35 lines
768 B
Django/Jinja
35 lines
768 B
Django/Jinja
# handled by ansible
|
|
|
|
server:
|
|
verbosity: {{ dns_server.verbosity }}
|
|
do-not-query-localhost: no
|
|
directory: "/etc/unbound"
|
|
username: unbound
|
|
pidfile: "/run/unbound.pid"
|
|
{% if server.public_ip is defined %}
|
|
do-ip4: yes
|
|
interface: 0.0.0.0
|
|
access-control: 0.0.0.0/0 allow
|
|
{% else %}
|
|
do-ip4: no
|
|
{% endif -%}
|
|
{% if server.public_ip6 is defined %}
|
|
do-ip6: yes
|
|
interface: ::0
|
|
access-control: ::0/0 allow_snoop
|
|
{% else %}
|
|
do-ip6: no
|
|
{% endif -%}
|
|
{% if server.verbosity is defined -%}
|
|
verbosity: {{ server.verbosity }}
|
|
{% endif -%}
|
|
tls-win-cert: yes
|
|
|
|
{% for zone in zones -%}
|
|
auth-zone:
|
|
name: {{ zone.name }}.
|
|
master: {{ server.nsd_addr }}@{{ server.nsd_port }}
|
|
{% endfor %}
|
|
|
|
# vim: set syntax=yaml et sw=0 ts=2 sts=0:
|