maybe chmod 0644 'bind/db.255'
maybe chmod 0644 'bind/db.empty'
maybe chmod 0644 'bind/db.local'
+maybe chgrp 'bind' 'bind/named-acl.conf'
+maybe chmod 0644 'bind/named-acl.conf'
+maybe chgrp 'bind' 'bind/named-dyn.conf'
+maybe chmod 0644 'bind/named-dyn.conf'
+maybe chgrp 'bind' 'bind/named-log.conf'
+maybe chmod 0644 'bind/named-log.conf'
+maybe chgrp 'bind' 'bind/named-pri.conf'
+maybe chmod 0644 'bind/named-pri.conf'
+maybe chgrp 'bind' 'bind/named-sec.conf'
+maybe chmod 0644 'bind/named-sec.conf'
maybe chgrp 'bind' 'bind/named.conf'
maybe chmod 0644 'bind/named.conf'
maybe chgrp 'bind' 'bind/named.conf.default-zones'
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Access-Control-Listen
+//# /etc/bind/named-acl.conf
+//#
+//# Host sarah.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Access-Control-Listen
+
+#----------------------------------------
+acl allow-dyn-update {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 188.34.187.246;
+ 2a01:4f8:c010:80ee::1;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl allow-notify {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 188.34.187.246;
+ 2a01:4f8:c010:80ee::1;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl allow-recursion {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 188.34.187.246;
+ 2a01:4f8:c010:80ee::1;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 138.201.28.135;
+ 138.201.28.184;
+ 138.201.28.185;
+ 138.201.28.186;
+ 2a01:4f8:171:3006::/64;
+ 127.0.0.0/8;
+ ::1/128;
+ fe80::/10;
+};
+
+#----------------------------------------
+acl also-notify-acwain {
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+};
+
+#----------------------------------------
+acl also-notify-boreus {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+};
+
+#----------------------------------------
+acl also-notify-uhu-banane {
+ 185.48.118.128;
+ 162.254.24.33;
+};
+
+#----------------------------------------
+acl common-allow-transfer {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 188.34.187.246;
+ 2a01:4f8:c010:80ee::1;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl local-host-ips {
+ 127.0.0.1/8;
+ ::1/128;
+};
+
+#----------------------------------------
+acl local-net-ips {
+ 127.0.0.0/8;
+ 10.0.0.0/8;
+ 172.16.0.0/12;
+ 192.168.0.0/16;
+ ::1/128;
+ fe80::/10;
+};
+
+#----------------------------------------
+acl private-net-ips {
+ 10.12.11.0/24;
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 188.34.187.246;
+ 2a01:4f8:c010:80ee::1;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Dynamische Zonen
+//# /etc/bind/named-dyn.conf
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Logging
+//# /etc/bind/named-log.conf
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Angaben zum Logging
+
+logging {
+
+ //---------------------------------------
+ // Channels
+
+ channel complete_debug {
+ file "/var/log/bind/complete-debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 99;
+ };
+
+ channel logtofile {
+ file "/var/log/bind/named.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity info;
+ };
+
+ channel moderate_debug {
+ file "/var/log/bind/debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 1;
+ };
+
+ channel query_logging {
+ file "/var/log/bind/query.log";
+ print-time yes;
+ };
+
+ channel security_file {
+ file "/var/log/bind/security.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity dynamic;
+ };
+
+ channel syslog-warning {
+ syslog daemon;
+ severity warning;
+ };
+
+
+ //---------------------------------------
+ // Categories
+
+ category default {
+ default_debug;
+ logtofile;
+ };
+
+ category general {
+ logtofile;
+ syslog-warning;
+ };
+
+ category lame-servers {
+ null;
+ };
+
+ category queries {
+ query_logging;
+ };
+
+ category security {
+ security_file;
+ };
+
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Primaere Zonen
+//# /etc/bind/named-pri.conf
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Master-Zonen (Primary)
+
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Sekundaere Zonen
+//# /etc/bind/named-sec
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Slave-Zonen (Secondary)
+
+
+
+# vim: ts=4 filetype=named noai
+//###############################################################
+//# Bind9-Konfigurationsdatei
+//# /etc/bind/named.conf
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
+// access control lists
+include "/etc/bind/named-acl.conf";
+
+// global options
include "/etc/bind/named.conf.options";
+
+// logging configuration
+include "/etc/bind/named-log.conf";
+
+// local configuration
include "/etc/bind/named.conf.local";
+
+// Manual changes (not in Salt)
+include "/etc/bind/named.conf.local";
+
+// Default zones
include "/etc/bind/named.conf.default-zones";
+
+// master zones
+include "/etc/bind/named-pri.conf";
+
+// dynamic zones
+include "/etc/bind/named-dyn.conf";
+
+// slave zones
+include "/etc/bind/named-sec.conf";
+
+
+
+# vim: ts=4 filetype=named noai
+//###############################################################
+//# Bind9-Konfigurationsdatei Default zones
+//# /etc/bind/named.conf.default-zones
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.255";
};
-
+// vim: ts=4 filetype=named noai
+//# Bind9-Konfigurationsdatei Lokeles Geruempel
+//# /etc/bind/named.conf.local
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
-//include "/etc/bind/zones.rfc1918";
+include "/etc/bind/zones.rfc1918";
+// vim: ts=4 filetype=named noai
+//###############################################################
+//# Bind9-Konfigurationsdatei for general options
+//# /etc/bind/named.conf.options
+//#
+//# Host helga.uhu-banane.de
+//#
+//###############################################################
+
+
+//###############################################################
+//# Allgemeine Optionen
+
options {
directory "/var/cache/bind";
// 0.0.0.0;
// };
- //========================================================================
- // If BIND logs error messages about the root key being expired,
- // you will need to update your keys. See https://www.isc.org/bind-keys
- //========================================================================
- dnssec-validation auto;
-
listen-on-v6 { any; };
+ listen-on { any; };
+
+ allow-notify {
+ allow-notify;
+ };
+
+ allow-recursion {
+ allow-recursion;
+ };
+
+ //========================================================================
+ // If BIND logs error messages about the root key being expired,
+ // you will need to update your keys. See https://www.isc.org/bind-keys
+ //========================================================================
+ //dnssec-enable yes;
+ dnssec-validation auto;
+ // dnssec-lookaside auto;
+
+ /* if you have problems and are behind a firewall: */
+ //query-source address * port 53;
+
+ // pid-file "/var/run/named/named.pid";
+
+ version "none";
+
+};
+
+// Managed Keys
+include "/etc/bind/bind.keys";
+
+key "dyn-dns-updater" {
+ algorithm hmac-md5;
+ secret "gi69Yjzo1OSPVQ/oTTgw+Q==";
+};
+
+//###############################################################
+//# Kontrollkanäle für RNDC
+
+include "/etc/bind/rndc.key";
+
+controls {
+ inet 127.0.0.1 port 953 allow {
+ 127.0.0.1;
+ ::1/128;
+ } keys {
+ "rndc-key";
+ };
};
+
+
+# vim: ts=4 filetype=named noai
+// vim: ts=4 filetype=named noai
projects / config / helga-hetzner / etc.git / commitdiff