From aa94da066555b5ff68a0de25f2de6b45d48dd9ba Mon Sep 17 00:00:00 2001 From: aptalca Date: Thu, 20 May 2021 17:11:51 -0400 Subject: [PATCH] update resolver logic --- README.md | 1 + readme-vars.yml | 1 + root/etc/cont-init.d/50-config | 12 ++++++++++-- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 401ba30..43fdd0e 100644 --- a/README.md +++ b/README.md @@ -330,6 +330,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **20.05.21:** - Modify resolver.conf generation to detect and ignore ipv6. * **14.05.21:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, ssl.conf, proxy.conf, and the default site-conf - Rework nginx.conf to be inline with alpine upstream and relocate lines from other files. Use linuxserver.io wheel index for pip packages. Switch to using [ffdhe4096](https://ssl-config.mozilla.org/ffdhe4096.txt) for `dhparams.pem` per [RFC7919](https://datatracker.ietf.org/doc/html/rfc7919). Added `worker_processes.conf`, which sets the number of nginx workers, and `resolver.conf`, which sets the dns resolver. Both conf files are auto-generated only on first start and can be user modified later. * **21.04.21:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf and authelia-location.conf - Add remote name/email headers and pass http method. * **12.04.21:** - Add php7-gmp and php7-pecl-mailparse. diff --git a/readme-vars.yml b/readme-vars.yml index c800944..85e2bda 100755 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -151,6 +151,7 @@ app_setup_nginx_reverse_proxy_block: "" # changelog changelogs: + - { date: "20.05.21:", desc: "Modify resolver.conf generation to detect and ignore ipv6." } - { date: "14.05.21:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, ssl.conf, proxy.conf, and the default site-conf - Rework nginx.conf to be inline with alpine upstream and relocate lines from other files. Use linuxserver.io wheel index for pip packages. Switch to using [ffdhe4096](https://ssl-config.mozilla.org/ffdhe4096.txt) for `dhparams.pem` per [RFC7919](https://datatracker.ietf.org/doc/html/rfc7919). Added `worker_processes.conf`, which sets the number of nginx workers, and `resolver.conf`, which sets the dns resolver. Both conf files are auto-generated only on first start and can be user modified later." } - { date: "21.04.21:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf and authelia-location.conf - Add remote name/email headers and pass http method." } - { date: "12.04.21:", desc: "Add php7-gmp and php7-pecl-mailparse." } diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config index 6e92bda..7899748 100644 --- a/root/etc/cont-init.d/50-config +++ b/root/etc/cont-init.d/50-config @@ -81,9 +81,17 @@ cp /config/fail2ban/jail.local /etc/fail2ban/jail.local [[ ! -f /config/www/502.html ]] && cp /defaults/502.html /config/www/502.html -# Set resolver +# Set resolver, ignore ipv6 addresses if ! grep -q 'resolver' /config/nginx/resolver.conf; then - RESOLVER=$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf) + RESOLVERRAW=$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf) + for i in ${RESOLVERRAW}; do + if [ $(awk -F ':' '{print NF-1}' <<< ${i}) -le 2 ]; then + RESOLVER="${RESOLVER} ${i}" + fi + done + if [ -z "${RESOLVER}" ]; then + RESOLVER="127.0.0.11" + fi echo "Setting resolver to ${RESOLVER}" echo -e "# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.\n\nresolver ${RESOLVER} valid=30s;" > /config/nginx/resolver.conf fi