Add SOA and A records, allow IPv6 (moving to NSD soon)
This commit is contained in:
parent
edf6f225fa
commit
2ccb694505
|
@ -4,6 +4,8 @@ server:
|
||||||
local-data: "redxen.eu. 10800 IN NS {{ host }}.redxen.eu"
|
local-data: "redxen.eu. 10800 IN NS {{ host }}.redxen.eu"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
local-data: "redxen.eu. IN SOA n0.redxen.eu admin.redxen.eu 2020053001 86400 7200 3600000 172800"
|
||||||
|
|
||||||
{% for record in unbound.public.TXT %}
|
{% for record in unbound.public.TXT %}
|
||||||
local-data: "{{ record.name }}redxen.eu. 86400 IN TXT {{ record.content }}"
|
local-data: "{{ record.name }}redxen.eu. 86400 IN TXT {{ record.content }}"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -16,6 +18,10 @@ server:
|
||||||
local-data: "_{{ record.service }}._{{ record.proto }}.redxen.eu. 86400 IN SRV 0 5 {{ record.port }} {{ record.host }}."
|
local-data: "_{{ record.service }}._{{ record.proto }}.redxen.eu. 86400 IN SRV 0 5 {{ record.port }} {{ record.host }}."
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
{% for record in unbound.public.A %}
|
||||||
|
local-data: "{{ record.name }}redxen.eu. 86400 IN A {{ record.addr }}"
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
{% for domains in unbound.public.group.A %}
|
{% for domains in unbound.public.group.A %}
|
||||||
{% for host in groups[domains.group] %}
|
{% for host in groups[domains.group] %}
|
||||||
local-data: "{{ domains.domain }}.redxen.eu. 86400 IN A {{ hostvars[host]['ansible_default_ipv4']['address'] }}"
|
local-data: "{{ domains.domain }}.redxen.eu. 86400 IN A {{ hostvars[host]['ansible_default_ipv4']['address'] }}"
|
||||||
|
|
|
@ -3,6 +3,7 @@ include: "/etc/unbound/internal.conf"
|
||||||
server:
|
server:
|
||||||
directory: "/etc/unbound"
|
directory: "/etc/unbound"
|
||||||
access-control: 0.0.0.0/0 refuse_non_local
|
access-control: 0.0.0.0/0 refuse_non_local
|
||||||
|
access-control: ::/0 refuse_non_local
|
||||||
# Local Host
|
# Local Host
|
||||||
access-control: 127.0.0.0/24 allow
|
access-control: 127.0.0.0/24 allow
|
||||||
# Wireguard Range
|
# Wireguard Range
|
||||||
|
|
Reference in New Issue