Unbound Private-Domains Conf over Targets new Path Add SOA Record again

Started by teo88, December 29, 2024, 01:14:15 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 29, 2024, 01:14:15 PM
Hello,

i had the following code DNS Resolver authoritative for the local Domain in the private_domains.conf, added like the docu Example Unbound Templates Link https://docs.opnsense.org/manual/unbound.html#advanced-configurations

Code Select
server:
local-data: "local.lan. 10800 IN SOA opn.local.lan. root.local.lan. 1 3600 1200 604800 10800"

The above code now seems to be deleted during an update, and when i compare the path with the above Documentation there are differences:

Code Select
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core # ls
+TARGETS blocklists.conf dot.conf unbound_dhcpd.conf
access_lists.conf dnsbl_module.py private_domains.conf
advanced.conf domainoverrides.conf safesearch.conf
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core #
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core #
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core # cat +TARGETS

access_lists.conf:/usr/local/etc/unbound.opnsense.d/access_lists.conf
advanced.conf:/var/unbound/advanced.conf
blocklists.conf:/usr/local/etc/unbound/unbound-blocklists.conf
safesearch.conf:/usr/local/etc/unbound.opnsense.d/safesearch.conf
dot.conf:/usr/local/etc/unbound.opnsense.d/dot.conf
private_domains.conf:/var/unbound/private_domains.conf
domainoverrides.conf:/usr/local/etc/unbound.opnsense.d/domainoverrides.conf
unbound_dhcpd.conf:/usr/local/etc/unbound_dhcpd.conf
dnsbl_module.py:/var/unbound/dnsbl_module.py

root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core #
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core #
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core # cat private_domains.conf
{% if not helpers.empty('OPNsense.unboundplus.domains.domain') or not helpers.empty('OPNsense.unboundplus.dots.dot') %}
server:
# Set private domains in case authoritative name server returns a Private IP address
{%   set domains = [] %}
{%   for domain in helpers.toList('OPNsense.unboundplus.domains.domain') %}
{%     if domain.enabled == '1' %}
{%       do domains.append(domain.domain) %}
{%     endif %}
{%   endfor %}
{%   for forward in helpers.toList('OPNsense.unboundplus.dots.dot') %}
{%     if forward.enabled == '1' and forward.domain and forward.type == 'forward' %}
{%       do domains.append(forward.domain) %}
{%     endif %}
{%   endfor %}
{%   for domain in domains|unique %}
domain-insecure: "{{ domain }}"
{%     if domain is regex_match('.+\.(in-addr|ip6)\.arpa\.?$') %}
local-zone: {{ domain }} typetransparent
{%     elif not helpers.exists('system.webgui.nodnsrebindcheck') %}
private-domain: "{{ domain }}"
{%     endif %}
{%   endfor %}
{% endif %}
root@opn:/usr/local/opnsense/service/templates/OPNsense/Unbound/core #


Is there a possibility to add the SOA Code additionally under existing custom-options.conf under the path:

/usr/local/etc/unbound.opnsense.d/custom-options.conf

Code Select
server:
local-data: "local.lan. 10800 IN SOA opn.local.lan. root.local.lan. 1 3600 1200 604800 10800"
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353


or does the SOA Record need to be in private_domains.conf like it was before, but why the Documentation and the Path are now different, can someone please guide me to get this working again??

Thanks a Lot


Print
Go Up Pages1
User actions