aboutsummaryrefslogblamecommitdiffstats
path: root/roles/space_server/files/unbound/unbound.conf
blob: 1679aea6e6a8622c0af6278a367a26151e342d55 (plain) (tree) 
3b79579














































































































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142














































































































































                                                                                                                                 
server:
	pidfile: "/run/unbound/unbound.pid"
	verbosity: 1
	statistics-interval: 0
	statistics-cumulative: no
	extended-statistics: yes
	num-threads: 1

	define-tag: "local"

	interface: 127.0.0.1
	interface: ::1
	interface: 185.38.175.0
	interface: 2a01:4260:1ab::

	outgoing-interface: 185.38.175.0
	outgoing-interface: 2a01:4260:1ab::
	outgoing-port-permit: 32768-60999
	outgoing-port-avoid: 0-32767

	so-reuseport: yes
	ip-transparent: yes
	max-udp-size: 3072

	access-control-tag: 127.0.0.1/32 "local"
	access-control-tag: ::1/128 "local"

	access-control: 185.38.175.0/24 allow
	access-control: 10.42.0.0/16 allow
	access-control-tag: 10.42.0.0/24 "local"
	access-control-tag: 10.42.1.0/24 "local"
	access-control-tag: 10.42.2.0/24 "local"
	# not free wifi     10.42.3.0/24
	access-control-tag: 10.42.4.0/24 "local"
	access-control-tag: 10.42.5.0/24 "local"
	access-control: 2a01:4260:1ab::/48 allow
	access-control-tag: 2a01:4260:1ab:a::/64 "local"
	access-control-tag: 2a01:4260:1ab:b::/64 "local"
	access-control-tag: 2a01:4260:1ab:c::/64 "local"
	# not free wifi     2a01:4260:1ab:d::/64
	access-control-tag: 2a01:4260:1ab:e::/64 "local"
	access-control-tag: 2a01:4260:1ab:f::/64 "local"

	chroot: ""
	username: "unbound"
	directory: "/etc/unbound"

	use-syslog: yes
	log-time-ascii: yes

	harden-glue: yes
	harden-dnssec-stripped: yes
	harden-below-nxdomain: yes
	harden-referral-path: yes
	qname-minimisation: yes

	prefetch: yes
	prefetch-key: yes
	rrset-roundrobin: yes
	minimal-responses: yes

	module-config: "validator iterator"

	trust-anchor-signaling: yes

	trusted-keys-file: /etc/unbound/keys.d/*.key
	auto-trust-anchor-file: "/var/lib/unbound/root.key"

	val-clean-additional: yes
	val-permissive-mode: no
	serve-expired: yes
	val-log-level: 1

	local-zone: a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static
	local-data: "f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800"
	local-data: "f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk."

	local-zone: s. static
	local-zone-tag: s. "local"
	local-data: "s.              IN SOA   space.labitat.dk. esmil.labitat.dk. 20171119 3600 1200 604800 10800"
	local-data: "s.              IN NS    space.labitat.dk."
	local-data: "s.              IN A     10.42.1.1"
	local-data: "s.              IN AAAA  2a01:4260:1ab::"
	local-data: "labitrack.s.    IN A     185.38.175.70"
	local-data: "labitrack.s.    IN AAAA  2a01:4260:1ab::cafe"
	local-data: "track.s.        IN A     185.38.175.70"
	local-data: "track.s.        IN AAAA  2a01:4260:1ab::cafe"
	local-data: "ap.s.           IN A     10.42.0.2"
	local-data-ptr:                      "10.42.0.2 ap.s."
	local-data: "doorputer.s.    IN A     10.42.0.3"
	local-data-ptr:                      "10.42.0.3 doorputer.s."
	local-data: "foodputer.s.    IN A     10.42.0.4"
	local-data-ptr:                      "10.42.0.4 foodputer.s."
	local-data: "ap1.s.          IN A     10.42.0.5"
	local-data-ptr:                      "10.42.0.5 ap1.s."
	local-data: "ap2.s.          IN A     10.42.0.6"
	local-data-ptr:                      "10.42.0.6 ap2.s."
	local-data: "switch.s.       IN A     10.42.0.9"
	local-data-ptr:                      "10.42.0.9 switch.s."
	local-data: "lathe.s.        IN A     10.42.0.12"
	local-data-ptr:                      "10.42.0.12 lathe.s."
	local-data: "anna.s.         IN A     10.42.1.9"
	local-data-ptr:                      "10.42.1.9 anna.s."
	local-data: "printbrother.s. IN A     10.42.1.32"
	local-data-ptr:                      "10.42.1.32 printbrother.s."
	local-data: "infotron.s.     IN A     10.42.1.34"
	local-data-ptr:                      "10.42.1.34 infotron.s."
	local-data: "spacemon.s.     IN A     10.42.1.35"
	local-data-ptr:                      "10.42.1.35 spacemon.s."
	local-data: "jumbotron.s.    IN A     10.42.1.36"
	local-data-ptr:                      "10.42.1.36 jumbotron.s."
	local-data: "hplaserjet.s.   IN A     10.42.1.37"
	local-data-ptr:                      "10.42.1.37 hplaserjet.s."
	local-data: "labisound.s.    IN A     10.42.1.40"
	local-data-ptr:                      "10.42.1.40 labisound.s."
	local-data: "sound.s.        IN A     10.42.1.80"
	local-data-ptr:                      "10.42.1.80 sound.s."

remote-control:
	control-enable: yes
	control-use-cert: no
	control-interface: "/run/unbound/control"
generated by cgit v1.2.1 (git 2.18.0) at 2024-07-05 16:35:22 +0000