From 83db452c16c73b64e9742885880316a8760b057c Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Thu, 17 Sep 2015 09:12:45 +0200 Subject: Unbound: add example for cachingDnsServer Signed-off-by: Félix Sipma --- src/Propellor/Property/Unbound.hs | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'src/Propellor/Property/Unbound.hs') diff --git a/src/Propellor/Property/Unbound.hs b/src/Propellor/Property/Unbound.hs index 6edb8b8b..94e41104 100644 --- a/src/Propellor/Property/Unbound.hs +++ b/src/Propellor/Property/Unbound.hs @@ -51,6 +51,35 @@ sectionHeader header = header ++ ":" config :: FilePath config = "/etc/unbound/unbound.conf.d/propellor.conf" +-- | Provided a [UnboundSection], a [UnboundZone] and a [UnboundHost], +-- cachingDnsServer ensure unbound is configured accordingly. +-- +-- Example property: +-- +-- cachingDnsServer +-- [ ("remote-control", [("control-enable", "no")] +-- , ("server", +-- [ ("interface", "0.0.0.0") +-- , ("access-control", "192.168.1.0/24 allow") +-- , ("do-tcp", "no") +-- ]) +-- [ (AbsDomain "example.com", "transparent") +-- , (AbsDomain $ reverseIP $ IPv4 "192.168.1", "static") +-- ] +-- [ (AbsDomain "example.com", Address $ IPv4 "192.168.1.2") +-- , (AbsDomain "myhost.example.com", Address $ IPv4 "192.168.1.2") +-- , (AbsDomain "myrouter.example.com", Address $ IPv4 "192.168.1.1") +-- , (AbsDomain "www.example.com", Address $ IPv4 "192.168.1.2") +-- , (AbsDomain "example.com", MX 10 "mail.example.com") +-- , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.1.2") +-- -- ^ connected via ethernet +-- , (AbsDomain "mywifi.example.com", Address $ IPv4 "192.168.2.1") +-- , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.2.2") +-- -- ^ connected via wifi, use round robin +-- , (AbsDomain "myhost.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2") +-- , (AbsDomain "myrouter.example.com", PTR $ reverseIP $ IPv4 "192.168.1.1") +-- , (AbsDomain "mylaptop.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2") +-- ] cachingDnsServer :: [UnboundSection] -> [UnboundZone] -> [UnboundHost] -> Property NoInfo cachingDnsServer sections zones hosts = config `hasContent` (comment : otherSections ++ serverSection) -- cgit v1.2.3