#!/sbin/openrc-run

: ${command_user:="kresd:kresd"}
: ${cfgfile:=${config:-"/etc/knot-resolver/kresd.conf"}}
: ${cachedir:="/var/cache/knot-resolver"}
: ${output_logger="logger -t kresd -p daemon.info >/dev/null 2>&1"}
: ${error_logger="logger -t kresd -p daemon.err >/dev/null 2>&1"}
: ${wait:=100}

command="/usr/sbin/kresd"
command_args="--noninteractive --config=$cfgfile $cachedir"
command_background="yes"

pidfile="/run/$RC_SVCNAME.pid"
directory="$cachedir"
start_stop_daemon_args="--wait $wait"
# The leading space is to avoid fallback to $start_stop_daemon_args when this
# is empty (supervise-daemon doesn't support --wait).
supervise_daemon_args=" $supervise_daemon_args"

required_files="$cfgfile"

# cap_net_bind_service - required to bind to well-known ports
# cap_setpcap - when available, resd drops any extra privileges after the
#   daemon successfully start
# (This is supported since OpenRC 0.45)
capabilities="^cap_net_bind_service,^cap_setpcap"

depend() {
	need net
	before kres-cache-gc
	provide dns
}

start_pre() {
	[ "$output_log" ] && checkpath -f -m 640 -o "$command_user" "$output_log"
	checkpath -d -m 750 -o "$command_user" "$cachedir"
}
