1
0
Fork 0
mirror of https://github.com/sujiba/pihole-unbound-hyperlocal.git synced 2025-07-10 21:55:13 +02:00

V.2022.02.1

This commit is contained in:
sujiba 2023-05-04 01:33:01 +02:00
parent 34f7f3856a
commit 6b6e66f29f
3 changed files with 8 additions and 17 deletions

View file

@ -1,5 +1,5 @@
# Get the latest Pi-hole version # Get the latest Pi-hole version
FROM pihole/pihole:2022.01.1 FROM pihole/pihole:2022.02.1
# Install necessary programs # Install necessary programs
RUN apt-get update && \ RUN apt-get update && \
@ -14,8 +14,8 @@ COPY unbound-v1.9_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf
# Download the DNS-Root-Zone. Change owner and move it to the right directory # Download the DNS-Root-Zone. Change owner and move it to the right directory
RUN wget -O root.hints https://www.internic.net/domain/named.root && \ RUN wget -O root.hints https://www.internic.net/domain/named.root && \
chown unbound:unbound root.hints && \ mv root.hints /var/lib/unbound/ && \
mv root.hints /var/lib/unbound/ chown unbound:unbound /var/lib/unbound/root.hints
# Unbound startup script # Unbound startup script
COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh

View file

@ -1 +1 @@
2022.01.1 2022.02.1

View file

@ -17,7 +17,7 @@ server:
prefer-ip6: no prefer-ip6: no
# where to find root server data # where to find root server data
root-hints: /usr/share/dns/root.hints root-hints: /var/lib/unbound/root.hints
# Reduce EDNS reassembly buffer size. # Reduce EDNS reassembly buffer size.
# Suggested by the unbound man page to reduce fragmentation reassembly problems # Suggested by the unbound man page to reduce fragmentation reassembly problems
@ -27,8 +27,8 @@ server:
# the query ID, for speed and thread safety). # the query ID, for speed and thread safety).
rrset-roundrobin: yes rrset-roundrobin: yes
# Drop user privileges after binding the port. # Drop privileges after binding the port.
username: "_unbound" username: "unbound"
########################################################################### ###########################################################################
# LOGGING # LOGGING
@ -102,10 +102,6 @@ server:
access-control: 172.16.0.0/12 allow access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow access-control: 10.0.0.0/8 allow
# Enable chroot (i.e, change apparent root directory for the current
# running process and its children)
chroot: "/etc/unbound"
# Deny queries of type ANY with an empty response. # Deny queries of type ANY with an empty response.
deny-any: yes deny-any: yes
@ -144,11 +140,6 @@ server:
# Refuse version.server and version.bind queries # Refuse version.server and version.bind queries
hide-version: yes hide-version: yes
# Set the HTTP User-Agent header for outgoing HTTP requests. If
# set to "", the default, then the package name and version are
# used.
http-user-agent: "DNS"
# Report this identity rather than the hostname of the server. # Report this identity rather than the hostname of the server.
identity: "DNS" identity: "DNS"
@ -213,7 +204,7 @@ remote-control:
control-enable: no control-enable: no
# get data for all TLDs by IXFR (or AXFR) from root servers # get data for all TLDs by IXFR (or AXFR) from root servers
# b,c,g are the only servers that answer a IXFR query # these are the only servers that answer an IXFR query
auth-zone: auth-zone:
name: "." name: "."
primary: 199.9.14.201 # b.root-servers.net primary: 199.9.14.201 # b.root-servers.net