Add SOA and A records, allow IPv6 (moving to NSD soon)

2020-05-31 12:00:16 +02:00 · 2020-05-31 12:00:16 +02:00 · 2ccb694505
parent edf6f225fa
commit 2ccb694505
2 changed files with 7 additions and 0 deletions
--- a/templates/redxen-dns.conf.j2
+++ b/templates/redxen-dns.conf.j2
@ -4,6 +4,8 @@ server:
 	local-data: "redxen.eu. 10800 IN NS {{ host }}.redxen.eu"
 {% endfor %}

+	local-data: "redxen.eu. IN SOA n0.redxen.eu admin.redxen.eu 2020053001 86400 7200 3600000 172800"
+
 {% for record in unbound.public.TXT %}
 	local-data: "{{ record.name }}redxen.eu. 86400 IN TXT {{ record.content }}"
 {% endfor %}
@ -16,6 +18,10 @@ server:
 	local-data: "_{{ record.service }}._{{ record.proto }}.redxen.eu. 86400 IN SRV 0 5 {{ record.port }} {{ record.host }}."
 {% endfor %}

+{% for record in unbound.public.A %}
+	local-data: "{{ record.name }}redxen.eu. 86400 IN A {{ record.addr }}"
+{% endfor %}
+
 {% for domains in unbound.public.group.A %}
 {% for host in groups[domains.group] %}
 	local-data: "{{ domains.domain }}.redxen.eu. 86400 IN A {{ hostvars[host]['ansible_default_ipv4']['address'] }}"
--- a/templates/unbound.conf.j2
+++ b/templates/unbound.conf.j2
@ -3,6 +3,7 @@ include: "/etc/unbound/internal.conf"
 server:
 	directory: "/etc/unbound"
 	access-control: 0.0.0.0/0 refuse_non_local
+	access-control: ::/0 refuse_non_local
 	# Local Host
 	access-control: 127.0.0.0/24 allow
 	# Wireguard Range