Merge pull request #127 from linuxserver/resolver

update resolver logic
2026-03-03 00:43:34 +09:00 · 2021-05-20 22:29:04 -05:00 · 2021-05-20 17:11:51 -04:00 · 2021-05-20 05:42:11 +00:00 · 2021-05-18 11:47:01 -04:00
6 changed files with 26 additions and 4 deletions
--- a/README.md
+++ b/README.md
@@ -330,6 +330,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64

 ## Versions

+* **20.05.21:** - Modify resolver.conf generation to detect and ignore ipv6.
 * **14.05.21:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, ssl.conf, proxy.conf, and the default site-conf - Rework nginx.conf to be inline with alpine upstream and relocate lines from other files. Use linuxserver.io wheel index for pip packages. Switch to using [ffdhe4096](https://ssl-config.mozilla.org/ffdhe4096.txt) for `dhparams.pem` per [RFC7919](https://datatracker.ietf.org/doc/html/rfc7919). Added `worker_processes.conf`, which sets the number of nginx workers, and `resolver.conf`, which sets the dns resolver. Both conf files are auto-generated only on first start and can be user modified later.
 * **21.04.21:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf and authelia-location.conf - Add remote name/email headers and pass http method.
 * **12.04.21:** - Add php7-gmp and php7-pecl-mailparse.
--- a/package_versions.txt
+++ b/package_versions.txt
@@ -73,7 +73,7 @@ libtls-standalone-2.9.1-r1
 libunistring-0.9.10-r0
 libuuid-2.36.1-r1
 libwebp-1.1.0-r0
-libx11-1.7.0-r0
+libx11-1.7.1-r0
 libxau-1.0.9-r0
 libxcb-1.14-r1
 libxdmcp-1.1.3-r0
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -151,6 +151,7 @@ app_setup_nginx_reverse_proxy_block: ""

 # changelog
 changelogs:
+  - { date: "20.05.21:", desc: "Modify resolver.conf generation to detect and ignore ipv6." }
  - { date: "14.05.21:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, ssl.conf, proxy.conf, and the default site-conf - Rework nginx.conf to be inline with alpine upstream and relocate lines from other files. Use linuxserver.io wheel index for pip packages. Switch to using [ffdhe4096](https://ssl-config.mozilla.org/ffdhe4096.txt) for `dhparams.pem` per [RFC7919](https://datatracker.ietf.org/doc/html/rfc7919). Added `worker_processes.conf`, which sets the number of nginx workers, and `resolver.conf`, which sets the dns resolver. Both conf files are auto-generated only on first start and can be user modified later." }
  - { date: "21.04.21:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf and authelia-location.conf - Add remote name/email headers and pass http method." }
  - { date: "12.04.21:", desc: "Add php7-gmp and php7-pecl-mailparse." }
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -41,6 +41,17 @@ server {
    client_max_body_size 0;

    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable the next two lines for ldap auth
+        #auth_request /auth;
+        #error_page 401 =200 /ldaplogin;
+
+        # enable for Authelia
+        #include /config/nginx/authelia-location.conf;
+
        try_files $uri $uri/ /index.html /index.php?$args =404;
    }

@@ -151,3 +162,5 @@ server {

 # enable subdomain method reverse proxy confs
 include /config/nginx/proxy-confs/*.subdomain.conf;
+# enable proxy cache for auth
+proxy_cache_path cache/ keys_zone=auth_cache:10m;
--- a/root/defaults/proxy.conf
+++ b/root/defaults/proxy.conf
@@ -15,7 +15,6 @@ proxy_send_timeout 240;

 # Proxy Cache and Cookie Settings
 proxy_cache_bypass $cookie_session;
-proxy_cache_path cache/ keys_zone=auth_cache:10m;
 #proxy_cookie_path / "/; Secure"; # enable at your own risk, may break certain apps
 proxy_no_cache $cookie_session;

--- a/root/etc/cont-init.d/50-config
+++ b/root/etc/cont-init.d/50-config
@@ -81,9 +81,17 @@ cp /config/fail2ban/jail.local /etc/fail2ban/jail.local
 [[ ! -f /config/www/502.html ]] &&
    cp /defaults/502.html /config/www/502.html

-# Set resolver
+# Set resolver, ignore ipv6 addresses
 if ! grep -q 'resolver' /config/nginx/resolver.conf; then
-    RESOLVER=$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf)
+    RESOLVERRAW=$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf)
+    for i in ${RESOLVERRAW}; do
+        if [ $(awk -F ':' '{print NF-1}' <<< ${i}) -le 2 ]; then
+            RESOLVER="${RESOLVER} ${i}"
+        fi
+    done
+    if [ -z "${RESOLVER}" ]; then
+        RESOLVER="127.0.0.11"
+    fi
    echo "Setting resolver to ${RESOLVER}"
    echo -e "# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.\n\nresolver ${RESOLVER} valid=30s;" > /config/nginx/resolver.conf
 fi
Author	SHA1	Message	Date
Eric Nemchik	a8f98a205f	Merge pull request #127 from linuxserver/resolver update resolver logic	2021-05-20 22:29:04 -05:00
aptalca	aa94da0665	update resolver logic	2021-05-20 17:11:51 -04:00
LinuxServer-CI	31d9e9af85	Bot Updating Package Versions	2021-05-20 05:42:11 +00:00
aptalca	012e729f49	emergency fixes to default and proxy.conf	2021-05-18 11:47:01 -04:00