28 lines
1.1 KiB
YAML
28 lines
1.1 KiB
YAML
---
|
|
unbound_config_base_path: /etc/unbound
|
|
unbound_config_path: "{{ unbound_config_base_path }}/unbound.conf"
|
|
unbound_root_hints_path: "{{ unbound_config_base_path }}/root.hints"
|
|
unbound_anchor_root_key: "{{ unbound_config_base_path }}/root.key"
|
|
unbound_ad_servers_config_path: "{{ unbound_config_base_path }}/ad_servers.conf"
|
|
unbound_custom_lan_config_path: "{{ unbound_config_base_path }}/lan.conf"
|
|
unbound_custom_vpn_config_path: "{{ unbound_config_base_path }}/vpn.conf"
|
|
unbound_custom_lan_domain: "example.lan"
|
|
unbound_port: 53
|
|
unbound_apparmor_profile_path: /etc/apparmor.d/usr.sbin.unbound
|
|
|
|
unbound_interfaces:
|
|
- { address: "192.168.1.1", comment: "lan" }
|
|
- { address: "192.168.27.1", comment: "vpn" }
|
|
|
|
unbound_access_control:
|
|
- { subnet: "192.168.1.0/24", action: "allow", view: "lan", comment: "lan" }
|
|
- { subnet: "192.168.27.0/27", action: "allow", view: "vpn", comment: "vpn" }
|
|
|
|
unbound_firewall_allowed_sources:
|
|
- { src: "192.168.1.0/24", comment: "DNS from LAN" }
|
|
- { src: "192.168.27.0/27", comment: "DNS from VPN" }
|
|
|
|
unbound_custom_lan_records:
|
|
"example.lan":
|
|
v4: 192.168.1.2
|