propellor-5.17: property-based host configuration management in haskell
MaintainerFélix Sipma <felix+propellor@gueux.org>
Safe HaskellSafe-Inferred
LanguageHaskell2010

Propellor.Property.Unbound

Description

Properties for the Unbound caching DNS server

Synopsis

Documentation

cachingDnsServer :: [UnboundSection] -> [UnboundZone] -> [UnboundHost] -> Property DebianLike Source #

Provided a [UnboundSection], a [UnboundZone] and a [UnboundHost], cachingDnsServer ensure unbound is configured accordingly.

Be carefull with CNAMEs, unbound is not a primary DNS server, so it will resolve these by itself. For a locally served zone, you probably want A/AAAA records instead.

Example property:

cachingDnsServer
     [ ("remote-control", [("control-enable", "no")]
     , ("server",
     	[ ("interface", "0.0.0.0")
     	, ("access-control", "192.168.1.0/24 allow")
     	, ("do-tcp", "no")
     	])
     [ (AbsDomain "example.com", "transparent")
     , (AbsDomain $ reverseIP $ IPv4 "192.168.1", "static")
     ]
     [ (AbsDomain "example.com", Address $ IPv4 "192.168.1.2")
     , (AbsDomain "myhost.example.com", Address $ IPv4 "192.168.1.2")
     , (AbsDomain "myrouter.example.com", Address $ IPv4 "192.168.1.1")
     , (AbsDomain "www.example.com", Address $ IPv4 "192.168.1.2")
     , (AbsDomain "example.com", MX 10 "mail.example.com")
     , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.1.2")
     -- ^ connected via ethernet
     , (AbsDomain "mywifi.example.com", Address $ IPv4 "192.168.2.1")
     , (AbsDomain "mylaptop.example.com", Address $ IPv4 "192.168.2.2")
     -- ^ connected via wifi, use round robin
     , (AbsDomain "myhost.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2")
     , (AbsDomain "myrouter.example.com", PTR $ reverseIP $ IPv4 "192.168.1.1")
     , (AbsDomain "mylaptop.example.com", PTR $ reverseIP $ IPv4 "192.168.1.2")
     ]