maybe chmod 0644 'bind/db.empty'
maybe chmod 0644 'bind/db.local'
maybe chmod 0644 'bind/db.root'
+maybe chgrp 'bind' 'bind/named-acl.conf'
+maybe chmod 0644 'bind/named-acl.conf'
+maybe chgrp 'bind' 'bind/named-log.conf'
+maybe chmod 0644 'bind/named-log.conf'
maybe chgrp 'bind' 'bind/named.conf'
maybe chmod 0644 'bind/named.conf'
maybe chgrp 'bind' 'bind/named.conf.default-zones'
--- /dev/null
+[connection]
+id=eth0
+uuid=296b8121-62ca-354b-bd4a-e33b0341ee34
+type=ethernet
+autoconnect-priority=-999
+permissions=
+timestamp=1588593584
+
+[ethernet]
+mac-address=44:8A:5B:CD:BF:48
+mac-address-blacklist=
+
+[ipv4]
+dns-search=
+method=auto
+
+[ipv6]
+addr-gen-mode=stable-privacy
+dns-search=
+method=auto
+# /var/lib/samba/private/** rwmk,
+# /usr/lib/x86_64-linux-gnu/** rwmk,
+# /dev/urandom rwmk,
# syslog do the heavy lifting.
/var/log/named/** rw,
/var/log/named/ rw,
+ /var/log/bind/** rw,
+ /var/log/bind/ rw,
# gssapi
/var/lib/sss/pubconf/krb5.include.d/** r,
# When enabling this repo please remember to add the PlexPublic.Key into the apt setup.
# wget -q https://downloads.plex.tv/plex-keys/PlexSign.key -O - | sudo apt-key add -
-#deb https://downloads.plex.tv/repo/deb/ public main
+deb https://downloads.plex.tv/repo/deb/ public main
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Access-Control-Listen
+//# /etc/bind/named-acl.conf
+//#
+//# Host Bruni
+//#
+//###############################################################
+
+//###############################################################
+//# Access-Control-Listen
+
+/* Deny transfers by default except for the listed hosts.
+ * If we have other name servers, place them here.
+ */
+acl "xfer" {
+ none;
+};
+
+/*
+ * You might put in here some ips which are allowed to use the cache or
+ * recursive queries
+ */
+acl "trusted" {
+ 127.0.0.0/8;
+ ::1/128;
+};
+
+acl "local_ips" {
+ 127.0.0.0/8;
+ 10.0.0.0/8;
+ 192.168.0.0/16;
+ 172.16.0.0/12;
+ ::1/128;
+ fe80::/10;
+};
+
+acl "private_ips" {
+ 10.12.11.0/24;
+ 192.168.122.0/24;
+ 2001:6f8:1db7::/64;
+ 2001:6f8:1c00:365::/64;
+ 2a02:8109:9300:488::/64;
+ 2a02:8109:ae3f:fa04::/64;
+ 2a02:8109:9ec0:cf4::/64;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Logging
+//# /etc/bind/named-log.conf
+//#
+//# Host Bruni
+//#
+//###############################################################
+
+//###############################################################
+//# Angaben zum Logging
+
+logging {
+
+ //---------------------------------------
+ // Channels
+
+ channel complete_debug {
+ file "/var/log/bind/complete-debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 99;
+ };
+
+ channel logtofile {
+ file "/var/log/bind/named.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity info;
+ };
+
+ channel moderate_debug {
+ file "/var/log/bind/debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 1;
+ };
+
+ channel query_logging {
+ file "/var/log/bind/query.log";
+ print-time yes;
+ };
+
+ channel security_file {
+ file "/var/log/bind/security.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity dynamic;
+ };
+
+ channel syslog-warning {
+ syslog daemon;
+ severity warning;
+ };
+
+
+ //---------------------------------------
+ // Categories
+
+ category default {
+ default_debug;
+ logtofile;
+ };
+
+ category general {
+ logtofile;
+ syslog-warning;
+ };
+
+ category lame-servers {
+ null;
+ };
+
+ category queries {
+ query_logging;
+ };
+
+ category security {
+ security_file;
+ };
+
+};
+
+# vim: ts=4 filetype=named noai
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
+include "/etc/bind/named-acl.conf";
include "/etc/bind/named.conf.options";
+include "/etc/bind/named-log.conf";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
+
+# vim: ts=4 filetype=named noai
// organization
//include "/etc/bind/zones.rfc1918";
+//###############################################################
+//# Forward-Zonen
+
+zone "nexunus.de" IN {
+ type forward;
+ forwarders {
+ 138.201.28.135;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ };
+};
+
+zone "nexunus.com" IN {
+ type forward;
+ forwarders {
+ 138.201.28.135;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ };
+};
+
+zone "nexunus.net" IN {
+ type forward;
+ forwarders {
+ 138.201.28.135;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ };
+};
+
+zone "11.12.10.in-addr.arpa" IN {
+ type forward;
+ forward only;
+ forwarders {
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ };
+};
+
+# vim: ts=4 filetype=named noai noet
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
+ listen-on { any; };
+
+ allow-query {
+ /*
+ * Accept queries from our "trusted" ACL. We will
+ * allow anyone to query our master zones below.
+ * This prevents us from becoming a free DNS server
+ * to the masses.
+ */
+ trusted;
+ local_ips;
+ private_ips;
+ };
+
+ allow-query-cache {
+ /* Use the cache for the "trusted" ACL. */
+ trusted;
+ local_ips;
+ private_ips;
+ };
+
+ allow-recursion {
+ /* Only trusted addresses are allowed to use recursion. */
+ trusted;
+ local_ips;
+ private_ips;
+ };
+
+ allow-transfer {
+ /* Zone tranfers are denied by default. */
+ trusted;
+ private_ips;
+ };
+
+ allow-update {
+ /* Don't allow updates, e.g. via nsupdate. */
+ none;
+ };
+
+ /*
+ * If you've got a DNS server around at your upstream provider, enter its
+ * IP address here, and enable the line below. This will make you benefit
+ * from its cache, thus reduce overall DNS traffic in the Internet.
+ *
+ * Uncomment the following lines to turn on DNS forwarding, and change
+ * and/or update the forwarding ip address(es):
+ */
+ forward first;
+ forwarders {
+ // 123.123.123.123; // Your ISP NS
+ // 124.124.124.124; // Your ISP NS
+ // 4.2.2.1; // Level3 Public DNS
+ // 4.2.2.2; // Level3 Public DNS
+ 10.12.11.254;
+ 8.8.8.8; // Google Open DNS
+ 8.8.4.4; // Google Open DNS
+ };
+
+};
+
+// Managed Keys
+include "/etc/bind/bind.keys";
+
+include "/etc/bind/rndc.key";
+
+controls {
+ inet 127.0.0.1 port 953 allow {
+ 127.0.0.1;
+ ::1/128;
+ } keys {
+ "rndc-key";
+ };
};
+# vim: ts=4 filetype=named noai
--- /dev/null
+#!/bin/bash
+
+# TIMEOUT_ON_STOP=5
+
+# vim: et ts=4
--- /dev/null
+<!--
+WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
+OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
+ virsh edit Lena
+or other application using the libvirt API.
+-->
+
+<domain type='kvm'>
+ <name>Lena</name>
+ <uuid>cf6ccd52-b20d-4162-a8f5-4f2776d6cabf</uuid>
+ <memory unit='KiB'>4194304</memory>
+ <currentMemory unit='KiB'>4194304</currentMemory>
+ <vcpu placement='static'>2</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc-i440fx-bionic'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <vmport state='off'/>
+ </features>
+ <cpu mode='host-model' check='partial'>
+ <model fallback='allow'/>
+ </cpu>
+ <clock offset='utc'>
+ <timer name='rtc' tickpolicy='catchup'/>
+ <timer name='pit' tickpolicy='delay'/>
+ <timer name='hpet' present='no'/>
+ </clock>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <pm>
+ <suspend-to-mem enabled='no'/>
+ <suspend-to-disk enabled='no'/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/kvm-spice</emulator>
+ <disk type='file' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source file='/var/lib/images/lena-vda.qcow2'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <disk type='file' device='cdrom'>
+ <driver name='qemu' type='raw'/>
+ <target dev='hdb' bus='ide'/>
+ <readonly/>
+ <address type='drive' controller='0' bus='0' target='0' unit='1'/>
+ </disk>
+ <disk type='file' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source file='/var/lib/images/lena-vdb.qcow2'/>
+ <target dev='vdb' bus='virtio'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
+ </disk>
+ <controller type='usb' index='0' model='ich9-ehci1'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x7'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci1'>
+ <master startport='0'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0' multifunction='on'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci2'>
+ <master startport='2'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x1'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci3'>
+ <master startport='4'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x2'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <controller type='virtio-serial' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
+ </controller>
+ <controller type='ide' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <filesystem type='mount' accessmode='squash'>
+ <source dir='/data/shared'/>
+ <target dir='shared'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/>
+ </filesystem>
+ <interface type='bridge'>
+ <mac address='52:54:00:07:f4:24'/>
+ <source bridge='br0'/>
+ <model type='virtio'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+ </interface>
+ <serial type='pty'>
+ <target type='isa-serial' port='0'>
+ <model name='isa-serial'/>
+ </target>
+ </serial>
+ <console type='pty'>
+ <target type='serial' port='0'/>
+ </console>
+ <channel type='unix'>
+ <target type='virtio' name='org.qemu.guest_agent.0'/>
+ <address type='virtio-serial' controller='0' bus='0' port='1'/>
+ </channel>
+ <channel type='spicevmc'>
+ <target type='virtio' name='com.redhat.spice.0'/>
+ <address type='virtio-serial' controller='0' bus='0' port='2'/>
+ </channel>
+ <input type='tablet' bus='usb'>
+ <address type='usb' bus='0' port='1'/>
+ </input>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <graphics type='spice' autoport='yes' keymap='de'>
+ <listen type='address'/>
+ <image compression='off'/>
+ </graphics>
+ <sound model='ich6'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+ </sound>
+ <video>
+ <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+ </video>
+ <redirdev bus='usb' type='spicevmc'>
+ <address type='usb' bus='0' port='2'/>
+ </redirdev>
+ <redirdev bus='usb' type='spicevmc'>
+ <address type='usb' bus='0' port='3'/>
+ </redirdev>
+ <memballoon model='virtio'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+ </memballoon>
+ <rng model='virtio'>
+ <backend model='random'>/dev/urandom</backend>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
+ </rng>
+ </devices>
+</domain>
--- /dev/null
+<!--
+WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
+OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
+ virsh edit Vera
+or other application using the libvirt API.
+-->
+
+<domain type='kvm'>
+ <name>Vera</name>
+ <uuid>13b82c27-3adf-4be8-b705-04e15894611f</uuid>
+ <memory unit='KiB'>2097152</memory>
+ <currentMemory unit='KiB'>2097152</currentMemory>
+ <vcpu placement='static'>2</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc-i440fx-bionic'>hvm</type>
+ <boot dev='hd'/>
+ <bootmenu enable='yes'/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <vmport state='off'/>
+ </features>
+ <cpu mode='host-model' check='partial'>
+ <model fallback='allow'/>
+ </cpu>
+ <clock offset='utc'>
+ <timer name='rtc' tickpolicy='catchup'/>
+ <timer name='pit' tickpolicy='delay'/>
+ <timer name='hpet' present='no'/>
+ </clock>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <pm>
+ <suspend-to-mem enabled='no'/>
+ <suspend-to-disk enabled='no'/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/kvm-spice</emulator>
+ <disk type='file' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source file='/var/lib/images/vera-vda.qcow2'/>
+ <target dev='vda' bus='virtio'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+ </disk>
+ <disk type='file' device='cdrom'>
+ <driver name='qemu' type='raw'/>
+ <target dev='hda' bus='ide'/>
+ <readonly/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0' model='ich9-ehci1'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x7'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci1'>
+ <master startport='0'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0' multifunction='on'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci2'>
+ <master startport='2'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x1'/>
+ </controller>
+ <controller type='usb' index='0' model='ich9-uhci3'>
+ <master startport='4'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x2'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <controller type='ide' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <controller type='virtio-serial' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
+ </controller>
+ <filesystem type='mount' accessmode='squash'>
+ <source dir='/data/shared'/>
+ <target dir='shared'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+ </filesystem>
+ <interface type='bridge'>
+ <mac address='52:54:00:50:03:ff'/>
+ <source bridge='br0'/>
+ <model type='virtio'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+ </interface>
+ <serial type='pty'>
+ <target type='isa-serial' port='0'>
+ <model name='isa-serial'/>
+ </target>
+ </serial>
+ <console type='pty'>
+ <target type='serial' port='0'/>
+ </console>
+ <channel type='unix'>
+ <target type='virtio' name='org.qemu.guest_agent.0'/>
+ <address type='virtio-serial' controller='0' bus='0' port='1'/>
+ </channel>
+ <channel type='spicevmc'>
+ <target type='virtio' name='com.redhat.spice.0'/>
+ <address type='virtio-serial' controller='0' bus='0' port='2'/>
+ </channel>
+ <input type='tablet' bus='usb'>
+ <address type='usb' bus='0' port='1'/>
+ </input>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <graphics type='spice' autoport='yes'>
+ <listen type='address'/>
+ <image compression='off'/>
+ </graphics>
+ <sound model='ich6'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+ </sound>
+ <video>
+ <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+ </video>
+ <redirdev bus='usb' type='spicevmc'>
+ <address type='usb' bus='0' port='2'/>
+ </redirdev>
+ <redirdev bus='usb' type='spicevmc'>
+ <address type='usb' bus='0' port='3'/>
+ </redirdev>
+ <memballoon model='virtio'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
+ </memballoon>
+ <rng model='virtio'>
+ <backend model='random'>/dev/urandom</backend>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
+ </rng>
+ </devices>
+</domain>
--- /dev/null
+[Unit]
+Description=Executed scripts after booting
+After=remote-fs.target postfix.service networking.service rsyslog.service ssh.service bind9.service netfilter-persistent.service libvirt-guests.service mariadb.service
+
+[Service]
+ExecStart=/usr/local/sbin/local_service start
+ExecStop=/usr/local/sbin/local_service stop
+Type=oneshot
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+/etc/systemd/system/local.service
\ No newline at end of file
projects / config / bruni / etc-mint-new1.git / commitdiff