diff options
author | Emil Renner Berthing <esmil@labitat.dk> | 2018-09-26 13:16:11 +0200 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2018-11-10 22:30:23 +0100 |
commit | 9454fdbff511e965e4fd9eb187b7fe432dcd437e (patch) | |
tree | 616a430b46a4796dfbcbc53662a1f70af59720b5 /roles/space_server/templates/unbound | |
parent | f203f1ccf538955dbd81e9a81b4cb9da520a9afa (diff) | |
download | labitat-ansible-9454fdbff511e965e4fd9eb187b7fe432dcd437e.tar.gz labitat-ansible-9454fdbff511e965e4fd9eb187b7fe432dcd437e.tar.xz labitat-ansible-9454fdbff511e965e4fd9eb187b7fe432dcd437e.zip |
space_server: drop uneccessary subdirs
Diffstat (limited to 'roles/space_server/templates/unbound')
-rw-r--r-- | roles/space_server/templates/unbound/unbound.conf.j2 | 126 |
1 files changed, 0 insertions, 126 deletions
diff --git a/roles/space_server/templates/unbound/unbound.conf.j2 b/roles/space_server/templates/unbound/unbound.conf.j2 deleted file mode 100644 index d09d7af..0000000 --- a/roles/space_server/templates/unbound/unbound.conf.j2 +++ /dev/null @@ -1,126 +0,0 @@ -server: - pidfile: "/run/unbound/unbound.pid" - verbosity: 1 - statistics-interval: 0 - statistics-cumulative: no - extended-statistics: yes - num-threads: 1 - - define-tag: "local" - - interface: 127.0.0.1 - interface: ::1 - interface: 185.38.175.0 - interface: 2a01:4262:1ab:: - - outgoing-interface: 185.38.175.0 - outgoing-interface: 2a01:4262:1ab:: - outgoing-port-permit: 32768-60999 - outgoing-port-avoid: 0-32767 - - so-reuseport: yes - ip-transparent: yes - max-udp-size: 3072 - - access-control-tag: 127.0.0.1/32 "local" - access-control-tag: ::1/128 "local" - - access-control: 185.38.175.0/24 allow - access-control: 10.42.0.0/16 allow - access-control-tag: 10.42.0.0/24 "local" - access-control-tag: 10.42.1.0/24 "local" - access-control-tag: 10.42.2.0/24 "local" - # not free wifi 10.42.3.0/24 - access-control-tag: 10.42.4.0/24 "local" - access-control-tag: 10.42.5.0/24 "local" - access-control: 2a01:4262:1ab::/48 allow - access-control-tag: 2a01:4262:1ab:a::/64 "local" - access-control-tag: 2a01:4262:1ab:b::/64 "local" - access-control-tag: 2a01:4262:1ab:c::/64 "local" - # not free wifi 2a01:4262:1ab:d::/64 - access-control-tag: 2a01:4262:1ab:e::/64 "local" - access-control-tag: 2a01:4262:1ab:f::/64 "local" - - chroot: "" - username: "unbound" - directory: "/etc/unbound" - - use-syslog: yes - log-time-ascii: yes - - harden-glue: yes - harden-dnssec-stripped: yes - harden-below-nxdomain: yes - harden-referral-path: yes - qname-minimisation: yes - - prefetch: yes - prefetch-key: yes - rrset-roundrobin: yes - minimal-responses: yes - - module-config: "validator iterator" - - trust-anchor-signaling: yes - - trusted-keys-file: /etc/unbound/keys.d/*.key - auto-trust-anchor-file: "/var/lib/unbound/root.key" - - val-clean-additional: yes - val-permissive-mode: no - serve-expired: yes - val-log-level: 1 - - local-zone: a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "a.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "b.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "c.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "d.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "e.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. static - local-data: "f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN SOA space.labitat.dk. nobody.invalid. 1 3600 1200 604800 10800" - local-data: "f.0.0.0.b.a.1.0.0.6.2.4.1.0.a.2.ip6.arpa. IN NS space.labitat.dk." - - local-zone: s. static - local-zone-tag: s. "local" - local-data: "s. IN SOA space.labitat.dk. esmil.labitat.dk. 20171119 3600 1200 604800 10800" - local-data: "s. IN NS space.labitat.dk." - local-data: "s. IN A 10.42.1.1" - local-data: "s. IN AAAA 2a01:4262:1ab::" - local-data: "labitrack.s. IN A 185.38.175.70" - local-data: "labitrack.s. IN AAAA 2a01:4262:1ab::cafe" - local-data: "track.s. IN A 185.38.175.70" - local-data: "track.s. IN AAAA 2a01:4262:1ab::cafe" -{% for host in local_hosts %} -{% for ip in host.ips | ipv4 %} -{% if loop.index <= 1 %} - local-data: "{{ host.name }}.s. IN A {{ ip }}" - local-data-ptr: "{{ ip }} {{ host.name }}.s." -{% endif %} -{% endfor %} -{% for ip in host.ips | ipv6 %} -{% if loop.index <= 1 %} - local-data: "{{ host.name }}.s. IN AAAA {{ ip }}" - local-data-ptr: "{{ ip }} {{ host.name }}.s." -{% endif %} -{% endfor %} -{% endfor %} - -remote-control: - control-enable: yes - control-use-cert: no - control-interface: "/run/unbound/control" |