diff --git a/rootfs/etc/services.d/supervisor/run b/rootfs/etc/services.d/supervisor/run index 4450c0086..ddb3e92da 100644 --- a/rootfs/etc/services.d/supervisor/run +++ b/rootfs/etc/services.d/supervisor/run @@ -2,4 +2,6 @@ # ============================================================================== # Start Service service # ============================================================================== +export LD_PRELOAD="/usr/local/lib/libjemalloc.so.2" + exec python3 -m supervisor \ No newline at end of file diff --git a/supervisor/const.py b/supervisor/const.py index 353dc1179..da5dac980 100644 --- a/supervisor/const.py +++ b/supervisor/const.py @@ -34,7 +34,6 @@ DOCKER_NETWORK = "hassio" DOCKER_NETWORK_MASK = ip_network("172.30.32.0/23") DOCKER_NETWORK_RANGE = ip_network("172.30.33.0/24") -DNS_SERVERS = ["dns://1.1.1.1", "dns://9.9.9.9"] DNS_SUFFIX = "local.hass.io" LABEL_VERSION = "io.hass.version" diff --git a/supervisor/data/coredns.tmpl b/supervisor/data/coredns.tmpl index 7ab08f4aa..50b6dc540 100644 --- a/supervisor/data/coredns.tmpl +++ b/supervisor/data/coredns.tmpl @@ -1,15 +1,31 @@ .:53 { log errors + loop hosts /config/hosts { fallthrough } template ANY AAAA local.hass.io hassio { rcode NOERROR } - forward . $servers { + forward . {{ locals | join(" ") }} dns://127.0.0.1:5353 { except local.hass.io policy sequential + health_check 5s + } + fallback REFUSED . dns://127.0.0.1:5353 + fallback SERVFAIL . dns://127.0.0.1:5353 + fallback NXDOMAIN . dns://127.0.0.1:5353 + cache 10 +} + +.:5353 { + log + errors + forward . tls://1.1.1.1 tls://1.0.0.1 { + tls_servername cloudflare-dns.com + except local.hass.io health_check 10s } + cache 30 } diff --git a/supervisor/dns.py b/supervisor/dns.py index 306daacc6..d985041fa 100644 --- a/supervisor/dns.py +++ b/supervisor/dns.py @@ -4,13 +4,13 @@ from contextlib import suppress from ipaddress import IPv4Address import logging from pathlib import Path -from string import Template from typing import Awaitable, List, Optional import attr +import jinja2 import voluptuous as vol -from .const import ATTR_SERVERS, ATTR_VERSION, DNS_SERVERS, DNS_SUFFIX, FILE_HASSIO_DNS +from .const import ATTR_SERVERS, ATTR_VERSION, DNS_SUFFIX, FILE_HASSIO_DNS from .coresys import CoreSys, CoreSysAttributes from .docker.dns import DockerDNS from .docker.stats import DockerStats @@ -42,6 +42,7 @@ class CoreDNS(JsonConfig, CoreSysAttributes): self.coresys: CoreSys = coresys self.instance: DockerDNS = DockerDNS(coresys) self.forwarder: DNSForward = DNSForward() + self.coredns_template: Optional[jinja2.Template] = None self._hosts: List[HostEntry] = [] @@ -116,6 +117,12 @@ class CoreDNS(JsonConfig, CoreSysAttributes): # Start DNS forwarder self.sys_create_task(self.forwarder.start(self.sys_docker.network.dns)) + # Initialize CoreDNS Template + try: + self.coredns_template = jinja2.Template(COREDNS_TMPL.read_text()) + except OSError as err: + _LOGGER.error("Can't read coredns.tmpl: %s", err) + # Run CoreDNS with suppress(CoreDNSError): if await self.instance.is_running(): @@ -208,24 +215,17 @@ class CoreDNS(JsonConfig, CoreSysAttributes): """Write CoreDNS config.""" dns_servers: List[str] = [] - # Load Template - try: - corefile_template: Template = Template(COREDNS_TMPL.read_text()) - except OSError as err: - _LOGGER.error("Can't read coredns template file: %s", err) - raise CoreDNSError() from None - # Prepare DNS serverlist: Prio 1 Manual, Prio 2 Local, Prio 3 Fallback local_dns: List[str] = self.sys_host.network.dns_servers or ["dns://127.0.0.11"] - servers: List[str] = self.servers + local_dns + DNS_SERVERS + servers: List[str] = self.servers + local_dns _LOGGER.debug( - "config-dns = %s, local-dns = %s , backup-dns = %s", + "config-dns = %s, local-dns = %s , backup-dns = CloudFlare DoT", self.servers, local_dns, - DNS_SERVERS, ) + # Make sure, they are valid for server in servers: try: dns_url(server) @@ -235,7 +235,7 @@ class CoreDNS(JsonConfig, CoreSysAttributes): _LOGGER.warning("Ignore invalid DNS Server: %s", server) # Generate config file - data = corefile_template.safe_substitute(servers=" ".join(dns_servers)) + data = self.coredns_template.render(locals=dns_servers) try: self.corefile.write_text(data)