full-dns/templates/unbound.conf.j2
Blallo 3f58459e78
Update configuration and logic. Support ipv6.
Now ipv6 is supported using `public_ipv6` in the `server` block and
refactoring the configuration logic.
Also fix unbound configuration to allow recursive queries from
resolvers.
2020-08-19 18:47:56 +02:00

34 lines
763 B
Django/Jinja

# handled by ansible
server:
verbosity: {{ dns_server.verbosity }}
do-not-query-localhost: no
directory: "/etc/unbound"
username: unbound
pidfile: "/run/unbound.pid"
{% if server.public_ip is defined %}
do-ip4: yes
interface: 0.0.0.0
access-control: 0.0.0.0/0 allow_snoop
{% else %}
do-ip4: no
{% endif -%}
{% if server.public_ip6 is defined %}
do-ip6: yes
interface: ::0
access-control: ::0/0 allow_snoop
{% else %}
do-ip6: no
{% endif -%}
{% if server.verbosity is defined -%}
verbosity: {{ server.verbosity }}
{% endif -%}
{% for zone in zones -%}
forward-zone:
name: {{ zone.name }}.
forward-addr: {{ server.nsd_addr }}@{{ server.nsd_port }}
{% endfor %}
# vim: set syntax=yaml et sw=0 ts=2 sts=0: