48 lines
1.2 KiB
Text
48 lines
1.2 KiB
Text
server:
|
|
interface: 0.0.0.0
|
|
interface: ::0
|
|
interface-automatic: yes
|
|
|
|
# Also listen on docker to allow docker container to reach unbound
|
|
#interface: 172.17.0.1
|
|
access-control: 172.0.0.0/8 allow
|
|
access-control: 172.31.0.0/16 allow
|
|
|
|
trust-anchor-file: "/etc/unbound/trusted-key.key"
|
|
|
|
cache-max-ttl: 86400
|
|
cache-min-ttl: 7200
|
|
|
|
hide-identity: yes
|
|
hide-version: yes
|
|
|
|
qname-minimisation: yes
|
|
|
|
aggressive-nsec: yes
|
|
prefetch: yes
|
|
serve-expired: yes
|
|
serve-expired-ttl: 86400
|
|
|
|
#tls-upstream: yes
|
|
#tls-cert-bundle: /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
|
|
|
#verbosity: 1
|
|
#log-queries: yes
|
|
# use journalctl to see the logs
|
|
# e.g : journalctl --since 2023-01-01 -f -u unbound
|
|
|
|
local-data: "my-resolver.internal TXT local unbound"
|
|
local-zone: "custom.verify" redirect
|
|
local-data: "custom.verify A 42.42.42.42"
|
|
local-zone: "jpp.jpp" redirect
|
|
local-data: "jpp.jpp A 1.1.1.1"
|
|
local-zone: "e.e" redirect
|
|
local-data: "e.e A 42.42.42.42"
|
|
|
|
remote-control:
|
|
control-enable: yes
|
|
control-interface: 127.0.0.1
|
|
|
|
# Include others namespace/domains configs
|
|
include: /etc/unbound/config.d/*
|
|
|