Fabio/openvpn-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update Unbound part

Browse source
This commit is contained in:
Stanislas 2018-09-23 15:52:25 +02:00 committed by GitHub
parent 04d9cc8a92
commit 2af559e6af
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
openvpn-install.sh
View file

@ -105,27 +105,24 @@ prefetch: yes' >> /etc/unbound/unbound.conf
sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf
sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf
fi
elif [[ "$OS" = "arch" ]]; then
# Install Unbound
pacman -Syu unbound expat
# Permissions for the DNSSEC keys
chown root:unbound /etc/unbound
chmod 775 /etc/unbound
pacman -Syu unbound
# Get root servers list
wget https://www.internic.net/domain/named.root -O /etc/unbound/root.hints
curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache
# Configuration
mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
echo 'server:
use-syslog: yes
do-daemonize: no
username: "unbound"
directory: "/etc/unbound"
trust-anchor-file: trusted-key.key
root-hints: root.hints
auto-trust-anchor-file: trusted-key.key
interface: 10.8.0.1
access-control: 10.8.0.1/24 allow
port: 53
do-daemonize: yes
num-threads: 2
use-caps-for-id: yes
harden-glue: yes
@ -133,6 +130,7 @@ hide-identity: yes
hide-version: yes
qname-minimisation: yes
prefetch: yes' > /etc/unbound/unbound.conf
fi
if [[ ! "$OS" =~ (fedora|centos) ]];then
# DNS Rebinding fix