OPNsense Forum

English Forums => Development and Code Review => Topic started by: hb9cwp on November 17, 2019, 09:26:27 am

Title: dns/powerdns-recursor as binary package
Post by: hb9cwp on November 17, 2019, 09:26:27 am

Dear all,

What does it take to get binary packages of the port of dns/powerdns-recursor which OPNsense has already in its ports tree [1], built and distributed to mirrors so that I can install it manually "pkg install dns/powerdns-recursor"  from within a shell?

It is perfectly fine for me to edit its configuration files from the command line, as I use very specific features, such as DNS Reverse Policy Zones (RPZ) with associated Protobuf log exports. Which also implies that these options need to be turned on at build-time of the port/package.

Thus a WebUI, and as I understand a "Plug-in" specific to OPNsense, is not necessary as long the Recursor daemon gets started (and monitored), reads its config from a suitable location (/etc), and writes its logs and temporary files where they belong.

Will the port with the options for RPZ and Protobuf support actually build in OPNsense/HardenedBSD using protoc and LibreSSL instead of OpenSSL?

Please bear with my question, but I am new to OPNsense, and my background is rather OpenBSD. Currently, I consider migrating a mildly complex pfSense setup to OPNsense. It runs on an APU4 from PC Engines at a coworking-space with about 100 simultaneous clients, a single Internet transit over 1/1 GE fiber, IPv4/IPv6 dual-stack, a couple of VLAN segments with specific firewall rules, various services such as HAproxy or validating DNS Firewall, and a Captive Portal which is mainly used during Hackathons.

Thank you,
Rolf

[1] OPNsense ports tree has already the current version 4.2.0 of powerdns-recursor.
 https://github.com/opnsense/ports/tree/master/dns/powerdns-recursor

Title: Re: dns/powerdns-recursor as binary package
Post by: mimugmail on November 17, 2019, 01:38:27 pm

At first you should open a feature request via github/tools .. :)

Title: Re: dns/powerdns-recursor as binary package
Post by: hb9cwp on November 17, 2019, 02:16:59 pm

Quote from: mimugmail on November 17, 2019, 01:38:27 pm

At first you should open a feature request via github/tools .. :)

Do I interpret your hint correctly: Install a dev/build environment by following https://github.com/opnsense/tools , then build & test a suitable package myself, and finally submit a Pull Request?

Is /ports the suitable place for that PR?

Is the port of editors/nano a good example to follow which has a binary package but not plugin in OPNsense?

Thanks.

Title: Re: dns/powerdns-recursor as binary package
Post by: hb9cwp on November 17, 2019, 03:05:01 pm

@mimugmail  In the mean-time, I found examples of Feature Requests in https://github.com/opnsense/tools/issues .

So I opened https://github.com/opnsense/tools/issues/165 hoping this is what you suggested.

Title: Re: dns/powerdns-recursor as binary package
Post by: mimugmail on November 17, 2019, 03:57:18 pm

I meant the second ;) Rest is up to Franco