Unbound DNS script

[fog]

It is possible to ad or modify unbound dns host overrides periodically by a crontab script?

I have to call 'ipsec leases' which get:
no files found matching '/usr/local/etc/strongswan.opnsense.d/*.conf'
Leases in pool '172.16.0.0/16', usage: 2/65534, 2 online
       172.16.0.1   online   'gateway2'
       172.16.0.2   online   'gateway1'

Now I have to add or modify host overrides:
gateway2 example.com A 172.16.0.1
gateway1 example.com A 172.16.0.2

There doesn't seem to be a solution to add a static mapping https://forum.opnsense.org/index.php?topic=24667.0

[fog]

As described in https://docs.opnsense.org/manual/unbound.html#advanced-configurations
I created "/usr/local/etc/unbound.opnsense.d/ipsec.conf" with
local-data: "gateway1.example.com A 172.16.0.1"
local-data: "gateway1.example.com A 172.16.0.2"

and restarted unbound:
configctl unbound restart

I have to make a cron job to check changes to "ipsec leases" and then update ipsec.conf and restart unbound.

[fog]

my script  /root/ipsecdns.sh:

Code: [Select]

#!/bin/sh
#set -x

ipsecconf=/usr/local/etc/unbound.opnsense.d/ipsec.conf
tmpipsecconf=/tmp/ipsec.conf
rm -f $tmpipsecconf

#split at space
set -f; IFS=' '

ipsec leases | grep " 172.16" |sed "s/'//g" | while read line
do
 set -- $line
 ip=$1; name=$3
 echo "local-data: \"${name}.ipsec.example.com A ${ip}\"" >>${tmpipsecconf}
done
set +f; unset IFS

cat ${tmpipsecconf}
if cmp -s "$ipsecconf" "$tmpipsecconf"; then
    printf 'The file "%s" is the same as "%s"\n' "$ipsecconf" "$tmpipsecconf"
else
    printf 'The file "%s" is different from "%s"\n' "$ipsecconf" "$tmpipsecconf"
    mv -f $tmpipsecconf $ipsecconf
    configctl unbound restart
fi

add /usr/local/opnsense/service/conf/actions.d/actions_ipsecdns.conf

Code: [Select]

[reload]
command:/root/ipsecdns.sh > /root/ipsecdns_out.txt 2>&1
parameter:
type:script
message:mobile IPSEC DNS update

restart configd

Code: [Select]

service configd restart
And add cron job on the gui: System>Settings>Cron