fixes in unbound
This commit is contained in:
Philip (a-0)
parent
e4347eeb4f
commit
7066bee4ca
2 changed files with 45 additions and 0 deletions
|
|
@ -20,6 +20,21 @@
|
||||||
vars:
|
vars:
|
||||||
__os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"
|
__os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"
|
||||||
|
|
||||||
|
- name: Install unbound DNS resolver
|
||||||
|
apt:
|
||||||
|
name: unbound
|
||||||
|
state: latest
|
||||||
|
|
||||||
|
- name: Set unbound config file
|
||||||
|
template:
|
||||||
|
src: unbound.conf.j2
|
||||||
|
dest: /etc/unbound/unbound.conf.d/default.conf
|
||||||
|
|
||||||
|
- name: Restart unbound
|
||||||
|
service:
|
||||||
|
name: unbound
|
||||||
|
state: restarted
|
||||||
|
|
||||||
- name: Check whether pi-hole is installed
|
- name: Check whether pi-hole is installed
|
||||||
stat:
|
stat:
|
||||||
path: "{{ pihole_config_dir }}"
|
path: "{{ pihole_config_dir }}"
|
||||||
|
|
|
||||||
30
templates/unbound.conf.j2
Normal file
30
templates/unbound.conf.j2
Normal file
|
|
@ -0,0 +1,30 @@
|
||||||
|
server:
|
||||||
|
interface: {{ query('community.general.dig', inventory_hostname, 'qtype=A') | first }}
|
||||||
|
port: 5335
|
||||||
|
access-control: 192.168.0.0/16 allow_snoop
|
||||||
|
verbosity: 2
|
||||||
|
|
||||||
|
use-syslog: no
|
||||||
|
logfile: "/var/log/unbound/unbound.log"
|
||||||
|
log-time-ascii: yes
|
||||||
|
statistics-cumulative: yes
|
||||||
|
|
||||||
|
# Optimization
|
||||||
|
num-threads: 12
|
||||||
|
msg-cache-slabs: 8
|
||||||
|
rrset-cache-slabs: 8
|
||||||
|
infra-cache-slabs: 8
|
||||||
|
key-cache-slabs: 8
|
||||||
|
|
||||||
|
rrset-cache-size: 250m
|
||||||
|
msg-cache-size: 125m
|
||||||
|
|
||||||
|
so-reuseport: yes
|
||||||
|
|
||||||
|
minimal-responses: yes
|
||||||
|
|
||||||
|
prefetch: yes
|
||||||
|
prefetch-key: yes
|
||||||
|
|
||||||
|
serve-expired: yes
|
||||||
|
cache-max-ttl: 3600
|
||||||
Loading…
Add table
Add a link
Reference in a new issue