unbound: add local & dn42 forward-zones
This commit is contained in:
parent
beec71f387
commit
2e4d0e6fb0
|
@ -21,6 +21,9 @@ base:
|
|||
'anon1':
|
||||
- vpn.anon1
|
||||
- upstream.anon1
|
||||
'upstream*':
|
||||
# for forward-zones in unbound
|
||||
- bind.dns
|
||||
'upstream1':
|
||||
- upstream.upstream1
|
||||
'upstream2':
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
# https://dn42.net/services/dns/Configuration#forwarder-setup_unbound
|
||||
|
||||
server:
|
||||
domain-insecure: "dn42"
|
||||
domain-insecure: "20.172.in-addr.arpa"
|
||||
domain-insecure: "21.172.in-addr.arpa"
|
||||
domain-insecure: "22.172.in-addr.arpa"
|
||||
domain-insecure: "23.172.in-addr.arpa"
|
||||
domain-insecure: "d.f.ip6.arpa"
|
||||
local-zone: "20.172.in-addr.arpa." nodefault
|
||||
local-zone: "21.172.in-addr.arpa." nodefault
|
||||
local-zone: "22.172.in-addr.arpa." nodefault
|
||||
local-zone: "23.172.in-addr.arpa." nodefault
|
||||
local-zone: "d.f.ip6.arpa." nodefault
|
||||
|
||||
forward-zone:
|
||||
name: "dn42"
|
||||
forward-addr: 172.22.0.53
|
||||
|
||||
forward-zone:
|
||||
name: "20.172.in-addr.arpa"
|
||||
forward-addr: 172.22.0.53
|
||||
|
||||
forward-zone:
|
||||
name: "22.172.in-addr.arpa"
|
||||
forward-addr: 172.22.0.53
|
||||
|
||||
forward-zone:
|
||||
name: "23.172.in-addr.arpa"
|
||||
forward-addr: 172.22.0.53
|
||||
|
||||
forward-zone:
|
||||
name: "d.f.ip6.arpa"
|
||||
forward-addr: 172.22.0.53
|
|
@ -20,3 +20,13 @@ dns-root-data:
|
|||
/etc/unbound/unbound.conf.d/verbose.conf:
|
||||
file.managed:
|
||||
- source: salt://unbound/verbose.conf
|
||||
|
||||
/etc/unbound/unbound.conf.d/local-zones.conf:
|
||||
file.managed:
|
||||
- source: salt://unbound/local-zones.conf
|
||||
- template: 'jinja'
|
||||
|
||||
/etc/unbound/unbound.conf.d/dn42-zones.conf:
|
||||
file.managed:
|
||||
- source: salt://unbound/dn42-zones.conf
|
||||
- template: 'jinja'
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
server:
|
||||
domain-insecure: "{{ pillar['bind']['root-domain'] }}"
|
||||
|
||||
forward-zone:
|
||||
name: "{{ pillar['bind']['root-domain'] }}"
|
||||
forward-addr: {{ pillar['hosts-inet']['serv']['dns'] }}
|
||||
forward-addr: {{ pillar['hosts-inet6']['serv']['dns'] }}
|
||||
|
||||
{%- for domain in pillar['bind']['reverse-zones-inet'] %}
|
||||
forward-zone:
|
||||
name: "{{ domain }}"
|
||||
forward-addr: {{ pillar['hosts-inet']['serv']['dns'] }}
|
||||
forward-addr: {{ pillar['hosts-inet6']['serv']['dns'] }}
|
||||
{%- endfor %}
|
||||
|
||||
{%- for domain in pillar['bind']['reverse-zones-inet6'] %}
|
||||
forward-zone:
|
||||
name: "{{ domain }}"
|
||||
forward-addr: {{ pillar['hosts-inet']['serv']['dns'] }}
|
||||
forward-addr: {{ pillar['hosts-inet6']['serv']['dns'] }}
|
||||
{%- endfor %}
|
Loading…
Reference in New Issue