lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 09:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

unbound: automatically add do-not-query-localhost: no on DoT when needed

Browse Source
This commit is contained in:
Franco Fichtner 2021-08-02 10:08:02 +02:00
parent eb72ff6d8a
commit 2fa400beca
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
View File

@ -1,13 +1,20 @@
{% if not helpers.empty('OPNsense.unboundplus.dots.dot') %}
{% set dots = [] %}
{% set local = [] %}
{% for dot in helpers.toList('OPNsense.unboundplus.dots.dot') %}
{% if dot.enabled == '1' %}
{% if dot.server.startswith('127.') or dot.server == '::1' %}
{% do local.append('1') %}
{% endif %}
{% do dots.append(dot) %}
{% endif %}
{% endfor %}
{% if dots|length > 0 %}
server:
tls-cert-bundle: /etc/ssl/cert.pem
{% if local|length > 0 %}
do-not-query-localhost: no
{% endif %}
forward-zone:
name: "."
forward-tls-upstream: yes