summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/Unbound.hs
diff options
context:
space:
mode:
authorFélix Sipma2015-09-17 09:12:45 +0200
committerJoey Hess2015-09-18 13:30:32 -0400
commit83db452c16c73b64e9742885880316a8760b057c (patch)
tree14fac4370db8664d2a2d0e0f3cbe514eb46ae854 /src/Propellor/Property/Unbound.hs
parent8cea12ce1a799175a7922b642591e1352826d17e (diff)
Unbound: add example for cachingDnsServer
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
Diffstat (limited to 'src/Propellor/Property/Unbound.hs')
-rw-r--r--src/Propellor/Property/Unbound.hs29
1 files changed, 29 insertions, 0 deletions
diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs
index 6edb8b8b..94e41104 100644
--- a/src/Propellor/Property/Unbound.hs
+++ b/src/Propellor/Property/Unbound.hs
@@ -51,6 +51,35 @@ sectionHeader header = header ++ ":"
config :: FilePath
config = "/etc/unbound/unbound.conf.d/propellor.conf"
+-- | Provided a [UnboundSection], a [UnboundZone] and a [UnboundHost],
+-- cachingDnsServer ensure unbound is configured accordingly.
+--
+-- Example property:
+--
+-- cachingDnsServer
+-- [ ("remote-control", [("control-enable", "no")]
+-- , ("server",
+-- [ ("interface", "0.0.0.0")
+-- , ("access-control", "192.168.1.0/24 allow")
+-- , ("do-tcp", "no")
+-- ])
+-- [ (AbsDomain "example.com", "transparent")
+-- , (AbsDomain $ reverseIP $ IPv4 "192.168.1", "static")
+-- ]
+-- [ (AbsDomain "example.com", Address $ IPv4 "192.168.1.2")
+-- , (AbsDomain "myhost.example.com", Address $ IPv4 "192.168.1.2")
+-- , (AbsDomain "myrouter.example.com", Address $ IPv4 "192.168.1.1")
+-- , (AbsDomain "www.example.com", Address $ IPv4 "192.168.1.2")
+-- , (AbsDomain "example.com", MX 10 "mail.example.com")
+-- , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.1.2")
+-- -- ^ connected via ethernet
+-- , (AbsDomain "mywifi.example.com", Address $ IPv4 "192.168.2.1")
+-- , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.2.2")
+-- -- ^ connected via wifi, use round robin
+-- , (AbsDomain "myhost.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2")
+-- , (AbsDomain "myrouter.example.com", PTR $ reverseIP $ IPv4 "192.168.1.1")
+-- , (AbsDomain "mylaptop.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2")
+-- ]
cachingDnsServer :: [UnboundSection] -> [UnboundZone] -> [UnboundHost] -> Property NoInfo
cachingDnsServer sections zones hosts =
config `hasContent` (comment : otherSections ++ serverSection)