Support svr host (#1863)

* Revert "Revert "Support svr host (#1853)" (#1860)" This reverts commit de23c02c7c. * Fix Apparmor * Update apparmor.txt
2025-12-17 05:04:21 +01:00 · 2021-02-16 14:18:28 +01:00
parent de23c02c7c
commit a1911ba819
12 changed files with 139 additions and 68 deletions
--- a/dnsmasq/CHANGELOG.md
+++ b/dnsmasq/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog

+## 1.4
+
+- Adds support for srv-host records
+
 ## 1.3

 - Rewrites add-on onto Bashio
--- a/dnsmasq/DOCS.md
+++ b/dnsmasq/DOCS.md
@@ -32,6 +32,12 @@ forwards:
 hosts:
  - host: home.mydomain.io
    ip: 192.168.1.10
+services:
+  - srv: _ldap._tcp.pdc._msdcs.mydomain.io
+    host: dc.mydomain.io
+    port: 389
+    priority: 0
+    weight: 100
 ```

 ### Option: `defaults` (required)
@@ -76,6 +82,30 @@ The hostname or domainname to resolve locally.

 The IP address Dnsmasq should respond with in its DNS answer.

+### Option: `services` (optional)
+
+This option allows you to provide srv-host records.
+
+#### Option: `services.srv`
+
+The service to resolve.
+
+#### Option: `services.host`
+
+The host that contain the service.
+
+#### Option: `services.port`
+
+The port number for the service.
+
+#### Option: `services.priority`
+
+The priority for the service.
+
+#### Option: `services.weight`
+
+The weight for the service.
+
 ## Support

 Got questions?
--- a/dnsmasq/Dockerfile
+++ b/dnsmasq/Dockerfile
@@ -8,7 +8,5 @@ ENV LANG C.UTF-8
 RUN apk add --no-cache dnsmasq

 # Copy data
-COPY data/run.sh /
-COPY data/dnsmasq.conf /etc/
+COPY rootfs /

-CMD [ "/run.sh" ]
--- a/dnsmasq/apparmor.txt
+++ b/dnsmasq/apparmor.txt
@@ -2,29 +2,38 @@

 profile dnsmasq flags=(attach_disconnected,mediate_deleted) {
  #include <abstractions/base>
-  #include <abstractions/nameservice>

-  capability net_bind_service,
-  capability setgid,
-  capability setuid,
-  capability dac_override,
-  network inet raw,
-  network inet6 raw,
+  # S6-Overlay & Bashio
+  /bin/** ix,
+  /usr/bin/** ix,
+  /usr/lib/bashio/** ix,
+  /etc/s6/** ix,
+  /run/s6/** ix,
+  /etc/services.d/** rwix,
+  /etc/cont-init.d/** rwix,
+  /etc/cont-finish.d/** rwix

-  /bin/busybox ix,
-  /bin/bash ix,
-  /usr/bin/jq ix,
-  /usr/sbin/dnsmasq ix,
+  # Data access
+  /data/** rw,

-  /etc/dnsmasq.conf rw,
-  /{,var/}run/*dnsmasq*.pid w,
-  /{,var/}run/dnsmasq/ r,
-  /{,var/}run/dnsmasq/* rw,
+  # Execution program
+  /usr/sbin/dnsmasq cx,

-  /usr/lib/bashio/bashio ix,
-  /dev/tty rw,
-  /tmp/* rw,
+  profile /usr/sbin/dnsmasq flags=(attach_disconnected,mediate_deleted) {
+    #include <abstractions/base>
+    #include <abstractions/nameservice>

-  /run.sh rix,
-  /data/** r,
+    capability net_bind_service,
+    capability setgid,
+    capability setuid,
+    capability dac_override,
+    network inet raw,
+    network inet6 raw,
+
+    /etc/dnsmasq.conf rw,
+    /run/*dnsmasq*.pid w,
+    /run/dnsmasq/ r,
+    /run/dnsmasq/* rw,
+    /tmp/* rw,
+  }
 }
--- a/dnsmasq/build.json
+++ b/dnsmasq/build.json
@@ -1,9 +1,9 @@
 {
  "build_from": {
-    "aarch64": "homeassistant/aarch64-base:3.10",
-    "amd64": "homeassistant/amd64-base:3.10",
-    "armhf": "homeassistant/armhf-base:3.10",
-    "armv7": "homeassistant/armv7-base:3.10",
-    "i386": "homeassistant/i386-base:3.10"
+    "aarch64": "homeassistant/aarch64-base:3.13",
+    "amd64": "homeassistant/amd64-base:3.13",
+    "armhf": "homeassistant/armhf-base:3.13",
+    "armv7": "homeassistant/armv7-base:3.13",
+    "i386": "homeassistant/i386-base:3.13"
  }
 }
--- a/dnsmasq/config.json
+++ b/dnsmasq/config.json
@@ -1,12 +1,13 @@
 {
  "name": "Dnsmasq",
-  "version": "1.3",
+  "version": "1.4",
  "slug": "dnsmasq",
  "description": "A simple DNS server",
  "url": "https://github.com/home-assistant/hassio-addons/tree/master/dnsmasq",
  "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"],
  "advanced": true,
  "startup": "system",
+  "init": false,
  "ports": {
    "53/tcp": 53,
    "53/udp": 53
@@ -14,7 +15,8 @@
  "options": {
    "defaults": ["8.8.8.8", "8.8.4.4"],
    "forwards": [],
-    "hosts": []
+    "hosts": [],
+    "services": []
  },
  "schema": {
    "defaults": ["str"],
@@ -29,6 +31,15 @@
        "host": "str",
        "ip": "str"
      }
+    ],
+    "services": [
+      {
+        "srv": "str",
+        "host": "str",
+        "port": "str",
+        "priority": "int",
+        "weight": "int"
+      }
    ]
  },
  "image": "homeassistant/{arch}-addon-dnsmasq"
--- a/dnsmasq/data/dnsmasq.conf
+++ b/dnsmasq/data/dnsmasq.conf
@@ -1,7 +0,0 @@
-no-resolv
-no-hosts
-keep-in-foreground
-log-queries
-log-facility=-
-no-poll
-user=root
--- a/dnsmasq/data/run.sh
+++ b/dnsmasq/data/run.sh
@@ -1,31 +0,0 @@
-#!/usr/bin/env bashio
-set -e
-
-CONFIG="/etc/dnsmasq.conf"
-
-bashio::log.info "Configuring dnsmasq..."
-
-# Add default forward servers
-for server in $(bashio::config 'defaults'); do
-    echo "server=${server}" >> "${CONFIG}"
-done
-
-# Create domain forwards
-for forward in $(bashio::config 'forwards|keys'); do
-    DOMAIN=$(bashio::config "forwards[${forward}].domain")
-    SERVER=$(bashio::config "forwards[${forward}].server")
-
-    echo "server=/${DOMAIN}/${SERVER}" >> "${CONFIG}"
-done
-
-# Create static hosts
-for host in $(bashio::config 'hosts|keys'); do
-    HOST=$(bashio::config "hosts[${host}].host")
-    IP=$(bashio::config "hosts[${host}].ip")
-
-    echo "address=/${HOST}/${IP}" >> "${CONFIG}"
-done
-
-# Run dnsmasq
-bashio::log.info "Starting dnsmasq..."
-exec dnsmasq -C "${CONFIG}" -z < /dev/null
--- a/dnsmasq/rootfs/etc/cont-init.d/config.sh
+++ b/dnsmasq/rootfs/etc/cont-init.d/config.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# DNSMASQ config
+# ==============================================================================
+
+CONFIG="/etc/dnsmasq.conf"
+bashio::log.info "Configuring dnsmasq..."
+tempio \
+    -conf /data/options.json \
+    -template /usr/share/tempio/dnsmasq.config \
+    -out "${CONFIG}"
+
--- a/dnsmasq/rootfs/etc/services.d/dnsmasq/finish
+++ b/dnsmasq/rootfs/etc/services.d/dnsmasq/finish
@@ -0,0 +1,8 @@
+#!/usr/bin/execlineb -S0
+# ==============================================================================
+# Take down the S6 supervision tree when dnsmasq fails
+# ==============================================================================
+if { s6-test ${1} -ne 0 }
+if { s6-test ${1} -ne 256 }
+
+s6-svscanctl -t /var/run/s6/services
--- a/dnsmasq/rootfs/etc/services.d/dnsmasq/run
+++ b/dnsmasq/rootfs/etc/services.d/dnsmasq/run
@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bashio
+CONFIG="/etc/dnsmasq.conf"
+
+# Run dnsmasq
+bashio::log.info "Starting dnsmasq..."
+exec dnsmasq -C "${CONFIG}" -z < /dev/null
+
--- a/dnsmasq/rootfs/usr/share/tempio/dnsmasq.config
+++ b/dnsmasq/rootfs/usr/share/tempio/dnsmasq.config
@@ -0,0 +1,30 @@
+# Automatically generated do not edit
+
+no-resolv
+no-hosts
+keep-in-foreground
+log-queries
+log-facility=-
+no-poll
+user=root
+
+# Default forward servers
+{{ range .defaults }}
+server={{ . }}
+{{ end }}
+
+# Domain forwards
+{{ range .forwards }}
+server=/{{ .domain }}/{{ .server }}
+{{ end }}
+
+# Static hosts
+{{ range .hosts }}
+address=/{{ .host }}/{{ .ip }}
+{{ end }}
+
+# Static srv-hosts
+{{ range .services }}
+srv-host={{ .srv }},{{ .host }},{{ .port }},{{ .priority }},{{ .weight }}
+{{ end }}
+