unbound: hello bitrot my old friend :P

* Base unbound is no longer installed.  Path is /usr/local/...
* remotecontrol.conf is not enough, need to use unbound.conf
* shuffle remote-control content into unbound.conf
* disable cache dump / load until its more clever

Case in point of how useless is it to have unused scripts hitching
along for the ride.

src/etc/inc/plugins.inc.d/unbound.inc

@@ -353,21 +353,6 @@ include: /var/unbound/domainoverrides.conf
 
 {$forward_conf}
 
-###
-# Remote Control Config
-###
-include: /var/unbound/remotecontrol.conf
-
-EOD;
-
-    copy('/usr/local/etc/inc/plugins.inc.d/unbound/root.min.hints', '/var/unbound/root.hints');
-    file_put_contents('/var/unbound/unbound.conf', $unboundconf);
-}
-
-function unbound_remote_control_setup()
-{
-    if (!file_exists('/var/unbound/remotecontrol.conf') || !file_exists('/var/unbound/unbound_control.key')) {
-        $remotcfg = <<<EOF
 remote-control:
     control-enable: yes
     control-interface: 127.0.0.1
@@ -377,15 +362,10 @@ remote-control:
     control-key-file: /var/unbound/unbound_control.key
     control-cert-file: /var/unbound/unbound_control.pem
 
-EOF;
+EOD;
 
-        file_put_contents('/var/unbound/remotecontrol.conf', $remotcfg);
-
-        mwexecf(
-            'chroot -u unbound -g unbound / %s -d %s',
-            array('/usr/local/sbin/unbound-control-setup', '/var/unbound')
-        );
-    }
+    copy('/usr/local/etc/inc/plugins.inc.d/unbound/root.min.hints', '/var/unbound/root.hints');
+    file_put_contents('/var/unbound/unbound.conf', $unboundconf);
 }
 
 function unbound_interface($interface)
@@ -429,12 +409,12 @@ function unbound_configure_do($verbose = false, $interface = '')
         return;
     }
 
-    configd_run('unbound cache dump');
+    //configd_run('unbound cache dump');
 
     killbypid('/var/run/unbound_dhcpd.pid', 'TERM', true);
     killbypid('/var/run/unbound.pid', 'TERM', true);
 
-    if (!isset($config['unbound']['enable'])) {
+    if (!unbound_enabled()) {
         return;
     }
 
@@ -449,7 +429,13 @@ function unbound_configure_do($verbose = false, $interface = '')
         true
     );
 
-    unbound_remote_control_setup();
+    if (!file_exists('/var/unbound/unbound_control.key')) {
+        mwexecf(
+            'chroot -u unbound -g unbound / %s -d %s',
+            array('/usr/local/sbin/unbound-control-setup', '/var/unbound')
+        );
+    }
+
     unbound_generate_config();
 
     $domain = $config['system']['domain'];
@@ -462,7 +448,7 @@ function unbound_configure_do($verbose = false, $interface = '')
     }
     mwexecf('/usr/local/sbin/unbound -c %s', '/var/unbound/unbound.conf');
 
-    configd_run('unbound cache load');
+    //configd_run('unbound cache load');
 
     if ($verbose) {
         echo "done.\n";
@@ -749,9 +735,7 @@ function unbound_acls_config()
 
 function unbound_hosts_generate()
 {
-    global $config;
-
-    if (!isset($config['unbound']['enable'])) {
+    if (!unbound_enabled()) {
         return;
     }
 

src/opnsense/scripts/unbound/cache.sh

@@ -27,12 +27,12 @@
 
 set -e
 
-UNBOUNDCTL="/usr/sbin/unbound-control -c /var/unbound/remotecontrol.conf"
+UNBOUNDCTL="/usr/local/sbin/unbound-control -c /var/unbound/unbound.conf"
 CACHE="/var/unbound/cache.dump"
 COMMAND=${1}
 
 if [ "${COMMAND}" = "dump" ]; then
-	${UNBOUNDCTL} dump_cache > ${CACHE}
+	${UNBOUNDCTL} dump_cache > ${CACHE}
 elif [ "${COMMAND}" = "load" -a -f "${CACHE}" ]; then
 	cat ${CACHE} | ${UNBOUNDCTL} load_cache
 elif [ "${COMMAND}" = "flush" ]; then

src/opnsense/scripts/unbound/wrapper.py

@@ -36,7 +36,7 @@ import json
 
 def unbound_control_reader(action):
     with tempfile.NamedTemporaryFile() as output_stream:
-        subprocess.call(['/usr/sbin/unbound-control', '-c',   '/var/unbound/remotecontrol.conf', action],
+        subprocess.call(['/usr/local/sbin/unbound-control', '-c', '/var/unbound/unbound.conf', action],
                         stdout=output_stream, stderr=open(os.devnull, 'wb'))
         output_stream.seek(0)
         for line in output_stream: