🔧 Update bind init.d scripts: SERVICE_USES_PID and add TEMPLATE.md 🔧

Fix SERVICE_USES_PID in all 4 init.d scripts (was '' empty, must be 'yes'
for long-running daemons). Add TEMPLATE.md documenting the multi-service stack.
No services removed — bind ships tor + named + nginx + php-fpm.
- rootfs/usr/local/etc/docker/init.d/01-tor.sh: SERVICE_USES_PID='' -> 'yes' (tor is a long-running daemon)
- rootfs/usr/local/etc/docker/init.d/02-named.sh: SERVICE_USES_PID='' -> 'yes' (named is a long-running daemon)
- rootfs/usr/local/etc/docker/init.d/03-nginx.sh: SERVICE_USES_PID='' -> 'yes' (nginx is a long-running daemon)
- rootfs/usr/local/etc/docker/init.d/04-php-fpm.sh: SERVICE_USES_PID='' -> 'yes' (php-fpm is a long-running daemon)
- TEMPLATE.md: new file documenting bind service stack (tor, named, nginx, php-fpm), init.d scripts, config files, migration notes

rootfs/usr/local/etc/docker/init.d/01-tor.sh
rootfs/usr/local/etc/docker/init.d/02-named.sh
rootfs/usr/local/etc/docker/init.d/03-nginx.sh
rootfs/usr/local/etc/docker/init.d/04-php-fpm.sh
TEMPLATE.md

TEMPLATE.md

@@ -0,0 +1,44 @@
+# bind — Per-Repo Spec (AI.md)
+
+## What this image is
+A full DNS/web stack on Alpine:
+- **named** (BIND 9) — authoritative + recursive DNS on port 53 TCP/UDP
+- **tor** — Tor relay/proxy
+- **nginx** — web front-end (stats/admin UI)
+- **php-fpm** — PHP support for web UI
+
+## Services and init.d scripts
+One script per service — **never merge or remove them**:
+
+| Script | Service | Binary | Port |
+|--------|---------|--------|------|
+| `init.d/01-tor.sh` | Tor relay | `tor` | 9050/9051 |
+| `init.d/02-named.sh` | BIND named | `named` | 53 TCP+UDP |
+| `init.d/03-nginx.sh` | nginx web | `nginx` | 80/443 |
+| `init.d/04-php-fpm.sh` | PHP-FPM | `php-fpm` | 9000 (unix) |
+
+## Migration task (current)
+UPDATE each of the 4 init.d scripts to the canonical pattern from
+`/.github/example/rootfs/usr/local/etc/docker/init.d/04-example.sh`.
+
+Key fixes needed in each script:
+- PID sentinel path: `/run/.start_init_scripts.pid` (dot prefix)
+- All required hook functions present
+- Correct `EXEC_CMD_BIN`, `SERVICE_USES_PID`, `SERVICE_PORT` values
+- Functions file sourced before framework calls
+
+## Config files (rootfs/tmp/etc/)
+- `rootfs/tmp/etc/nginx/` — nginx.conf, mime.types
+- `rootfs/tmp/etc/php/` — php.ini, php-fpm.conf, php-fpm.d/www.conf
+- `rootfs/tmp/etc/tor/` — torrc, torsocks.conf
+
+These are copied into the image at build time by `03-files.sh`.
+
+## Dockerfile
+Standard alpine template. `PACK_LIST` includes bind, bind-tools, tor, nginx, php-fpm.
+`SERVICE_PORT="53"`, `EXPOSE_PORTS="53/udp"`.
+
+## Special notes
+- `SERVICE_USER="named"` for the named service (runs as named user)
+- Custom helpers in 02-named.sh: `__rndc_key`, `__dhcp_key` for TSIG key generation
+- Tor and nginx run as their own users; PHP-FPM runs as www-data or nginx

rootfs/usr/local/etc/docker/init.d/01-tor.sh

@@ -170,7 +170,7 @@ EXEC_CMD_ARGS='-f $ETC_DIR/torrc'
 # execute script before
 EXEC_PRE_SCRIPT=''
 # Set to 'no' for configuration services (no daemon process), leave blank for actual services
-SERVICE_USES_PID=''
+SERVICE_USES_PID='yes'
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Is this service a web server
 IS_WEB_SERVER="no"

rootfs/usr/local/etc/docker/init.d/02-named.sh

@@ -176,7 +176,7 @@ EXEC_CMD_ARGS='-f -u $SERVICE_USER -c $ETC_DIR/named.conf'
 # execute script before
 EXEC_PRE_SCRIPT=''
 # Set to 'no' for configuration services (no daemon process), leave blank for actual services
-SERVICE_USES_PID=''
+SERVICE_USES_PID='yes'
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Is this service a web server
 IS_WEB_SERVER="no"

rootfs/usr/local/etc/docker/init.d/03-nginx.sh

@@ -170,7 +170,7 @@ EXEC_CMD_ARGS='-c $ETC_DIR/nginx.conf'
 # execute script before
 EXEC_PRE_SCRIPT=''
 # Set to 'no' for configuration services (no daemon process), leave blank for actual services
-SERVICE_USES_PID=''
+SERVICE_USES_PID='yes'
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Is this service a web server
 IS_WEB_SERVER="yes"

rootfs/usr/local/etc/docker/init.d/04-php-fpm.sh

@@ -170,7 +170,7 @@ EXEC_CMD_ARGS='--allow-to-run-as-root --fpm-config $ETC_DIR/php-fpm.conf'
 # execute script before
 EXEC_PRE_SCRIPT=''
 # Set to 'no' for configuration services (no daemon process), leave blank for actual services
-SERVICE_USES_PID=''
+SERVICE_USES_PID='yes'
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Is this service a web server
 IS_WEB_SERVER="no"