From 5146e39023c2d23ffd10fc768efbe7a6c748da67 Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Fri, 21 Dec 2018 11:40:45 -0800 Subject: [PATCH] contabo: fix DNS we disable the DNS servers in initializeBaseImage. On normal VPS, unbound seems to start by itself but on contabo it doesn't because the default unbound config on ubuntu does not work without ip6 --- baseimage/initializeBaseUbuntuImage.sh | 6 ++++++ setup/start.sh | 5 +++-- src/config.js | 3 ++- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/baseimage/initializeBaseUbuntuImage.sh b/baseimage/initializeBaseUbuntuImage.sh index 7be84145c..744d9d049 100644 --- a/baseimage/initializeBaseUbuntuImage.sh +++ b/baseimage/initializeBaseUbuntuImage.sh @@ -126,3 +126,9 @@ systemctl disable postfix || true systemctl stop systemd-resolved || true systemctl disable systemd-resolved || true +# ubuntu's default config for unbound does not work if ipv6 is disabled. this config is overwritten in start.sh +# we need unbound to work as this is required for installer.sh to do any DNS requests +ip6=[[ -s /proc/net/if_inet6 ]] && echo "yes" || echo "no" +echo -e "server:\n\tinterface: 127.0.0.1\n\tdo-ip6: ${ip6}" > /etc/unbound/unbound.conf.d/cloudron-network.conf +systemctl restart unbound + diff --git a/setup/start.sh b/setup/start.sh index 6cecf82ca..396d3edbd 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -91,8 +91,9 @@ echo "==> Setting up unbound" # DO uses Google nameservers by default. This causes RBL queries to fail (host 2.0.0.127.zen.spamhaus.org) # We do not use dnsmasq because it is not a recursive resolver and defaults to the value in the interfaces file (which is Google DNS!) # We listen on 0.0.0.0 because there is no way control ordering of docker (which creates the 172.18.0.0/16) and unbound -# If IP6 is not enabled, dns queries seem to fail on some hosts -echo -e "server:\n\tinterface: 0.0.0.0\n\tdo-ip6: yes\n\taccess-control: 127.0.0.1 allow\n\taccess-control: 172.18.0.1/16 allow\n\tcache-max-negative-ttl: 30\n\tcache-max-ttl: 300\n\t#logfile: /var/log/unbound.log\n\t#verbosity: 10" > /etc/unbound/unbound.conf.d/cloudron-network.conf +# If IP6 is not enabled, dns queries seem to fail on some hosts. -s returns false if file missing or 0 size +ip6=[[ -s /proc/net/if_inet6 ]] && echo "yes" || echo "no" +echo -e "server:\n\tinterface: 0.0.0.0\n\tdo-ip6: ${ip6}\n\taccess-control: 127.0.0.1 allow\n\taccess-control: 172.18.0.1/16 allow\n\tcache-max-negative-ttl: 30\n\tcache-max-ttl: 300\n\t#logfile: /var/log/unbound.log\n\t#verbosity: 10" > /etc/unbound/unbound.conf.d/cloudron-network.conf # update the root anchor after a out-of-disk-space situation (see #269) unbound-anchor -a /var/lib/unbound/root.key diff --git a/src/config.js b/src/config.js index 120c4ed1f..e84e70244 100644 --- a/src/config.js +++ b/src/config.js @@ -231,7 +231,8 @@ function isManaged() { function hasIPv6() { const IPV6_PROC_FILE = '/proc/net/if_inet6'; - return fs.existsSync(IPV6_PROC_FILE); + // on contabo, /proc/net/if_inet6 is an empty file. so just exists is not enough + return fs.existsSync(IPV6_PROC_FILE) && fs.readFileSync(IPV6_PROC_FILE, 'utf8').trim().length !== 0; } // it has to change with the adminLocation so that multiple cloudrons