mirror of
https://github.com/casjaysdevdocker/bind
synced 2025-11-05 01:02:29 -05:00
🗃️ Committing everything that changed 🗃️
rootfs/tmp/etc/bind/named.conf rootfs/tmp/etc/bind/rndc.key rootfs/tmp/var/bind/root.cache rootfs/usr/local/share/template-files/config/bind/ rootfs/usr/local/share/template-files/data/bind/
This commit is contained in:
casjay
@@ -1,89 +0,0 @@
|
||||
# default options - https://bind9.readthedocs.io/en/latest/chapter3.html
|
||||
#####################################################################
|
||||
# rndc keys
|
||||
key "dhcp-key" { algorithm hmac-md5; secret "REPLACE_KEY_DHCP"; };
|
||||
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
|
||||
key "backup-key" { algorithm hmac-sha256; secret "MKEQ/REPLACE_KEY_BACKUP"; };
|
||||
key "certbot." { algorithm hmac-sha512; secret "REPLACE_KEY_CERTBOT"; };
|
||||
#####################################################################
|
||||
# access settings
|
||||
acl "all" { 0.0.0.0/0; ::/0; };
|
||||
acl "secondary" { REPLACE_DNS_SERVER_SECONDARY; };
|
||||
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
|
||||
acl "updates" { key "dhcp-key"; key "certbot."; };
|
||||
acl "transfers" {key "dhcp-key"; key "certbot."; key "backup-key"; secondary; };
|
||||
acl "forward" { 1.1.1.1; 8.8.8.8; 4.4.4.4; };
|
||||
#####################################################################
|
||||
# rndc settings
|
||||
controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; };
|
||||
#####################################################################
|
||||
options {
|
||||
version "9";
|
||||
listen-on { any; };
|
||||
listen-on-v6 { any; };
|
||||
zone-statistics yes;
|
||||
max-cache-size 60m;
|
||||
interface-interval 60;
|
||||
max-ncache-ttl 10800;
|
||||
max-udp-size 4096;
|
||||
notify yes;
|
||||
also-notify { REPLACE_DNS_SERVER_SECONDARY; };
|
||||
allow-update { updates; };
|
||||
allow-update-forwarding { REPLACE_DNS_SERVER_SECONDARY; };
|
||||
allow-transfer { trusted; };
|
||||
transfer-format many-answers;
|
||||
allow-query { any; };
|
||||
allow-recursion { any; };
|
||||
allow-query-cache { any; };
|
||||
auth-nxdomain no;
|
||||
dnssec-validation auto;
|
||||
directory "REPLACE_VAR_DIR";
|
||||
managed-keys-directory "REPLACE_ETC_DIR/keys";
|
||||
pid-file "REPLACE_RUN_DIR/named.pid";
|
||||
dump-file "REPLACE_DATA_DIR/stats/dump.txt";
|
||||
statistics-file "REPLACE_DATA_DIR/stats/stats.txt";
|
||||
memstatistics-file "REPLACE_DATA_DIR/stats/mem.txt";
|
||||
forwarders { 1.1.1.1; 8.8.8.8; 4.4.4.4; };
|
||||
};
|
||||
#####################################################################
|
||||
# named logging options
|
||||
logging {
|
||||
channel debug { file "REPLACE_LOG_DIR/debug.info" versions 0 size 5m; severity debug; };
|
||||
channel querylog { file "REPLACE_LOG_DIR/querylog.log" versions 0 size 5m; severity info; print-time yes; };
|
||||
channel security { file "REPLACE_LOG_DIR/security.log" versions 0 size 5m; severity dynamic; print-severity yes; print-time yes; };
|
||||
channel xfer-in { file "REPLACE_LOG_DIR/xfer.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
channel xfer-out { file "REPLACE_LOG_DIR/xfer.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
channel update { file "REPLACE_LOG_DIR/update.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
channel notify { file "REPLACE_LOG_DIR/notify.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
channel client { file "REPLACE_LOG_DIR/client.log" versions 0 size 5m; severity debug; print-category yes; print-severity yes; print-time yes; };
|
||||
channel default { file "REPLACE_LOG_DIR/default.log" versions 0 size 5m; severity debug; print-category yes; print-severity yes; print-time yes; };
|
||||
channel general { file "REPLACE_LOG_DIR/general.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
channel database { file "REPLACE_LOG_DIR/database.log" versions 0 size 5m; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||
category lame-servers { default; debug; };
|
||||
category dispatch { default; debug; };
|
||||
category queries { querylog; default; debug; };
|
||||
category update { update; default; debug; };
|
||||
category network { default; debug; };
|
||||
category unmatched { default; debug; };
|
||||
category client { client; default; debug; };
|
||||
category notify { notify; default; debug; };
|
||||
category xfer-out { xfer-out; default; debug; };
|
||||
category xfer-in { xfer-in; default; debug; };
|
||||
category resolver { default; debug; };
|
||||
category config { default; debug; };
|
||||
category security { security; default; debug; };
|
||||
category database { database; default; debug; };
|
||||
category general { general; default; debug; };
|
||||
category default { default; debug; };
|
||||
category dnssec { security; default; debug; };
|
||||
};
|
||||
#####################################################################
|
||||
# ********** begin root info **********
|
||||
zone "." {
|
||||
type hint;
|
||||
file "REPLACE_VAR_DIR/root.cache";
|
||||
};
|
||||
# ********** end root info **********
|
||||
#####################################################################
|
||||
# begin imports
|
||||
include "REPLACE_ETC_DIR/zones.conf";
|
||||
@@ -1 +0,0 @@
|
||||
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
|
||||
Reference in New Issue
Block a user