|
|
#!/bin/bash
set -eux
apt-get -y install bind9 logrotate
## copy configuration
## ## Logs ##
## set log in /etc/bind/named.conf.options
cat <<EOF >> /etc/bind/named.conf.options
logging { channel warning { file "/var/log/named/dns.warnings.log"; severity warning; print-category yes; print-severity yes; print-time yes; };
channel general_dns { file "/var/log/named/dns.log"; severity info; print-category yes; print-severity yes; print-time yes; };
category default { warning; } ; category queries { general_dns; } ; };
EOF
## set up logrotate
cat <<EOF >> /etc/logrotate.d/named
# The "copytruncate" option means the process can keep appending to the # same filehandle. You would otherwise need to make sure it is not # running.
/var/log/named/*.log { missingok copytruncate notifempty compress }
EOF
mkdir -p /var/log/named chown bind:bind /var/log/named
## ## BEWARE of recursion (recursion allow your server to answer queries in which he is NOT SOA ## which IS NEEDED if you want your DNS to be a general purpose DNS. ##
# allow-recursion yes; # allow-recursion { 127.0.0.1; 172.128/16; 37.59.9.161;}; # allow-recursion-on { any;};
|