cjones/teal.config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: cjones:e8a8797c7193aaaab4eec912e6eec11a5d6b9f2a
Branches Tags
cjones:main cjones:dev
..
compare: cjones:dev
Branches Tags
cjones:main cjones:dev

2 Commits
e8a8797c71 ... dev

Author SHA1 Message Date
cjones
c2c8347285 deleting old unbound config under /etc/unbound 2026-02-16 17:48:16 -05:00
cjones
6b7127a64d adding new unbound config files under /usr/local 2026-02-16 17:45:24 -05:00
6 changed files with 1454 additions and 23 deletions
Expand all files Collapse all files

4
etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf
View File

@@ -1,4 +0,0 @@
server:
# The following line will configure unbound to perform cryptographic
# DNSSEC validation using the root trust anchor.
auto-trust-anchor-file: "/var/lib/unbound/root.key"

3
etc/unbound/unbound.conf.d/zones.conf
View File

@@ -1,3 +0,0 @@
auth-zone:
name: objectbrokers.com
zonefile: /etc/unbound/zones/objectbrokers.zone

1424
usr/local/etc/unbound/original.unboundconf Normal file
View File

File diff suppressed because it is too large Load Diff

10
usr/local/etc/unbound/root.key Normal file
View File

@@ -0,0 +1,10 @@
; autotrust trust anchor file
;;id: . 1
;;last_queried: 1771250359 ;;Mon Feb 16 08:59:19 2026
;;last_success: 1771250359 ;;Mon Feb 16 08:59:19 2026
;;next_probe_time: 1771292919 ;;Mon Feb 16 20:48:39 2026
;;query_failed: 0
;;query_interval: 43200
;;retry_time: 8640
. 86400 IN DNSKEY 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ;{id = 20326 (ksk), size = 2048b} ;;state=2 [ VALID ] ;;count=0 ;;lastchange=1771031738 ;;Fri Feb 13 20:15:38 2026
. 86400 IN DNSKEY 257 3 8 AwEAAa96jeuknZlaeSrvyAJj6ZHv28hhOKkx3rLGXVaC6rXTsDc449/cidltpkyGwCJNnOAlFNKF2jBosZBU5eeHspaQWOmOElZsjICMQMC3aeHbGiShvZsx4wMYSjH8e7Vrhbu6irwCzVBApESjbUdpWWmEnhathWu1jo+siFUiRAAxm9qyJNg/wOZqqzL/dL/q8PkcRU5oUKEpUge71M3ej2/7CPqpdVwuMoTvoB+ZOT4YeGyxMvHmbrxlFzGOHOijtzN+u1TQNatX2XBuzZNQ1K+s2CXkPIZo7s6JgZyvaBevYtxPvYLw4z9mR7K2vaF18UYH9Z9GNUUeayffKC73PYc= ;{id = 38696 (ksk), size = 2048b} ;;state=2 [ VALID ] ;;count=0 ;;lastchange=1771031738 ;;Fri Feb 13 20:15:38 2026

36
etc/unbound/unbound.conf → usr/local/etc/unbound/unbound.conf
View File

@@ -2,16 +2,14 @@
# #
# See the unbound.conf(5) man page. # See the unbound.conf(5) man page.
# #
# See /usr/share/doc/unbound/examples/unbound.conf for a commented # See /usr/share/doc/unbound/objectbrokerss/unbound.conf for a commented
# reference config file. # reference config file.
# #
# The following line includes additional configuration files from the # The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory. # /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
server: server:
# location of the trust anchor file that enables DNSSEC # location of the trust anchor file that enables DNSSEC
# auto-trust-anchor-file: "/var/lib/unbound/root.key" auto-trust-anchor-file: "/root.key"
# send minimal amount of information to upstream servers to enhance privacy # send minimal amount of information to upstream servers to enhance privacy
qname-minimisation: yes qname-minimisation: yes
# the interface that is used to connect to the network (this will listen to all interfaces) # the interface that is used to connect to the network (this will listen to all interfaces)
@@ -40,19 +38,25 @@ include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
view: view:
name: "lan" name: "lan"
view-first: yes view-first: yes
local-zone: "example.com." transparent local-zone: "objectbrokers.com." transparent
local-data: "nextcloud.example.com. A 192.168.88.231" local-data: "nextcloud.objectbrokers.com. A 192.168.88.231"
local-data: "photo.example.com. A 192.168.88.231" local-data: "photo.objectbrokers.com. A 192.168.88.231"
local-data: "gitea.example.com. A 192.168.88.231" local-data: "gitea.objectbrokers.com. A 192.168.88.231"
local-data: "portainer.example.com. A 192.168.88.231" local-data: "portainer.objectbrokers.com. A 192.168.88.231"
local-data: "vaultwarden.example.com. A 192.168.88.231" local-data: "vaultwarden.objectbrokers.com. A 192.168.88.231"
view: view:
name: "tailnet" name: "tailnet"
view-first: yes view-first: yes
local-zone: "example.com." transparent local-zone: "objectbrokers.com." transparent
local-data: "nextcloud.example.com. A 100.81.165.11" local-data: "nextcloud.objectbrokers.com. A 100.81.165.11"
local-data: "photo.example.com. A 100.81.165.11" local-data: "photo.objectbrokers.com. A 100.81.165.11"
local-data: "gitea.example.com. A 100.81.165.11" local-data: "gitea.objectbrokers.com. A 100.81.165.11"
local-data: "portainer.example.com. A 100.81.165.11" local-data: "portainer.objectbrokers.com. A 100.81.165.11"
local-data: "vaultwarden.example.com. A 100.81.165.11" local-data: "vaultwarden.objectbrokers.com. A 100.81.165.11"
remote-control:
control-enable: yes
control-interface: /run/unbound.ctl

0
etc/unbound/unbound.conf.d/remote-control.conf → usr/local/etc/unbound/unbound.conf.d/remote-control.conf
View File