From f80e1830a078fc357cb53e42a95de01f0eb70fc3 Mon Sep 17 00:00:00 2001 From: AA Date: Sun, 5 Feb 2023 23:22:42 -0500 Subject: [PATCH] Update README.md --- README.md | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index d673dfd..07edbcd 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ #### Specs: > |Unbound |OS |HW | > |:-------|:----------------------------|:-----------------------| -> |`1.17.0`|`raspios-bullseye-arm64-lite`|`Raspberry Pi 4 Model B`| +> |`1.17.1`|`raspios-bullseye-arm64-lite`|`Raspberry Pi 4 Model B`| # ### Steps @@ -35,11 +35,11 @@ #### ❯ Redis   đŸ”¸ Install ➜ Config * **Install:** - There are 2 options **either** install redis (6.0.16) from RaspiOS bullseye **or** install redis (7.0.5) from RaspiOS bullseye backports. + There are 2 options **either** install redis (6.0.16) from RaspiOS bullseye **or** install redis (7.0.*) from RaspiOS bullseye backports. * Install redis **(6.0.16)** from raspios bullseye: > `sudo apt install redis-server` - * Install redis **(7.0.5)** from raspios bullseye backports: + * Install redis **(7.0.*)** from raspios bullseye backports: > Enable backports. Edit sources list: > `sudo nano /etc/apt/sources.list` > Add backports source at the end: @@ -49,9 +49,9 @@ > `sudo apt install redis-server/bullseye-backports` * **Config:** - An optimized `redis.conf` for unbound is available in the release under `config` dir. Default _redis.conf_ from redis **7.0.5** is used as base config for the provided config. Some of the options may not be available or may be different if you are on an earlier version of redis. You can use _redis.conf_ **either** from the release **or** your preferred one. + An optimized `redis.conf` for unbound is available in the release under `config` dir. Default _redis.conf_ from redis **7.0.*** is used as base config for the provided config. Some of the options may not be available or may be different if you are on an earlier version of redis. You can use _redis.conf_ **either** from the release **or** your preferred one. - If you installed redis **7.0.5** and going to use the provided _redis.conf_, below steps can be helpful: + If you installed redis **7.0.*** and going to use the provided _redis.conf_, below steps can be helpful: > Edit redis config: > `sudo nano /etc/redis/redis.conf` > Delete everything in default redis config: @@ -62,7 +62,7 @@ > Provided `redis.conf` is tweaked after some thorough testing in small network. Like 8mb maxmeory has pretty optimal performance with enough cache and evict least recently used keys. Similarly sanpshotting is used to save keys to database, current option will save after 2hrs if atleast 100 new keys were added or after 12hrs if atleast 1 new key is added. Reboot will save database as long as snapshotting is enabled. Feel free to change them as preferred. * **Startup Warning:** - If you installed redis **7.0.5** from `backports`. Modify services to fix journal `⚠ī¸` warning on redis startup. + For redis **7.0.*** from `backports`. Modify services to fix journal `⚠ī¸` warning on redis startup. > Edit: `sudo nano /usr/lib/systemd/system/redis-server.service` > Edit: `sudo nano /usr/lib/systemd/system/redis-server@.service` > Remove/Comment lines starting with `NoExecPaths` and `ExecPaths` from both above services @@ -75,15 +75,15 @@ #### ❯ Unbound   đŸ”¸ Packages ➜ Extract ➜ CFLAGS ➜ Configure ➜ Compile ➜ Install * **Packages:** - Install packages required for compiling unbound. Assuming gcc is already installed, below command will install 11 packages. Your environment may require additional packages. Check compilation error to find missing package (if any): + Install packages required for compiling unbound. Assuming gcc is already installed, below command will install 12 packages. Your environment may require additional packages. Check compilation error to find missing package (if any): > ``` - > sudo apt install bison flex libevent-dev libexpat1-dev libhiredis-dev libnghttp2-dev libprotobuf-c-dev protobuf-c-compiler python3-dev swig libssl-dev + > sudo apt install bison flex libevent-dev libexpat1-dev libhiredis-dev libnghttp2-dev libprotobuf-c-dev libssl-dev libsystemd-dev protobuf-c-compiler python3-dev swig > ``` * **Extract:** - Download and extract unbound. + [Download](https://github.com/NLnetLabs/unbound/archive/refs/tags/release-1.17.1.tar.gz) and extract unbound. > Extract: - > `tar -xvzf unbound-release-1.17.0.tar.gz` + > `tar -xvzf unbound-release-1.17.1.tar.gz` * **CFLAGS:** Remove debugging information, otherwise unbound binary size will be much larger. @@ -91,10 +91,10 @@ > `export CFLAGS="-O2"` > `ℹī¸` **Note:** - > Unbound `1.17.0` binary size comparison: - > ![bookworm](https://user-images.githubusercontent.com/11185794/207215543-bf41ded3-0a9f-44e1-9f90-eb68600a8441.png)  âžŸ _Debian Bookworm Prebuilt_ `Without Cachdb Module` - > ![debug-off](https://user-images.githubusercontent.com/11185794/207215583-244aa012-8f24-4848-a39d-8803ec771e0f.png)  âžŸ _Compiled Without Debug Info_ `With Cachdb Module` - > ![debug-on](https://user-images.githubusercontent.com/11185794/207215554-6cc8d9be-4f07-47bc-ab0c-d7359ff68ee7.png)  âžŸ _Compiled With Debug Info_ `With Cachdb Module` + > Unbound `1.17.1` binary size comparison: + > ![bookworm](https://user-images.githubusercontent.com/11185794/216804507-b019a32f-c0bc-44be-a6f6-23de274c0493.png)  âžŸ _Debian Bookworm Prebuilt_ `Without Cachdb Module` + > ![debug-off](https://user-images.githubusercontent.com/11185794/216804539-a5ebcc20-27d0-4d6f-bf1e-b55c7d064fd0.png)  âžŸ _Compiled Without Debug Info_ `With Cachdb Module` + > ![debug-on](https://user-images.githubusercontent.com/11185794/216804527-fa06ba09-2d51-4662-9fae-2cafa3a30721.png)  âžŸ _Compiled With Debug Info_ `With Cachdb Module` * **Configure:** Make sure you copy the full cmd and execute it inside the extracted unbound src dir. @@ -196,7 +196,7 @@ > `sudo touch /opt/unbound/blocklists/unbound.block.conf` > `ℹī¸` **Note:** - > `/opt/unbound/scripts/update-blocklists.sh` script uses StevenBlack's `unified hosts (adware + malware) + porn` as default list. It converts default list to unbound format, removes comments and sorts it. + > `/opt/unbound/scripts/update-blocklists.sh` script uses [StevenBlack's](https://github.com/StevenBlack/hosts) `unified hosts (adware + malware) + porn` as default list. It converts default list to unbound format, removes comments and sorts it. > You can add more lists to the _update-blocklists.sh_ script. With some basic expertise in sed you can aggregate multiple lists into unbound blocklist `unbound.block.conf`
@@ -299,4 +299,7 @@ After uninstall all the `Post Install` and `Timers & Services` steps can be easily reverted by running `post-remove.sh` provided in the release. > `sudo ./post-remove.sh` + +* **Update Unbound:** + Refer `UPDATE.md` for updating Unbound.