mailcow/data/conf/unbound/unbound.conf

44 lines
1.2 KiB
Plaintext

server:
verbosity: 1
interface: 0.0.0.0
interface: ::0
logfile: /dev/console
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
do-daemonize: no
#access-control: 0.0.0.0/0 allow
access-control: 10.0.0.0/8 allow
access-control: 172.16.0.0/12 allow
access-control: 192.168.0.0/16 allow
access-control: fc00::/7 allow
access-control: fe80::/10 allow
#access-control: ::0/0 allow
directory: "/etc/unbound"
username: unbound
auto-trust-anchor-file: trusted-key.key
#private-address: 10.0.0.0/8
#private-address: 172.16.0.0/12
#private-address: 192.168.0.0/16
#private-address: 169.254.0.0/16
#private-address: fc00::/7
#private-address: fe80::/10
# cache-min-ttl needs to be less or equal to cache-max-negative-ttl
cache-min-ttl: 5
cache-max-negative-ttl: 60
root-hints: "/etc/unbound/root.hints"
hide-identity: yes
hide-version: yes
max-udp-size: 4096
msg-buffer-size: 65552
remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 8953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"