diff options
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/dns-forwarding/override.conf.j2 | 8 | ||||
-rw-r--r-- | data/templates/dns-forwarding/recursor.conf.j2 | 4 | ||||
-rw-r--r-- | data/templates/dns-forwarding/recursor.conf.lua.j2 | 2 | ||||
-rw-r--r-- | data/templates/firewall/nftables-defines.j2 | 21 |
4 files changed, 32 insertions, 3 deletions
diff --git a/data/templates/dns-forwarding/override.conf.j2 b/data/templates/dns-forwarding/override.conf.j2 new file mode 100644 index 000000000..9d81a2977 --- /dev/null +++ b/data/templates/dns-forwarding/override.conf.j2 @@ -0,0 +1,8 @@ +[Unit] +ConditionPathExists={{ config_file }} +After=vyos-router.service + +[Service] +RuntimeDirectoryPreserve=yes +ExecStart= +ExecStart=/usr/sbin/pdns_recursor --daemon=no --write-pid=no --disable-syslog --log-timestamp=no --config-dir={{ config_dir }} diff --git a/data/templates/dns-forwarding/recursor.conf.j2 b/data/templates/dns-forwarding/recursor.conf.j2 index 55b37732b..e4e8e7044 100644 --- a/data/templates/dns-forwarding/recursor.conf.j2 +++ b/data/templates/dns-forwarding/recursor.conf.j2 @@ -12,7 +12,7 @@ allow-from={{ allow_from | join(',') }} log-common-errors=yes non-local-bind=yes query-local-address={{ source_address | join(',') }} -lua-config-file=recursor.conf.lua +lua-config-file={{ config_dir }}/recursor.conf.lua # cache-size max-cache-entries={{ cache_size }} @@ -56,4 +56,4 @@ serve-rfc1918={{ 'no' if no_serve_rfc1918 is vyos_defined else 'yes' }} # zones auth-zones={% for z in authoritative_zones %}{{ z.name }}={{ z.file }}{{- "," if not loop.last -}}{% endfor %} -forward-zones-file=recursor.forward-zones.conf +forward-zones-file={{ config_dir }}/recursor.forward-zones.conf diff --git a/data/templates/dns-forwarding/recursor.conf.lua.j2 b/data/templates/dns-forwarding/recursor.conf.lua.j2 index 816f69160..8026442c7 100644 --- a/data/templates/dns-forwarding/recursor.conf.lua.j2 +++ b/data/templates/dns-forwarding/recursor.conf.lua.j2 @@ -5,4 +5,4 @@ dofile("/usr/share/pdns-recursor/lua-config/rootkeys.lua") -- Load lua from vyos-hostsd -- -dofile("recursor.vyos-hostsd.conf.lua") +dofile("{{ config_dir }}/recursor.vyos-hostsd.conf.lua") diff --git a/data/templates/firewall/nftables-defines.j2 b/data/templates/firewall/nftables-defines.j2 index a20c399ae..8a75ab2d6 100644 --- a/data/templates/firewall/nftables-defines.j2 +++ b/data/templates/firewall/nftables-defines.j2 @@ -98,5 +98,26 @@ } {% endfor %} {% endif %} + +{% if group.dynamic_group is vyos_defined %} +{% if group.dynamic_group.address_group is vyos_defined and not is_ipv6 and is_l3 %} +{% for group_name, group_conf in group.dynamic_group.address_group.items() %} + set DA_{{ group_name }} { + type {{ ip_type }} + flags dynamic, timeout + } +{% endfor %} +{% endif %} + +{% if group.dynamic_group.ipv6_address_group is vyos_defined and is_ipv6 and is_l3 %} +{% for group_name, group_conf in group.dynamic_group.ipv6_address_group.items() %} + set DA6_{{ group_name }} { + type {{ ip_type }} + flags dynamic, timeout + } +{% endfor %} +{% endif %} +{% endif %} + {% endif %} {% endmacro %} |