diff options
| author | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-19 01:19:10 +0100 |
|---|---|---|
| committer | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-19 12:46:29 +0100 |
| commit | 3b795796bd03488a385f3ad42b10b8c0d61282c1 (patch) | |
| tree | 19381884de2c8320b20d3205f22b71c42c63dd1c /roles/space_server/files/named | |
| parent | 505f69ee1540581eef2465dc420525213d278473 (diff) | |
| download | labitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.tar.gz labitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.tar.xz labitat-ansible-3b795796bd03488a385f3ad42b10b8c0d61282c1.zip | |
space_server: unbound: use unbound instad of bind
Diffstat (limited to 'roles/space_server/files/named')
| -rw-r--r-- | roles/space_server/files/named/named.conf | 81 | ||||
| -rw-r--r-- | roles/space_server/files/named/s.zone | 21 |
2 files changed, 0 insertions, 102 deletions
diff --git a/roles/space_server/files/named/named.conf b/roles/space_server/files/named/named.conf deleted file mode 100644 index d9b60d3..0000000 --- a/roles/space_server/files/named/named.conf +++ /dev/null @@ -1,81 +0,0 @@ -// -// named.conf -// -// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS -// server as a caching only nameserver (as a localhost DNS resolver only). -// -// See /usr/share/doc/bind*/sample/ for example named configuration files. -// - -options { - listen-on port 53 { - 127.0.0.1; - 185.38.175.0; - }; - listen-on-v6 port 53 { - ::1; - 2a01:4260:1ab::; - }; - #dns64 fde2:52b4:4a19:ffff::/96 { - # clients { fde2:52b4:4a19:5::/64; }; - #}; - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - memstatistics-file "/var/named/data/named_mem_stats.txt"; - //allow-query { localhost; }; - - /* - - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion. - - If you are building a RECURSIVE (caching) DNS server, you need to enable - recursion. - - If your recursive DNS server has a public IP address, you MUST enable access - control to limit queries to your legitimate users. Failing to do so will - cause your server to become part of large scale DNS amplification - attacks. Implementing BCP38 within your network would greatly - reduce such attack surface - */ - recursion yes; - - dnssec-enable yes; - dnssec-validation yes; - - managed-keys-directory "/var/named/dynamic"; - - pid-file "/run/named/named.pid"; - session-keyfile "/run/named/session.key"; - - /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */ - include "/etc/crypto-policies/back-ends/bind.config"; -}; - -logging { - channel default_debug { - file "data/named.run"; - severity dynamic; - }; - channel syslog { - syslog; - severity warning; - print-severity yes; - print-category yes; - }; - category default{ - syslog; - }; -}; - -zone "." IN { - type hint; - file "named.ca"; -}; - -zone "s" IN { - type master; - file "/etc/named/s.zone"; - allow-transfer { none; }; -}; - -include "/etc/named.rfc1912.zones"; -include "/etc/named.root.key"; - diff --git a/roles/space_server/files/named/s.zone b/roles/space_server/files/named/s.zone deleted file mode 100644 index 97bd2f7..0000000 --- a/roles/space_server/files/named/s.zone +++ /dev/null @@ -1,21 +0,0 @@ -s. 600 IN SOA space.labitat.dk. xnybre.labitat.dk. 2015112001 7200 3600 604800 86400 -s. 600 IN NS space.labitat.dk. - -s. 600 IN A 10.42.1.1 -s. 600 IN AAAA 2a01:4260:1ab:: - -labitrack.s. 600 IN CNAME spacewand.labitat.dk. -track.s. 600 IN CNAME spacewand.labitat.dk. - -doorputer.s. 600 IN A 10.42.0.3 -foodputer.s. 600 IN A 10.42.0.4 - -lathe.s. 600 IN A 10.42.0.12 - -anna.s. 600 IN A 10.42.1.9 -infotron.s. 600 IN A 10.42.1.34 -spacemon.s. 600 IN A 10.42.1.35 -jumbotron.s. 600 IN A 10.42.1.36 -sound.s. 600 IN A 10.42.1.80 - -printbrother.s. 600 IN A 10.42.1.32 |