39 lines
873 B
Django/Jinja
39 lines
873 B
Django/Jinja
|
|
server:
|
|
interface: 0.0.0.0
|
|
interface: ::0
|
|
|
|
access-control: 127.0.0.0/8 allow
|
|
access-control: ::1 allow
|
|
access-control: 172.20.25.1/32 allow
|
|
access-control: 172.20.25.2/32 allow
|
|
access-control: 172.20.25.3/32 allow
|
|
access-control: 172.20.25.0/24 refuse_non_local
|
|
|
|
extended-statistics: yes
|
|
|
|
hide-identity: yes
|
|
hide-version: yes
|
|
|
|
tls-upstream: yes
|
|
tls-cert-bundle: {{ tls_bundle }}
|
|
|
|
chroot: ""
|
|
|
|
unblock-lan-zones: yes
|
|
|
|
remote-control:
|
|
control-enable: yes
|
|
control-interface: /var/run/unbound.sock
|
|
|
|
forward-zone:
|
|
name: "."
|
|
forward-addr: 172.20.20.10@853#dns.home.foo.sh
|
|
forward-addr: 172.20.20.11@853#dns.home.foo.sh
|
|
forward-addr: 172.20.20.12@853#dns.home.foo.sh
|
|
|
|
{% for zone in unbound_zones %}
|
|
auth-zone:
|
|
name: "{{ zone }}"
|
|
zonefile: "{{ unbound_zonedir }}/{{ zone }}"
|
|
{% endfor %}
|