mirror of
https://github.com/sujiba/pihole-unbound-hyperlocal.git
synced 2025-07-10 13:55:12 +02:00
V.2022.02.1
This commit is contained in:
parent
34f7f3856a
commit
6b6e66f29f
3 changed files with 8 additions and 17 deletions
|
@ -1,5 +1,5 @@
|
||||||
# Get the latest Pi-hole version
|
# Get the latest Pi-hole version
|
||||||
FROM pihole/pihole:2022.01.1
|
FROM pihole/pihole:2022.02.1
|
||||||
|
|
||||||
# Install necessary programs
|
# Install necessary programs
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
|
@ -14,8 +14,8 @@ COPY unbound-v1.9_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf
|
||||||
|
|
||||||
# Download the DNS-Root-Zone. Change owner and move it to the right directory
|
# Download the DNS-Root-Zone. Change owner and move it to the right directory
|
||||||
RUN wget -O root.hints https://www.internic.net/domain/named.root && \
|
RUN wget -O root.hints https://www.internic.net/domain/named.root && \
|
||||||
chown unbound:unbound root.hints && \
|
mv root.hints /var/lib/unbound/ && \
|
||||||
mv root.hints /var/lib/unbound/
|
chown unbound:unbound /var/lib/unbound/root.hints
|
||||||
|
|
||||||
# Unbound startup script
|
# Unbound startup script
|
||||||
COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh
|
COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
2022.01.1
|
2022.02.1
|
||||||
|
|
|
@ -17,7 +17,7 @@ server:
|
||||||
prefer-ip6: no
|
prefer-ip6: no
|
||||||
|
|
||||||
# where to find root server data
|
# where to find root server data
|
||||||
root-hints: /usr/share/dns/root.hints
|
root-hints: /var/lib/unbound/root.hints
|
||||||
|
|
||||||
# Reduce EDNS reassembly buffer size.
|
# Reduce EDNS reassembly buffer size.
|
||||||
# Suggested by the unbound man page to reduce fragmentation reassembly problems
|
# Suggested by the unbound man page to reduce fragmentation reassembly problems
|
||||||
|
@ -27,8 +27,8 @@ server:
|
||||||
# the query ID, for speed and thread safety).
|
# the query ID, for speed and thread safety).
|
||||||
rrset-roundrobin: yes
|
rrset-roundrobin: yes
|
||||||
|
|
||||||
# Drop user privileges after binding the port.
|
# Drop privileges after binding the port.
|
||||||
username: "_unbound"
|
username: "unbound"
|
||||||
|
|
||||||
###########################################################################
|
###########################################################################
|
||||||
# LOGGING
|
# LOGGING
|
||||||
|
@ -102,10 +102,6 @@ server:
|
||||||
access-control: 172.16.0.0/12 allow
|
access-control: 172.16.0.0/12 allow
|
||||||
access-control: 10.0.0.0/8 allow
|
access-control: 10.0.0.0/8 allow
|
||||||
|
|
||||||
# Enable chroot (i.e, change apparent root directory for the current
|
|
||||||
# running process and its children)
|
|
||||||
chroot: "/etc/unbound"
|
|
||||||
|
|
||||||
# Deny queries of type ANY with an empty response.
|
# Deny queries of type ANY with an empty response.
|
||||||
deny-any: yes
|
deny-any: yes
|
||||||
|
|
||||||
|
@ -144,11 +140,6 @@ server:
|
||||||
# Refuse version.server and version.bind queries
|
# Refuse version.server and version.bind queries
|
||||||
hide-version: yes
|
hide-version: yes
|
||||||
|
|
||||||
# Set the HTTP User-Agent header for outgoing HTTP requests. If
|
|
||||||
# set to "", the default, then the package name and version are
|
|
||||||
# used.
|
|
||||||
http-user-agent: "DNS"
|
|
||||||
|
|
||||||
# Report this identity rather than the hostname of the server.
|
# Report this identity rather than the hostname of the server.
|
||||||
identity: "DNS"
|
identity: "DNS"
|
||||||
|
|
||||||
|
@ -213,7 +204,7 @@ remote-control:
|
||||||
control-enable: no
|
control-enable: no
|
||||||
|
|
||||||
# get data for all TLDs by IXFR (or AXFR) from root servers
|
# get data for all TLDs by IXFR (or AXFR) from root servers
|
||||||
# b,c,g are the only servers that answer a IXFR query
|
# these are the only servers that answer an IXFR query
|
||||||
auth-zone:
|
auth-zone:
|
||||||
name: "."
|
name: "."
|
||||||
primary: 199.9.14.201 # b.root-servers.net
|
primary: 199.9.14.201 # b.root-servers.net
|
Loading…
Add table
Add a link
Reference in a new issue