From 9bdc67dd295db623ebc9c19c254e192b9cd5d006 Mon Sep 17 00:00:00 2001 From: Aminda Suomalainen Date: Thu, 23 Feb 2023 10:11:03 +0200 Subject: [PATCH] unbound & systmed-resolved: add DNS0 open Ref: #153 --- etc/systemd/resolved.conf.d/dot-dns0-open.conf | 8 ++++++++ etc/unbound/unbound.conf.d/dot-dns0-open.conf | 13 +++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 etc/systemd/resolved.conf.d/dot-dns0-open.conf create mode 100644 etc/unbound/unbound.conf.d/dot-dns0-open.conf diff --git a/etc/systemd/resolved.conf.d/dot-dns0-open.conf b/etc/systemd/resolved.conf.d/dot-dns0-open.conf new file mode 100644 index 00000000..2d430a06 --- /dev/null +++ b/etc/systemd/resolved.conf.d/dot-dns0-open.conf @@ -0,0 +1,8 @@ +[Resolve] +DNS=193.110.81.254#open.dns0.eu +DNS=185.253.5.254#open.dns0.eu +DNS=2a0f:fc80::ffff#open.dns0.eu +DNS=2a0f:fc81::ffff#open.dns0.eu +Domains=~. +DNSOverTLS=yes +Cache=yes diff --git a/etc/unbound/unbound.conf.d/dot-dns0-open.conf b/etc/unbound/unbound.conf.d/dot-dns0-open.conf new file mode 100644 index 00000000..3e758b51 --- /dev/null +++ b/etc/unbound/unbound.conf.d/dot-dns0-open.conf @@ -0,0 +1,13 @@ +server: + # Debian ca-certificates location + tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt + # ctrl.blog says this is the Fedora location + #tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem + +forward-zone: + name: "." + forward-tls-upstream: yes + forward-addr: 193.110.81.254@853#open.dns0.eu + forward-addr: 185.253.5.254@853#open.dns0.eu + forward-addr: 2a0f:fc80::ffff@853#open.dns0.eu + forward-addr: 2a0f:fc81::ffff@853#open.dns0.eu