🗃️ Removed the .claude/settings.local.json 🗃️

CLAUDE.md .claude/settings.local.json Dockerfile .env.scripts PLAN.md README.md rootfs/root/docker/setup/02-packages.sh rootfs/root/docker/setup/05-custom.sh rootfs/root/docker/setup/07-cleanup.sh rootfs/tmp/etc/bind/named.conf rootfs/usr/local/bin/entrypoint.sh
2026-06-24 02:01:03 -04:00 · 2026-05-12 20:05:33 -04:00
parent 4334b6c93b
commit 2401603bec
11 changed files with 594 additions and 75 deletions
@@ -31,14 +31,9 @@ exitCode=0

 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
-# wipe package-installed configs so the rootfs ones in /tmp/etc/* are
-# the only files that end up under /etc/<service>/ after 03-files.sh runs.
-rm -Rf /etc/tor/*
-rm -Rf /etc/nginx/*
-rm -Rf /etc/php*/*
-rm -Rf /etc/bind.* /etc/named.*
+# wipe package-installed bind defaults so the rootfs ones in /tmp/etc/bind/
+# are the only files that end up under /etc/bind/ after 03-files.sh runs.
 rm -Rf "/etc/bind"/* "/var/bind"/*
-rm -Rf "/etc/named"/* "/var/named"/*
 mkdir -p "/etc/bind/keys" "/var/bind/zones" "/var/bind/primary" "/var/bind/secondary" "/var/bind/stats" "/var/bind/dynamic"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Set the exit code
@@ -31,6 +31,19 @@ exitCode=0

 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
+# wipe-and-replace per template §4: ensure /etc/bind contains ONLY our
+# optimized config. 02-packages.sh + 03-files.sh already do this; the
+# block below makes the intent explicit and survives reorderings.
+if [ -d "/tmp/etc/bind" ]; then
+  rm -Rf "/etc/bind"/*
+  cp -Rf "/tmp/etc/bind/." "/etc/bind/"
+fi
+# Runtime dirs that named needs to exist on first boot (the init.d
+# script will recreate these too, but pre-creating avoids a chown -R
+# failure on a missing dir during __run_pre_execute_checks).
+mkdir -p /run/bind /data/logs/bind /var/bind/primary /var/bind/secondary \
+         /var/bind/stats /var/bind/dynamic /var/bind/zones
+chown -Rf named:named /etc/bind /var/bind 2>/dev/null || true

 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Set the exit code
@@ -33,7 +33,7 @@ exitCode=0
 # Predefined actions
 if [ -d "/tmp" ]; then rm -Rf "/tmp"/*; fi
 if [ -d "$HOME/.cache" ]; then rm -Rf "$HOME/.cache"; fi
-if [ -d "/var/bind" ]; then rm -Rf "/var/bind"/*; fi
+# DO NOT wipe /var/bind here - it holds root.cache which named needs at boot.
 if [ -d "/var/named" ]; then rm -Rf "/var/named"/*; fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
@@ -60,7 +60,6 @@ options {
  allow-query-cache { any; };
  auth-nxdomain no;
  dnssec-validation auto;
-  validate-except { "onion"; "exit"; };
  forwarders { 1.1.1.1; 8.8.8.8; 4.4.4.4; };
 };
 #####################################################################
@@ -103,19 +102,6 @@ zone "." {
 };
 #  ********** end root info **********
 #####################################################################
-#  ********** begin tor forwarding     **********
-zone "exit" {
-    type forward;
-    forward only;
-    forwarders { 127.0.0.1 port 9053; };
-};
-zone "onion" {
-    type forward;
-    forward only;
-    forwarders { 127.0.0.1 port 9053; };
-};
-#  ********** end tor forwarding       **********
-#####################################################################
 #  ********** begin imports **********
 include "REPLACE_ETC_DIR/zones.conf";
 #  ********** end imports info         **********
@@ -451,12 +451,12 @@ if [ -f "$ENTRYPOINT_PID_FILE" ]; then
    # PID file exists but process is dead - this is a restart
    START_SERVICES="yes"
    # Clean any stale PID files on restart
-    rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
+    rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
  fi
 else
  START_SERVICES=yes
  # Clean any stale PID files on first run
-  rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
+  rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
 fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 [ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "The containers ip address is:" "$CONTAINER_IP4_ADDRESS"