diff options
Diffstat (limited to 'data/templates/dns-forwarding')
6 files changed, 153 insertions, 0 deletions
diff --git a/data/templates/dns-forwarding/override.conf.j2 b/data/templates/dns-forwarding/override.conf.j2 new file mode 100644 index 0000000..9d81a29 --- /dev/null +++ b/data/templates/dns-forwarding/override.conf.j2 @@ -0,0 +1,8 @@ +[Unit] +ConditionPathExists={{ config_file }} +After=vyos-router.service + +[Service] +RuntimeDirectoryPreserve=yes +ExecStart= +ExecStart=/usr/sbin/pdns_recursor --daemon=no --write-pid=no --disable-syslog --log-timestamp=no --config-dir={{ config_dir }} diff --git a/data/templates/dns-forwarding/recursor.conf.j2 b/data/templates/dns-forwarding/recursor.conf.j2 new file mode 100644 index 0000000..5ac872f --- /dev/null +++ b/data/templates/dns-forwarding/recursor.conf.j2 @@ -0,0 +1,73 @@ +{# j2lint: disable=single-statement-per-line #} +### Autogenerated by service_dns_forwarding.py ### + +# XXX: pdns recursor doesn't like whitespace near entry separators, +# especially in the semicolon-separated lists of name servers. +# Please be careful if you edit the template. + +# Non-configurable defaults +daemon=yes +threads=1 +allow-from={{ allow_from | join(',') }} +log-common-errors=yes +non-local-bind=yes +query-local-address={{ source_address | join(',') }} +lua-config-file={{ config_dir }}/recursor.conf.lua + +# cache-size +max-cache-entries={{ cache_size }} + +# negative TTL for NXDOMAIN +max-negative-ttl={{ negative_ttl }} + +# timeout +network-timeout={{ timeout }} + +# ignore-hosts-file +export-etc-hosts={{ 'no' if ignore_hosts_file is vyos_defined else 'yes' }} + +# listen-address +local-address={{ listen_address | join(',') }} + +# listen-port +local-port={{ port }} + +# dnssec +dnssec={{ dnssec }} + +{% if dns64_prefix is vyos_defined %} +# dns64-prefix +dns64-prefix={{ dns64_prefix }} +{% endif %} + +{% if exclude_throttle_address is vyos_defined %} +# dont-throttle-netmasks +dont-throttle-netmasks={{ exclude_throttle_address | join(',') }} +{% endif %} + +{% if serve_stale_extension is vyos_defined %} +# serve-stale-extensions +serve-stale-extensions={{ serve_stale_extension }} +{% endif %} + +# serve rfc1918 records +serve-rfc1918={{ 'no' if no_serve_rfc1918 is vyos_defined else 'yes' }} + +# zones +auth-zones={% for z in authoritative_zones %}{{ z.name }}={{ z.file }}{{- "," if not loop.last -}}{% endfor %} + +forward-zones-file={{ config_dir }}/recursor.forward-zones.conf + +#ecs +{% if options.ecs_add_for is vyos_defined %} +ecs-add-for={{ options.ecs_add_for | join(',') }} +{% endif %} + +{% if options.ecs_ipv4_bits is vyos_defined %} +ecs-ipv4-bits={{ options.ecs_ipv4_bits }} +{% endif %} + +{% if options.edns_subnet_allow_list is vyos_defined %} +edns-subnet-allow-list={{ options.edns_subnet_allow_list | join(',') }} +{% endif %} + diff --git a/data/templates/dns-forwarding/recursor.conf.lua.j2 b/data/templates/dns-forwarding/recursor.conf.lua.j2 new file mode 100644 index 0000000..8026442 --- /dev/null +++ b/data/templates/dns-forwarding/recursor.conf.lua.j2 @@ -0,0 +1,8 @@ +-- Autogenerated by VyOS (service_dns_forwarding.py) -- +-- Do not edit, your changes will get overwritten -- + +-- Load DNSSEC root keys from dns-root-data package. +dofile("/usr/share/pdns-recursor/lua-config/rootkeys.lua") + +-- Load lua from vyos-hostsd -- +dofile("{{ config_dir }}/recursor.vyos-hostsd.conf.lua") diff --git a/data/templates/dns-forwarding/recursor.forward-zones.conf.j2 b/data/templates/dns-forwarding/recursor.forward-zones.conf.j2 new file mode 100644 index 0000000..593a98c --- /dev/null +++ b/data/templates/dns-forwarding/recursor.forward-zones.conf.j2 @@ -0,0 +1,28 @@ +{# j2lint: disable=operator-enclosed-by-spaces #} +# Autogenerated by VyOS (vyos-hostsd) +# Do not edit, your changes will get overwritten + +# dot zone (catch-all): '+' indicates recursion is desired +# (same as forward-zones-recurse) +{# the code below ensures the order of nameservers is determined first by #} +{# the order of tags, then by the order of nameservers within that tag #} +{% set n = namespace(dot_zone_ns='') %} +{% for tag in name_server_tags_recursor %} +{% set ns = '' %} +{% if tag in name_servers %} +{% set ns = ns + name_servers[tag] | join(', ') %} +{% set n.dot_zone_ns = (n.dot_zone_ns, ns) | join(', ') if n.dot_zone_ns != '' else ns %} +{% endif %} +# {{ tag }}: {{ ns }} +{% endfor %} + +{% if n.dot_zone_ns %} ++.={{ n.dot_zone_ns }} +{% endif %} + +{% if forward_zones is vyos_defined %} +# zones added via 'service dns forwarding domain' +{% for zone, zonedata in forward_zones.items() %} +{{ "+" if zonedata.recursion_desired is vyos_defined }}{{ zone | replace('_', '-') }}={{ zonedata.name_server | join(', ') }} +{% endfor %} +{% endif %} diff --git a/data/templates/dns-forwarding/recursor.vyos-hostsd.conf.lua.j2 b/data/templates/dns-forwarding/recursor.vyos-hostsd.conf.lua.j2 new file mode 100644 index 0000000..987c7de --- /dev/null +++ b/data/templates/dns-forwarding/recursor.vyos-hostsd.conf.lua.j2 @@ -0,0 +1,30 @@ +-- Autogenerated by VyOS (vyos-hostsd) -- +-- Do not edit, your changes will get overwritten -- + +{% if hosts %} +-- from 'system static-host-mapping' and DHCP server +{% for tag, taghosts in hosts.items() %} +{% for host, hostprops in taghosts.items() %} +addNTA("{{ host }}.", "{{ tag }}") +{% for a in hostprops['aliases'] %} +addNTA("{{ a }}.", "{{ tag }} alias") +{% endfor %} +{% endfor %} +{% endfor %} +{% endif %} + +{% if forward_zones is vyos_defined %} +-- from 'service dns forwarding domain' +{% for zone, zonedata in forward_zones.items() %} +{% if zonedata.addnta is vyos_defined %} +addNTA("{{ zone }}", "static") +{% endif %} +{% endfor %} +{% endif %} + +{% if authoritative_zones is vyos_defined %} +-- from 'service dns forwarding authoritative-domain' +{% for zone in authoritative_zones %} +addNTA("{{ zone }}", "static") +{% endfor %} +{% endif %} diff --git a/data/templates/dns-forwarding/recursor.zone.conf.j2 b/data/templates/dns-forwarding/recursor.zone.conf.j2 new file mode 100644 index 0000000..797068c --- /dev/null +++ b/data/templates/dns-forwarding/recursor.zone.conf.j2 @@ -0,0 +1,6 @@ +; +; Autogenerated by service_dns_forwarding.py +; +{% for r in records %} +{{ r.name }} {{ r.ttl }} {{ r.type }} {{ r.value }} +{% endfor %} |