ansible/roles/nsd/templates/nsd.conf.j2

67 lines
2.2 KiB
Django/Jinja

# {{ ansible_managed }}
server:
ip-address: 127.0.0.1@5353
ip-address: ::1@5353
ip-address: 176.9.59.104@53
ip-address: 2a01:4f8:150:926f::2@53
# policy
statistics: 3600
round-robin: yes
minimal-responses: yes
hide-version: yes
hide-identity: no
# performance
server-count: 1
tcp-timeout: 12
# place nice with s6-rc
log-time-ascii: no
debug-mode: yes
# zones are state, not configuration
zonesdir: "/var/db/nsd/zones"
# Remote control config section.
remote-control:
control-enable: yes
control-interface: /var/run/nsd/control
zone:
name: "."
request-xfr: 192.228.79.201 NOKEY # b.root-servers.net
request-xfr: 192.33.4.12 NOKEY # c.root-servers.net
request-xfr: 192.5.5.241 NOKEY # f.root-servers.net
request-xfr: 192.112.36.4 NOKEY # g.root-servers.net
request-xfr: 193.0.14.129 NOKEY # k.root-servers.net
request-xfr: 192.0.47.132 NOKEY # xfr.cjr.dns.icann.org
request-xfr: 192.0.32.132 NOKEY # xfr.lax.dns.icann.org
request-xfr: 2001:500:84::b NOKEY # b.root-servers.net
request-xfr: 2001:500:2f::f NOKEY # f.root-servers.net
request-xfr: 2001:7fd::1 NOKEY # k.root-servers.net
request-xfr: 2620:0:2830:202::132 NOKEY # xfr.cjr.dns.icann.org
request-xfr: 2620:0:2d0:202::132 NOKEY # xfr.lax.dns.icann.org
# Patterns for dynamically managed zones
# The list of dynamic zones is in /var/db/nsd/zone.list and is managed
# by `nsd-control addzone` and `nsd-control delzone`
pattern:
name: "local"
zonefile: "%s"
# brunn.ccchb.de
provide-xfr: 159.69.196.38 NOKEY
provide-xfr: 2a01:4f8:1c1c:c197:: NOKEY
# ns1.grimpen.net
provide-xfr: 51.83.186.231 NOKEY
provide-xfr: 2001:41d0:601:1100::33b7 NOKEY
pattern:
name: "replicate-brunn"
# brunn.ccchb.de
allow-notify: 159.69.196.38 NOKEY
allow-notify: 2a01:4f8:1c1c:c197:: NOKEY
request-xfr: AXFR 2a01:4f8:1c1c:c197:: NOKEY