aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server/files/named
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2017-11-19 01:19:10 +0100
committerEmil Renner Berthing <esmil@labitat.dk>2017-11-19 12:46:29 +0100
commit3b795796bd03488a385f3ad42b10b8c0d61282c1 (patch)
tree19381884de2c8320b20d3205f22b71c42c63dd1c /roles/space_server/files/named
parent505f69ee1540581eef2465dc420525213d278473 (diff)
downloadlabitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.tar.gz
labitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.tar.xz
labitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.zip
space_server: unbound: use unbound instad of bind
Diffstat (limited to 'roles/space_server/files/named')
-rw-r--r--roles/space_server/files/named/named.conf81
-rw-r--r--roles/space_server/files/named/s.zone21
2 files changed, 0 insertions, 102 deletions
diff --git a/roles/space_server/files/named/named.conf b/roles/space_server/files/named/named.conf
deleted file mode 100644
index d9b60d3..0000000
--- a/roles/space_server/files/named/named.conf
+++ /dev/null
@@ -1,81 +0,0 @@
-//
-// named.conf
-//
-// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
-// server as a caching only nameserver (as a localhost DNS resolver only).
-//
-// See /usr/share/doc/bind*/sample/ for example named configuration files.
-//
-
-options {
- listen-on port 53 {
- 127.0.0.1;
- 185.38.175.0;
- };
- listen-on-v6 port 53 {
- ::1;
- 2a01:4260:1ab::;
- };
- #dns64 fde2:52b4:4a19:ffff::/96 {
- # clients { fde2:52b4:4a19:5::/64; };
- #};
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- //allow-query { localhost; };
-
- /*
- - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- - If you are building a RECURSIVE (caching) DNS server, you need to enable
- recursion.
- - If your recursive DNS server has a public IP address, you MUST enable access
- control to limit queries to your legitimate users. Failing to do so will
- cause your server to become part of large scale DNS amplification
- attacks. Implementing BCP38 within your network would greatly
- reduce such attack surface
- */
- recursion yes;
-
- dnssec-enable yes;
- dnssec-validation yes;
-
- managed-keys-directory "/var/named/dynamic";
-
- pid-file "/run/named/named.pid";
- session-keyfile "/run/named/session.key";
-
- /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
- include "/etc/crypto-policies/back-ends/bind.config";
-};
-
-logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- channel syslog {
- syslog;
- severity warning;
- print-severity yes;
- print-category yes;
- };
- category default{
- syslog;
- };
-};
-
-zone "." IN {
- type hint;
- file "named.ca";
-};
-
-zone "s" IN {
- type master;
- file "/etc/named/s.zone";
- allow-transfer { none; };
-};
-
-include "/etc/named.rfc1912.zones";
-include "/etc/named.root.key";
-
diff --git a/roles/space_server/files/named/s.zone b/roles/space_server/files/named/s.zone
deleted file mode 100644
index 97bd2f7..0000000
--- a/roles/space_server/files/named/s.zone
+++ /dev/null
@@ -1,21 +0,0 @@
-s. 600 IN SOA space.labitat.dk. xnybre.labitat.dk. 2015112001 7200 3600 604800 86400
-s. 600 IN NS space.labitat.dk.
-
-s. 600 IN A 10.42.1.1
-s. 600 IN AAAA 2a01:4260:1ab::
-
-labitrack.s. 600 IN CNAME spacewand.labitat.dk.
-track.s. 600 IN CNAME spacewand.labitat.dk.
-
-doorputer.s. 600 IN A 10.42.0.3
-foodputer.s. 600 IN A 10.42.0.4
-
-lathe.s. 600 IN A 10.42.0.12
-
-anna.s. 600 IN A 10.42.1.9
-infotron.s. 600 IN A 10.42.1.34
-spacemon.s. 600 IN A 10.42.1.35
-jumbotron.s. 600 IN A 10.42.1.36
-sound.s. 600 IN A 10.42.1.80
-
-printbrother.s. 600 IN A 10.42.1.32