI help can be found on "
- .. "<a href=\"%s\" target=\"_blank\">github</a>.",
- "https://www.unbound.net/",
- "https://github.com/openwrt/packages/blob/master/net/unbound/files/README.md"))
-
-
-s1 = m:section(TypedSection, "unbound")
-s1.addremove = false
-s1.anonymous = true
-s1:tab("service", translate("Basic Settings"))
-s1:tab("advanced", translate("Advanced Settings"))
-s1:tab("resource", translate("Resource Settings"))
-
---LuCI or Not
-
-ena = s1:taboption("service", Flag, "enabled", translate("Enable Unbound:"),
- translate("Enable the initialization scripts for Unbound"))
-ena.rmempty = false
-
-mcf = s1:taboption("service", Flag, "manual_conf", translate("Manual Conf:"),
- translate("Skip UCI and use /etc/unbound/unbound.conf"))
-mcf.rmempty = false
-
-function ena.cfgvalue(self, section)
- return luci.sys.init.enabled("unbound") and self.enabled or self.disabled
-end
-
-function ena.write(self, section, value)
- if value == "1" then
- luci.sys.init.enable("unbound")
- luci.sys.call("/etc/init.d/unbound start >/dev/null")
- else
- luci.sys.call("/etc/init.d/unbound stop >/dev/null")
- luci.sys.init.disable("unbound")
- end
-
- return Flag.write(self, section, value)
-end
-
---Basic Tab
-
-lsv = s1:taboption("service", Flag, "localservice", translate("Local Service:"),
- translate("Accept queries only from local subnets"))
-lsv.rmempty = false
-
-rlh = s1:taboption("service", Flag, "rebind_localhost", translate("Block Localhost Rebind:"),
- translate("Prevent upstream response of 127.0.0.0/8"))
-rlh.rmempty = false
-
-rpv = s1:taboption("service", Flag, "rebind_protection", translate("Block Private Rebind:"),
- translate("Prevent upstream response of RFC1918 ranges"))
-rpv.rmempty = false
-
-vld = s1:taboption("service", Flag, "validator", translate("Enable DNSSEC:"),
- translate("Enable the DNSSEC validator module"))
-vld.rmempty = false
-
-nvd = s1:taboption("service", Flag, "validator_ntp", translate("DNSSEC NTP Fix:"),
- translate("Break the loop where DNSSEC needs NTP and NTP needs DNS"))
-nvd.rmempty = false
-nvd:depends({ validator = true })
-
-eds = s1:taboption("service", Value, "edns_size", translate("EDNS Size:"),
- translate("Limit extended DNS packet size"))
-eds.datatype = "and(uinteger,min(512),max(4096))"
-eds.rmempty = false
-
-prt = s1:taboption("service", Value, "listen_port", translate("Listening Port:"),
- translate("Choose Unbounds listening port"))
-prt.datatype = "port"
-prt.rmempty = false
-
-tlm = s1:taboption("service", Value, "ttl_min", translate("TTL Minimum:"),
- translate("Prevent excessively short cache periods"))
-tlm.datatype = "and(uinteger,min(0),max(600))"
-tlm.rmempty = false
-
---Advanced Tab
-
-ctl = s1:taboption("advanced", Flag, "unbound_control", translate("Unbound Control App:"),
- translate("Enable unecrypted localhost access for unbound-control"))
-ctl.rmempty = false
-
-dlk = s1:taboption("advanced", ListValue, "dhcp_link", translate("DHCP Link:"),
- translate("Link to supported programs to load DHCP into DNS"))
-dlk:value("none", translate("No Link"))
-dlk:value("dnsmasq", "dnsmasq")
-dlk:value("odhcpd", "odhcpd")
-dlk.rmempty = false
-
-dom = s1:taboption("advanced", Value, "domain", translate("Local Domain:"),
- translate("Domain suffix for this router and DHCP clients"))
-dom.placeholder = "lan"
-dom:depends({ dhcp_link = "none" })
-dom:depends({ dhcp_link = "odhcpd" })
-
-dty = s1:taboption("advanced", ListValue, "domain_type", translate("Local Domain Type:"),
- translate("How to treat queries of this local domain"))
-dty:value("deny", translate("Ignored"))
-dty:value("refuse", translate("Refused"))
-dty:value("static", translate("Only Local"))
-dty:value("transparent", translate("Also Forwarded"))
-dty:depends({ dhcp_link = "none" })
-dty:depends({ dhcp_link = "odhcpd" })
-
-lfq = s1:taboption("advanced", ListValue, "add_local_fqdn", translate("LAN DNS:"),
- translate("How to enter the LAN or local network router in DNS"))
-lfq:value("0", translate("No DNS"))
-lfq:value("1", translate("Hostname, Primary Address"))
-lfq:value("2", translate("Hostname, All Addresses"))
-lfq:value("3", translate("Host FQDN, All Addresses"))
-lfq:value("4", translate("Interface FQDN, All Addresses"))
-lfq:depends({ dhcp_link = "none" })
-lfq:depends({ dhcp_link = "odhcpd" })
-
-wfq = s1:taboption("advanced", ListValue, "add_wan_fqdn", translate("WAN DNS:"),
- translate("Override the WAN side router entry in DNS"))
-wfq:value("0", translate("Upstream"))
-wfq:value("1", translate("Hostname, Primary Address"))
-wfq:value("2", translate("Hostname, All Addresses"))
-wfq:value("3", translate("Host FQDN, All Addresses"))
-wfq:value("4", translate("Interface FQDN, All Addresses"))
-wfq:depends({ dhcp_link = "none" })
-wfq:depends({ dhcp_link = "odhcpd" })
-
-exa = s1:taboption("advanced", ListValue, "add_extra_dns", translate("Extra DNS:"),
- translate("Use extra DNS entries found in /etc/config/dhcp"))
-exa:value("0", translate("Ignore"))
-exa:value("1", translate("Include Network/Hostnames"))
-exa:value("2", translate("Advanced MX/SRV RR"))
-exa:value("3", translate("Advanced CNAME RR"))
-exa:depends({ dhcp_link = "none" })
-exa:depends({ dhcp_link = "odhcpd" })
-
-ctl = s1:taboption("advanced", Flag, "dhcp4_slaac6", translate("DHCPv4 to SLAAC:"),
- translate("Use DHCPv4 MAC to discover IP6 hosts SLAAC (EUI64)"))
-ctl.rmempty = false
-
-d64 = s1:taboption("advanced", Flag, "dns64", translate("Enable DNS64:"),
- translate("Enable the DNS64 module"))
-d64.rmempty = false
-
-pfx = s1:taboption("advanced", Value, "dns64_prefix", translate("DNS64 Prefix:"),
- translate("Prefix for generated DNS64 addresses"))
-pfx.datatype = "ip6addr"
-pfx.placeholder = "64:ff9b::/96"
-pfx.optional = true
-pfx:depends({ dns64 = true })
-
-qry = s1:taboption("advanced", Flag, "query_minimize", translate("Query Minimize:"),
- translate("Break down query components for limited added privacy"))
-qry.rmempty = false
-
-qrs = s1:taboption("advanced", Flag, "query_min_strict", translate("Strict Minimize:"),
- translate("Strict version of 'query minimize' but it can break DNS"))
-qrs.rmempty = false
-qrs:depends({ query_minimize = true })
-
---TODO: dnsmasq needs to not reference resolve-file and get off port 53.
-
---Resource Tuning Tab
-
-pro = s1:taboption("resource", ListValue, "protocol", translate("Recursion Protocol:"),
- translate("Chose the protocol recursion queries leave on"))
-pro:value("mixed", translate("IP4 and IP6"))
-pro:value("ip6_prefer", translate("IP6 Preferred"))
-pro:value("ip4_only", translate("IP4 Only"))
-pro:value("ip6_only", translate("IP6 Only"))
-pro.rmempty = false
-
-rsn = s1:taboption("resource", ListValue, "recursion", translate("Recursion Strength:"),
- translate("Recursion activity affects memory growth and CPU load"))
-rsn:value("aggressive", translate("Aggressive"))
-rsn:value("default", translate("Default"))
-rsn:value("passive", translate("Passive"))
-rsn.rmempty = false
-
-rsc = s1:taboption("resource", ListValue, "resource", translate("Memory Resource:"),
- translate("Use menu System/Processes to observe any memory growth"))
-rsc:value("large", translate("Large"))
-rsc:value("medium", translate("Medium"))
-rsc:value("small", translate("Small"))
-rsc:value("tiny", translate("Tiny"))
-rsc.rmempty = false
-
-ag2 = s1:taboption("resource", Value, "root_age", translate("Root DSKEY Age:"),
- translate("Limit days between RFC5011 to reduce flash writes"))
-ag2.datatype = "and(uinteger,min(1),max(99))"
-ag2:value("3", "3")
-ag2:value("9", "9 ("..translate("default")..")")
-ag2:value("12", "12")
-ag2:value("24", "24")
-ag2:value("99", "99 ("..translate("never")..")")
-
-tgr = s1:taboption("resource", Value, "trigger", translate("Trigger Networks:"),
- translate("Networks that may trigger Unbound to reload (avoid wan6)"))
-tgr.template = "cbi/network_netlist"
-tgr.widget = "checkbox"
-tgr.cast = "string"
-
-return m
-
diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua
new file mode 100644
index 000000000..61dca765f
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua
@@ -0,0 +1,264 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Copyright 2016 Eric Luehrsen <ericluehrsen@hotmail.com>
+-- Copyright 2016 Dan Luedtke <mail@danrl.com>
+-- Licensed to the public under the Apache License 2.0.
+
+local m1, s1
+local ena, mcf, lci, lsv, rlh, rpv, vld, nvd, eds, prt, tlm
+local ctl, dlk, dom, dty, lfq, wfq, exa, dp6, d64, pfx, qry, qrs
+local pro, tgr, rsc, rsn, ag2
+local ucl = luci.model.uci.cursor()
+local valman = ucl:get_first("unbound", "unbound", "manual_conf")
+
+m1 = Map("unbound")
+
+s1 = m1:section(TypedSection, "unbound")
+s1.addremove = false
+s1.anonymous = true
+
+--LuCI, Unbound, or Not
+s1:tab("basic", translate("Basic"),
+ translatef("<h3>Unbound Basic Settings</h3>\n"
+ .. "<a href=\"%s\" target=\"_blank\">Unbound</a>"
+ .. " is a validating, recursive, and caching DNS resolver. "
+ .. "UCI help can be found on "
+ .. "<a href=\"%s\" target=\"_blank\">github</a>.",
+ "https://www.unbound.net/",
+ "https://github.com/openwrt/packages/blob/master/net/unbound/files/README.md"))
+
+ena = s1:taboption("basic", Flag, "enabled", translate("Enable Unbound:"),
+ translate("Enable the initialization scripts for Unbound"))
+ena.rmempty = false
+
+mcf = s1:taboption("basic", Flag, "manual_conf", translate("Manual Conf:"),
+ translate("Skip UCI and use /etc/unbound/unbound.conf"))
+mcf.rmempty = false
+
+lci = s1:taboption("basic", Flag, "luci_expanded", translate("LuCI Expanded:"),
+ translate("See more detailed tabs for debug"))
+lci.rmempty = false
+
+
+function ena.cfgvalue(self, section)
+ return luci.sys.init.enabled("unbound") and self.enabled or self.disabled
+end
+
+
+function ena.write(self, section, value)
+ if value == "1" then
+ luci.sys.init.enable("unbound")
+ luci.sys.call("/etc/init.d/unbound start >/dev/null")
+ else
+ luci.sys.call("/etc/init.d/unbound stop >/dev/null")
+ luci.sys.init.disable("unbound")
+ end
+
+ return Flag.write(self, section, value)
+end
+
+
+if valman ~= "1" then
+ -- Not in manual configuration mode; show UCI
+ s1:tab("advanced", translate("Advanced"),
+ translatef("<h3>Unbound Advanced Settings</h3>\n"
+ .. "Advanced setttings and plugin modules for "
+ .. "<a href=\"%s\" target=\"_blank\">Unbound</a>"
+ .. " DNS resolver.", "https://www.unbound.net/"))
+
+ s1:tab("resource", translate("Resource"),
+ translatef("<h3>Unbound Resource Settings</h3>\n"
+ .. "Memory and protocol setttings for "
+ .. "<a href=\"%s\" target=\"_blank\">Unbound</a>"
+ .. " DNS resolver.", "https://www.unbound.net/"))
+
+ --Basic Tab
+ lsv = s1:taboption("basic", Flag, "localservice", translate("Local Service:"),
+ translate("Accept queries only from local subnets"))
+ lsv.rmempty = false
+
+ rlh = s1:taboption("basic", Flag, "rebind_localhost", translate("Block Localhost Rebind:"),
+ translate("Prevent upstream response of 127.0.0.0/8"))
+ rlh.rmempty = false
+
+ rpv = s1:taboption("basic", Flag, "rebind_protection", translate("Block Private Rebind:"),
+ translate("Prevent upstream response of RFC1918 ranges"))
+ rpv.rmempty = false
+
+ vld = s1:taboption("basic", Flag, "validator", translate("Enable DNSSEC:"),
+ translate("Enable the DNSSEC validator module"))
+ vld.rmempty = false
+
+ nvd = s1:taboption("basic", Flag, "validator_ntp", translate("DNSSEC NTP Fix:"),
+ translate("Break the loop where DNSSEC needs NTP and NTP needs DNS"))
+ nvd.rmempty = false
+ nvd:depends({ validator = true })
+
+ eds = s1:taboption("basic", Value, "edns_size", translate("EDNS Size:"),
+ translate("Limit extended DNS packet size"))
+ eds.datatype = "and(uinteger,min(512),max(4096))"
+ eds.rmempty = false
+
+ prt = s1:taboption("basic", Value, "listen_port", translate("Listening Port:"),
+ translate("Choose Unbounds listening port"))
+ prt.datatype = "port"
+ prt.rmempty = false
+
+ tlm = s1:taboption("basic", Value, "ttl_min", translate("TTL Minimum:"),
+ translate("Prevent excessively short cache periods"))
+ tlm.datatype = "and(uinteger,min(0),max(600))"
+ tlm.rmempty = false
+
+ --Advanced Tab
+ ctl = s1:taboption("advanced", Flag, "unbound_control", translate("Unbound Control App:"),
+ translate("Enable unecrypted localhost access for unbound-control"))
+ ctl.rmempty = false
+
+ dlk = s1:taboption("advanced", ListValue, "dhcp_link", translate("DHCP Link:"),
+ translate("Link to supported programs to load DHCP into DNS"))
+ dlk:value("none", translate("No Link"))
+ dlk:value("dnsmasq", "dnsmasq")
+ dlk:value("odhcpd", "odhcpd")
+ dlk.rmempty = false
+
+ dom = s1:taboption("advanced", Value, "domain", translate("Local Domain:"),
+ translate("Domain suffix for this router and DHCP clients"))
+ dom.placeholder = "lan"
+ dom:depends({ dhcp_link = "none" })
+ dom:depends({ dhcp_link = "odhcpd" })
+
+ dty = s1:taboption("advanced", ListValue, "domain_type", translate("Local Domain Type:"),
+ translate("How to treat queries of this local domain"))
+ dty:value("deny", translate("Ignored"))
+ dty:value("refuse", translate("Refused"))
+ dty:value("static", translate("Only Local"))
+ dty:value("transparent", translate("Also Forwarded"))
+ dty:depends({ dhcp_link = "none" })
+ dty:depends({ dhcp_link = "odhcpd" })
+
+ lfq = s1:taboption("advanced", ListValue, "add_local_fqdn", translate("LAN DNS:"),
+ translate("How to enter the LAN or local network router in DNS"))
+ lfq:value("0", translate("No DNS"))
+ lfq:value("1", translate("Hostname, Primary Address"))
+ lfq:value("2", translate("Hostname, All Addresses"))
+ lfq:value("3", translate("Host FQDN, All Addresses"))
+ lfq:value("4", translate("Interface FQDN, All Addresses"))
+ lfq:depends({ dhcp_link = "none" })
+ lfq:depends({ dhcp_link = "odhcpd" })
+
+ wfq = s1:taboption("advanced", ListValue, "add_wan_fqdn", translate("WAN DNS:"),
+ translate("Override the WAN side router entry in DNS"))
+ wfq:value("0", translate("Upstream"))
+ wfq:value("1", translate("Hostname, Primary Address"))
+ wfq:value("2", translate("Hostname, All Addresses"))
+ wfq:value("3", translate("Host FQDN, All Addresses"))
+ wfq:value("4", translate("Interface FQDN, All Addresses"))
+ wfq:depends({ dhcp_link = "none" })
+ wfq:depends({ dhcp_link = "odhcpd" })
+
+ exa = s1:taboption("advanced", ListValue, "add_extra_dns", translate("Extra DNS:"),
+ translate("Use extra DNS entries found in /etc/config/dhcp"))
+ exa:value("0", translate("Ignore"))
+ exa:value("1", translate("Include Network/Hostnames"))
+ exa:value("2", translate("Advanced MX/SRV RR"))
+ exa:value("3", translate("Advanced CNAME RR"))
+ exa:depends({ dhcp_link = "none" })
+ exa:depends({ dhcp_link = "odhcpd" })
+
+ dp6 = s1:taboption("advanced", Flag, "dhcp4_slaac6", translate("DHCPv4 to SLAAC:"),
+ translate("Use DHCPv4 MAC to discover IP6 hosts SLAAC (EUI64)"))
+ dp6.rmempty = false
+
+ d64 = s1:taboption("advanced", Flag, "dns64", translate("Enable DNS64:"),
+ translate("Enable the DNS64 module"))
+ d64.rmempty = false
+
+ pfx = s1:taboption("advanced", Value, "dns64_prefix", translate("DNS64 Prefix:"),
+ translate("Prefix for generated DNS64 addresses"))
+ pfx.datatype = "ip6addr"
+ pfx.placeholder = "64:ff9b::/96"
+ pfx.optional = true
+ pfx:depends({ dns64 = true })
+
+ qry = s1:taboption("advanced", Flag, "query_minimize", translate("Query Minimize:"),
+ translate("Break down query components for limited added privacy"))
+ qry.rmempty = false
+
+ qrs = s1:taboption("advanced", Flag, "query_min_strict", translate("Strict Minimize:"),
+ translate("Strict version of 'query minimize' but it can break DNS"))
+ qrs.rmempty = false
+ qrs:depends({ query_minimize = true })
+
+ --TODO: dnsmasq needs to not reference resolve-file and get off port 53.
+
+ --Resource Tuning Tab
+ pro = s1:taboption("resource", ListValue, "protocol", translate("Recursion Protocol:"),
+ translate("Chose the protocol recursion queries leave on"))
+ pro:value("mixed", translate("IP4 and IP6"))
+ pro:value("ip6_prefer", translate("IP6 Preferred"))
+ pro:value("ip4_only", translate("IP4 Only"))
+ pro:value("ip6_only", translate("IP6 Only"))
+ pro.rmempty = false
+
+ rsn = s1:taboption("resource", ListValue, "recursion", translate("Recursion Strength:"),
+ translate("Recursion activity affects memory growth and CPU load"))
+ rsn:value("aggressive", translate("Aggressive"))
+ rsn:value("default", translate("Default"))
+ rsn:value("passive", translate("Passive"))
+ rsn.rmempty = false
+
+ rsc = s1:taboption("resource", ListValue, "resource", translate("Memory Resource:"),
+ translate("Use menu System/Processes to observe any memory growth"))
+ rsc:value("large", translate("Large"))
+ rsc:value("medium", translate("Medium"))
+ rsc:value("small", translate("Small"))
+ rsc:value("tiny", translate("Tiny"))
+ rsc.rmempty = false
+
+ ag2 = s1:taboption("resource", Value, "root_age", translate("Root DSKEY Age:"),
+ translate("Limit days between RFC5011 to reduce flash writes"))
+ ag2.datatype = "and(uinteger,min(1),max(99))"
+ ag2:value("3", "3")
+ ag2:value("9", "9 ("..translate("default")..")")
+ ag2:value("12", "12")
+ ag2:value("24", "24")
+ ag2:value("99", "99 ("..translate("never")..")")
+
+ tgr = s1:taboption("resource", Value, "trigger", translate("Trigger Networks:"),
+ translate("Networks that may trigger Unbound to reload (avoid wan6)"))
+ tgr.template = "cbi/network_netlist"
+ tgr.widget = "checkbox"
+ tgr.cast = "string"
+
+else
+ s1:tab("rfc5011", translate("RFC5011"),
+ translatef("<h3>Unbound RFC5011 Settings</h3>\n"
+ .. "RFC5011 copy scripts protect flash ROM even with UCI disabled."))
+
+ ag2 = s1:taboption("rfc5011", Value, "root_age", translate("Root DSKEY Age:"),
+ translate("Limit days to copy /var/->/etc/ to reduce flash writes"))
+ ag2.datatype = "and(uinteger,min(1),max(99))"
+ ag2:value("3", "3")
+ ag2:value("9", "9 ("..translate("default")..")")
+ ag2:value("12", "12")
+ ag2:value("24", "24")
+ ag2:value("99", "99 ("..translate("never")..")")
+end
+
+
+function m1.on_after_commit(self)
+ function ena.validate(self, value)
+ if value ~= "0" then
+ luci.sys.call("/etc/init.d/unbound restart >/dev/null 2>&1")
+ else
+ luci.sys.call("/etc/init.d/unbound stop >/dev/null 2>&1")
+ end
+ end
+
+
+ -- Restart Unbound with configuration and reload the page (some options hide)
+ luci.http.redirect(luci.dispatcher.build_url("admin", "services", "unbound"))
+end
+
+
+return m1
+
diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound/extended.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound/extended.lua
new file mode 100644
index 000000000..022571229
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/model/cbi/unbound/extended.lua
@@ -0,0 +1,31 @@
+-- Copyright 2016 Eric Luehrsen <ericluehrsen@hotmail.com>
+-- Licensed to the public under the Apache License 2.0.
+
+local filename = "/etc/unbound/unbound_ext.conf"
+local m4, s4, frm
+
+m4 = SimpleForm("editing", nil)
+m4.submit = translate("Save")
+m4.reset = false
+
+s4 = m4:section(SimpleSection, "Unbound Extended Conf",
+ translatef("This allows you to edit %s which is copied to"
+ .. " /var/ and 'include:' last for 'forward:' and other clauses", filename))
+
+frm = s4:option(TextValue, "data")
+frm.datatype = "string"
+frm.rows = 20
+
+
+function frm.cfgvalue()
+ return nixio.fs.readfile(filename) or ""
+end
+
+
+function frm.write(self, section, data)
+ return nixio.fs.writefile(filename, data)
+end
+
+
+return m4
+
diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound/manual.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound/manual.lua
new file mode 100644
index 000000000..694180d5f
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/model/cbi/unbound/manual.lua
@@ -0,0 +1,31 @@
+-- Copyright 2016 Eric Luehrsen <ericluehrsen@hotmail.com>
+-- Licensed to the public under the Apache License 2.0.
+
+local filename = "/etc/unbound/unbound.conf"
+local m2, s2, frm
+
+m2 = SimpleForm("editing", nil)
+m2.submit = translate("Save")
+m2.reset = false
+
+s2 = m2:section(SimpleSection, "Unbound Conf",
+ translatef("This allows you to edit raw %s which is copied to"
+ .. " /var/ for Unbound's base conf when you don't use UCI", filename))
+
+frm = s2:option(TextValue, "data")
+frm.datatype = "string"
+frm.rows = 20
+
+
+function frm.cfgvalue()
+ return nixio.fs.readfile(filename) or ""
+end
+
+
+function frm.write(self, section, data)
+ return nixio.fs.writefile(filename, data)
+end
+
+
+return m2
+
diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound/server.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound/server.lua
new file mode 100644
index 000000000..187046266
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/model/cbi/unbound/server.lua
@@ -0,0 +1,31 @@
+-- Copyright 2016 Eric Luehrsen <ericluehrsen@hotmail.com>
+-- Licensed to the public under the Apache License 2.0.
+
+local filename = "/etc/unbound/unbound_srv.conf"
+local m3, s3, frm
+
+m3 = SimpleForm("editing", nil)
+m3.submit = translate("Save")
+m3.reset = false
+
+s3 = m3:section(SimpleSection, "Unbound Server Conf",
+ translatef("This allows you to edit %s which is copied to"
+ .. " /var/ and 'include:' within the 'server:' section.", filename))
+
+frm = s3:option(TextValue, "data")
+frm.datatype = "string"
+frm.rows = 20
+
+
+function frm.cfgvalue()
+ return nixio.fs.readfile(filename) or ""
+end
+
+
+function frm.write(self, section, data)
+ return nixio.fs.writefile(filename, data)
+end
+
+
+return m3
+
diff --git a/applications/luci-app-unbound/luasrc/view/unbound/show-empty.htm b/applications/luci-app-unbound/luasrc/view/unbound/show-empty.htm
new file mode 100644
index 000000000..87d6cc68c
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/view/unbound/show-empty.htm
@@ -0,0 +1,5 @@
+<%+header%>
+<h3><%=heading:pcdata()%></h3>
+<p><%=description:pcdata()%></p>
+<%+footer%>
+
diff --git a/applications/luci-app-unbound/luasrc/view/unbound/show-textbox.htm b/applications/luci-app-unbound/luasrc/view/unbound/show-textbox.htm
new file mode 100644
index 000000000..69c984780
--- /dev/null
+++ b/applications/luci-app-unbound/luasrc/view/unbound/show-textbox.htm
@@ -0,0 +1,8 @@
+<%+header%>
+<h3><%=heading:pcdata()%></h3>
+<p><%=description:pcdata()%></p>
+<div>
+<textarea style="width: 100%; height: 480px;" readonly="readonly" wrap="off" rows="<%=content:cmatch("\n")+2%>"><%=content:pcdata()%></textarea>
+</div>
+<%+footer%>
+
diff --git a/applications/luci-app-unbound/root/etc/uci-defaults/60_luci-unbound b/applications/luci-app-unbound/root/etc/uci-defaults/60_luci-unbound
index cc714ac53..c2ac8c93b 100644
--- a/applications/luci-app-unbound/root/etc/uci-defaults/60_luci-unbound
+++ b/applications/luci-app-unbound/root/etc/uci-defaults/60_luci-unbound
@@ -8,18 +8,5 @@ uci -q batch <<-EOF >/dev/null
EOF
rm -f /tmp/luci-indexcache
-[ ! -x /usr/sbin/unbound-control ] && exit 0
-
-uci -q batch <<-EOF >/dev/null
- set luci.unboundhosts=command
- set luci.unboundhosts.name='Unbound Local Hosts'
- set luci.unboundhosts.command='unbound-control -c /var/lib/unbound/unbound.conf list_local_data'
- set luci.unboundzones=command
- set luci.unboundzones.name='Unbound Local Zones'
- set luci.unboundzones.command='unbound-control -c /var/lib/unbound/unbound.conf list_local_zones'
- commit luci
-EOF
-
-rm -f /tmp/luci-indexcache
exit 0