Ian Roddis
30 lines
743 B
Django/Jinja
30 lines
743 B
Django/Jinja
// named.conf — authoritative-only configuration for {{ base_domain }}
|
|
// Managed by Ansible — do not edit manually.
|
|
|
|
options {
|
|
directory "/var/cache/bind";
|
|
|
|
// Authoritative only — no recursion to prevent DNS amplification attacks
|
|
recursion no;
|
|
allow-recursion { none; };
|
|
|
|
// Accept queries from any source
|
|
allow-query { any; };
|
|
|
|
// Only allow zone transfers to trusted hosts (none by default)
|
|
allow-transfer { none; };
|
|
|
|
// Listen on all interfaces
|
|
listen-on { any; };
|
|
listen-on-v6 { any; };
|
|
|
|
dnssec-validation no;
|
|
};
|
|
|
|
// Authoritative zone for the base domain
|
|
zone "{{ base_domain }}" IN {
|
|
type master;
|
|
file "/var/lib/bind/{{ base_domain }}.zone";
|
|
allow-update { none; };
|
|
};
|