1
0
Fork 0
mirror of https://github.com/sujiba/pihole-unbound-hyperlocal.git synced 2025-07-10 21:55:13 +02:00

V.2022.02.1

This commit is contained in:
sujiba 2023-05-04 01:33:01 +02:00
parent 34f7f3856a
commit 6b6e66f29f
3 changed files with 8 additions and 17 deletions

View file

@ -1,5 +1,5 @@
# Get the latest Pi-hole version
FROM pihole/pihole:2022.01.1
FROM pihole/pihole:2022.02.1
# Install necessary programs
RUN apt-get update && \
@ -14,8 +14,8 @@ COPY unbound-v1.9_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf
# Download the DNS-Root-Zone. Change owner and move it to the right directory
RUN wget -O root.hints https://www.internic.net/domain/named.root && \
chown unbound:unbound root.hints && \
mv root.hints /var/lib/unbound/
mv root.hints /var/lib/unbound/ && \
chown unbound:unbound /var/lib/unbound/root.hints
# Unbound startup script
COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh

View file

@ -1 +1 @@
2022.01.1
2022.02.1

View file

@ -17,7 +17,7 @@ server:
prefer-ip6: no
# where to find root server data
root-hints: /usr/share/dns/root.hints
root-hints: /var/lib/unbound/root.hints
# Reduce EDNS reassembly buffer size.
# Suggested by the unbound man page to reduce fragmentation reassembly problems
@ -27,8 +27,8 @@ server:
# the query ID, for speed and thread safety).
rrset-roundrobin: yes
# Drop user privileges after binding the port.
username: "_unbound"
# Drop privileges after binding the port.
username: "unbound"
###########################################################################
# LOGGING
@ -102,10 +102,6 @@ server:
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
# Enable chroot (i.e, change apparent root directory for the current
# running process and its children)
chroot: "/etc/unbound"
# Deny queries of type ANY with an empty response.
deny-any: yes
@ -144,11 +140,6 @@ server:
# Refuse version.server and version.bind queries
hide-version: yes
# Set the HTTP User-Agent header for outgoing HTTP requests. If
# set to "", the default, then the package name and version are
# used.
http-user-agent: "DNS"
# Report this identity rather than the hostname of the server.
identity: "DNS"
@ -213,7 +204,7 @@ remote-control:
control-enable: no
# get data for all TLDs by IXFR (or AXFR) from root servers
# b,c,g are the only servers that answer a IXFR query
# these are the only servers that answer an IXFR query
auth-zone:
name: "."
primary: 199.9.14.201 # b.root-servers.net