56 lines
1.6 KiB
Plaintext
56 lines
1.6 KiB
Plaintext
include: "/etc/unbound/redxen-dns.conf"
|
|
server:
|
|
directory: "/etc/unbound"
|
|
username: unbound
|
|
do-not-query-address: 127.0.0.11
|
|
access-control: 0.0.0.0/0 refuse_non_local
|
|
# Local Host
|
|
access-control: 127.0.0.0/24 allow
|
|
# Docker Host
|
|
access-control: 172.18.0.1/32 allow
|
|
# Wireguard Range
|
|
access-control: 172.22.12.0/24 allow
|
|
# Allow Loopback connections with public ip as source
|
|
access-control: 88.198.95.52/32 allow
|
|
access-control: 88.198.95.107/32 allow
|
|
access-control: 88.198.95.100/32 allow
|
|
access-control: 88.198.95.106/32 allow
|
|
access-control: 88.198.95.63/32 allow
|
|
# log-replies: yes
|
|
interface: 0.0.0.0
|
|
interface: ::0
|
|
extended-statistics: yes
|
|
root-hints: root.hints
|
|
rrset-roundrobin: yes
|
|
trust-anchor-file: /usr/share/dnssec-root/trusted-key.key
|
|
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
|
|
port: 5353
|
|
ratelimit: 20
|
|
prefetch: yes
|
|
prefetch-key: yes
|
|
do-daemonize: no
|
|
logfile: ""
|
|
cache-min-ttl: 60
|
|
cache-max-ttl: 960
|
|
harden-glue: yes
|
|
aggressive-nsec: yes
|
|
serve-expired: yes
|
|
serve-expired-ttl: 86400
|
|
serve-expired-ttl-reset: yes
|
|
remote-control:
|
|
control-enable: yes
|
|
control-use-cert: no
|
|
control-interface: 0.0.0.0
|
|
forward-zone:
|
|
name: "."
|
|
forward-tls-upstream: yes
|
|
forward-first: yes
|
|
forward-addr: 2a04:c44:e00:32e0:42a:30ff:fe00:e7d@853#a.cyberiadot.invalid
|
|
forward-addr: 194.182.165.153@853#a.cyberiadot.invalid
|
|
forward-addr: 2a01:4f8:1c17:4d9b::853@853#b.cyberiadot.invalid
|
|
forward-addr: 78.47.220.84@853#b.cyberiadot.invalid
|
|
forward-addr: 2620:fe::fe@853#dns.quad9.net
|
|
forward-addr: 9.9.9.9@853#dns.quad9.net
|
|
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
|
|
forward-addr: 1.1.1.1@853#cloudflare-dns.com
|