deleting old unbound config under /etc/unbound
This commit is contained in:
@@ -1,58 +0,0 @@
|
|||||||
# Unbound configuration file for Debian.
|
|
||||||
#
|
|
||||||
# See the unbound.conf(5) man page.
|
|
||||||
#
|
|
||||||
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
|
|
||||||
# reference config file.
|
|
||||||
#
|
|
||||||
# The following line includes additional configuration files from the
|
|
||||||
# /etc/unbound/unbound.conf.d directory.
|
|
||||||
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
|
|
||||||
|
|
||||||
server:
|
|
||||||
# location of the trust anchor file that enables DNSSEC
|
|
||||||
# auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
|
||||||
# send minimal amount of information to upstream servers to enhance privacy
|
|
||||||
qname-minimisation: yes
|
|
||||||
# the interface that is used to connect to the network (this will listen to all interfaces)
|
|
||||||
interface: 0.0.0.0
|
|
||||||
# interface: ::0
|
|
||||||
private-address: 192.168.0.0/16
|
|
||||||
private-address: 100.64.0.0/10
|
|
||||||
|
|
||||||
# addresses from the IP range that are allowed to connect to the resolver
|
|
||||||
access-control: 192.168.88.0/24 allow
|
|
||||||
# explicitly allow localhost access
|
|
||||||
access-control: 127.0.0.0/8 allow
|
|
||||||
# allow Tailnet
|
|
||||||
access-control: 100.64.0.0/10 allow
|
|
||||||
# uncomment the following line to allow Tailnet IPv6
|
|
||||||
# access-control: fd7a:115c:a1e0::/48 allow
|
|
||||||
|
|
||||||
access-control-view: 192.168.88.0/24 lan
|
|
||||||
access-control-view: 100.64.0.0/10 tailnet
|
|
||||||
|
|
||||||
do-ip4: yes
|
|
||||||
do-ip6: no
|
|
||||||
do-udp: yes
|
|
||||||
do-tcp: yes
|
|
||||||
|
|
||||||
view:
|
|
||||||
name: "lan"
|
|
||||||
view-first: yes
|
|
||||||
local-zone: "example.com." transparent
|
|
||||||
local-data: "nextcloud.example.com. A 192.168.88.231"
|
|
||||||
local-data: "photo.example.com. A 192.168.88.231"
|
|
||||||
local-data: "gitea.example.com. A 192.168.88.231"
|
|
||||||
local-data: "portainer.example.com. A 192.168.88.231"
|
|
||||||
local-data: "vaultwarden.example.com. A 192.168.88.231"
|
|
||||||
|
|
||||||
view:
|
|
||||||
name: "tailnet"
|
|
||||||
view-first: yes
|
|
||||||
local-zone: "example.com." transparent
|
|
||||||
local-data: "nextcloud.example.com. A 100.81.165.11"
|
|
||||||
local-data: "photo.example.com. A 100.81.165.11"
|
|
||||||
local-data: "gitea.example.com. A 100.81.165.11"
|
|
||||||
local-data: "portainer.example.com. A 100.81.165.11"
|
|
||||||
local-data: "vaultwarden.example.com. A 100.81.165.11"
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
remote-control:
|
|
||||||
control-enable: yes
|
|
||||||
# by default the control interface is is 127.0.0.1 and ::1 and port 8953
|
|
||||||
# it is possible to use a unix socket too
|
|
||||||
control-interface: /run/unbound.ctl
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
server:
|
|
||||||
# The following line will configure unbound to perform cryptographic
|
|
||||||
# DNSSEC validation using the root trust anchor.
|
|
||||||
auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
auth-zone:
|
|
||||||
name: objectbrokers.com
|
|
||||||
zonefile: /etc/unbound/zones/objectbrokers.zone
|
|
||||||
Reference in New Issue
Block a user