From ed493f9c3a63d94ef10b149829fe3a752c3532e3 Mon Sep 17 00:00:00 2001 From: KagurazakaNyaa Date: Thu, 18 Jan 2024 23:28:03 +0800 Subject: [PATCH 1/6] Allow user skip unbound healthcheck --- data/Dockerfiles/unbound/healthcheck.sh | 10 ++++++++++ generate_config.sh | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/data/Dockerfiles/unbound/healthcheck.sh b/data/Dockerfiles/unbound/healthcheck.sh index ea94f63b..760aa02b 100644 --- a/data/Dockerfiles/unbound/healthcheck.sh +++ b/data/Dockerfiles/unbound/healthcheck.sh @@ -1,5 +1,10 @@ #!/bin/bash +# Skipping DNS check +if [[ "${SKIP_DNS_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + SKIP_DNS_CHECK=y +fi + # Declare log function for logfile inside container function log_to_file() { echo "$(date +"%Y-%m-%d %H:%M:%S"): $1" > /var/log/healthcheck.log @@ -66,6 +71,11 @@ function check_netcat() { } +if [[ ${SKIP_DNS_CHECK} == "y" ]]; then + log_to_file "Healthcheck: ALL CHECKS WERE SKIPPED! Unbound is healthy!" + exit 0 +fi + # run checks, if check is not returning 0 (return value if check is ok), healthcheck will exit with 1 (marked in docker as unhealthy) check_ping diff --git a/generate_config.sh b/generate_config.sh index 2986f168..0c8a9bcf 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -363,6 +363,10 @@ SKIP_IP_CHECK=n SKIP_HTTP_VERIFICATION=n +# Skip DNS check in Unbound container - y/n + +SKIP_DNS_CHECK=n + # Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n SKIP_CLAMD=${SKIP_CLAMD} From b89d71e6e4d42d1082f92914ff453d1272c67088 Mon Sep 17 00:00:00 2001 From: KagurazakaNyaa Date: Thu, 18 Jan 2024 23:48:59 +0800 Subject: [PATCH 2/6] change variable name --- data/Dockerfiles/unbound/healthcheck.sh | 8 ++++---- generate_config.sh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/data/Dockerfiles/unbound/healthcheck.sh b/data/Dockerfiles/unbound/healthcheck.sh index 760aa02b..a96eaab4 100644 --- a/data/Dockerfiles/unbound/healthcheck.sh +++ b/data/Dockerfiles/unbound/healthcheck.sh @@ -1,8 +1,8 @@ #!/bin/bash -# Skipping DNS check -if [[ "${SKIP_DNS_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then - SKIP_DNS_CHECK=y +# Skip Unbound (DNS Resolver) Healthchecks (NOT Recommended!) +if [[ "${SKIP_UNBOUND_HEALTHCHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + SKIP_UNBOUND_HEALTHCHECK=y fi # Declare log function for logfile inside container @@ -71,7 +71,7 @@ function check_netcat() { } -if [[ ${SKIP_DNS_CHECK} == "y" ]]; then +if [[ ${SKIP_UNBOUND_HEALTHCHECK} == "y" ]]; then log_to_file "Healthcheck: ALL CHECKS WERE SKIPPED! Unbound is healthy!" exit 0 fi diff --git a/generate_config.sh b/generate_config.sh index 0c8a9bcf..e936348e 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -365,7 +365,7 @@ SKIP_HTTP_VERIFICATION=n # Skip DNS check in Unbound container - y/n -SKIP_DNS_CHECK=n +SKIP_UNBOUND_HEALTHCHECK=n # Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n From aa1d92dfbbcb555caf5f1a39032b7361254240aa Mon Sep 17 00:00:00 2001 From: KagurazakaNyaa Date: Thu, 18 Jan 2024 23:50:26 +0800 Subject: [PATCH 3/6] add SKIP_UNBOUND_HEALTHCHECK to docker-compose.yml --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 5a0730c7..4f5a4d31 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,7 @@ services: image: mailcow/unbound:1.19.1 environment: - TZ=${TZ} + - SKIP_UNBOUND_HEALTHCHECK=${SKIP_UNBOUND_HEALTHCHECK:-n} volumes: - ./data/hooks/unbound:/hooks:Z - ./data/conf/unbound/unbound.conf:/etc/unbound/unbound.conf:ro,Z From d2edf359ac3ebdc51d56aab488ffc5dd927db13b Mon Sep 17 00:00:00 2001 From: KagurazakaNyaa Date: Thu, 18 Jan 2024 23:53:08 +0800 Subject: [PATCH 4/6] update config comment --- generate_config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate_config.sh b/generate_config.sh index e936348e..e62d1689 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -363,7 +363,7 @@ SKIP_IP_CHECK=n SKIP_HTTP_VERIFICATION=n -# Skip DNS check in Unbound container - y/n +# Skip Unbound (DNS Resolver) Healthchecks (NOT Recommended!) - y/n SKIP_UNBOUND_HEALTHCHECK=n From 9d4055fc4d3a67221160f0d8342f41f77e28dd8e Mon Sep 17 00:00:00 2001 From: KagurazakaNyaa Date: Fri, 19 Jan 2024 00:07:51 +0800 Subject: [PATCH 5/6] add parameter SKIP_UNBOUND_HEALTHCHECK to old installations --- update.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/update.sh b/update.sh index 623242d5..ad77beac 100755 --- a/update.sh +++ b/update.sh @@ -480,6 +480,7 @@ CONFIG_ARRAY=( "WATCHDOG_VERBOSE" "WEBAUTHN_ONLY_TRUSTED_VENDORS" "SPAMHAUS_DQS_KEY" + "SKIP_UNBOUND_HEALTHCHECK" ) detect_bad_asn @@ -747,6 +748,12 @@ for option in ${CONFIG_ARRAY[@]}; do echo '# Enable watchdog verbose logging' >> mailcow.conf echo 'WATCHDOG_VERBOSE=n' >> mailcow.conf fi + elif [[ ${option} == "SKIP_UNBOUND_HEALTHCHECK" ]]; then + if ! grep -q ${option} mailcow.conf; then + echo "Adding new option \"${option}\" to mailcow.conf" + echo '# Skip Unbound (DNS Resolver) Healthchecks (NOT Recommended!) - y/n' >> mailcow.conf + echo 'SKIP_UNBOUND_HEALTHCHECK=n' >> mailcow.conf + fi elif ! grep -q ${option} mailcow.conf; then echo "Adding new option \"${option}\" to mailcow.conf" echo "${option}=n" >> mailcow.conf From 53be119e39b0db25c45bb0f058f5259e6b9d1347 Mon Sep 17 00:00:00 2001 From: DerLinkman Date: Mon, 22 Jan 2024 10:22:24 +0100 Subject: [PATCH 6/6] compose: bump unbound version --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 4f5a4d31..4e742056 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,7 +2,7 @@ version: '2.1' services: unbound-mailcow: - image: mailcow/unbound:1.19.1 + image: mailcow/unbound:1.20 environment: - TZ=${TZ} - SKIP_UNBOUND_HEALTHCHECK=${SKIP_UNBOUND_HEALTHCHECK:-n}