saltstack-formulas/bind-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/bind-formula.git synced 2025-04-17 02:00:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind-formula/bind/files/suse/named.conf
Javier Bértoli 45e8128487 Refactor named.conf.local & logging across platforms
2018-05-26 19:57:58 -03:00

145 lines
4.5 KiB
Text
Raw Blame History

# Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Frank Bodammer, Lars Mueller <lmuelle@suse.de>
#
# /etc/named.conf
#
# This is a sample configuration file for the name server BIND 9. It works as
# a caching only name server without modification.
#
# A sample configuration for setting up your own domain can be found in
# /usr/share/doc/packages/bind/sample-config.
#
# A description of all available options can be found in
# /usr/share/doc/packages/bind/misc/options.
options {
# The directory statement defines the name server's working directory
directory "/var/lib/named";
# enable DNSSEC validation
#
# If BIND logs error messages about the root key being expired, you
# will need to update your keys. See https://www.isc.org/bind-keys
#
# dnssec-enable yes (default), indicates that a secure DNS service
# is being used which may be one, or more, of TSIG
# (for securing zone transfers or DDNS updates), SIG(0)
# (for securing DDNS updates) or DNSSEC.
#dnssec-enable yes;
# dnssec-validation yes (default), indicates that a resolver
# (a caching or caching-only name server) will attempt to validate
# replies from DNSSEC enabled (signed) zones. To perform this task
# the server also needs either a valid trusted-keys clause
# (containing one or more trusted-anchors or a managed-keys clause.
#dnssec-validation auto;
managed-keys-directory "/var/lib/named/dyn/";
# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
#listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
listen-on-v6 { any; };
# The next three statements may be needed if a firewall stands between
# the local server and the internet.
#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
{#- Allow inclusion of arbitrary statements #}
{%- for statement, value in salt['pillar.get']('bind:config:options', map.get('options', {})).items() -%}
{%- if value is iterable and value is not string %}
{{ statement }} {
{%- for item in value %}
{{ item }};
{%- endfor %}
};
{%- else %}
{{ statement }} {{ value }};
{%- endif %}
{%- endfor %}
};
# The following zone definitions don't need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "127.0.0.zone";
};
# Include the meta include file generated by createNamedConfInclude. This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named
include "/etc/named.conf.include";
# You can insert further zone records for your own domains below or create
# single files in /etc/named.d/ and add the file names to
# NAMED_CONF_INCLUDE_FILES.
# See /usr/share/doc/packages/bind/README.SUSE for more details.
Reference in a new issue View git blame Copy permalink