74 lines
1.4 KiB

  1. #!/bin/bash
  2. set -eux
  3. apt-get -y install bind9 logrotate
  4. ## copy configuration
  5. ##
  6. ## Logs
  7. ##
  8. ## set log in /etc/bind/named.conf.options
  9. cat <<EOF >> /etc/bind/named.conf.options
  10. logging {
  11. channel warning
  12. {
  13. file "/var/log/named/dns.warnings.log";
  14. severity warning;
  15. print-category yes;
  16. print-severity yes;
  17. print-time yes;
  18. };
  19. channel general_dns
  20. {
  21. file "/var/log/named/dns.log";
  22. severity info;
  23. print-category yes;
  24. print-severity yes;
  25. print-time yes;
  26. };
  27. category default { warning; } ;
  28. category queries { general_dns; } ;
  29. };
  30. EOF
  31. ## set up logrotate
  32. cat <<EOF >> /etc/logrotate.d/named
  33. # The "copytruncate" option means the process can keep appending to the
  34. # same filehandle. You would otherwise need to make sure it is not
  35. # running.
  36. /var/log/named/*.log {
  37. missingok
  38. copytruncate
  39. notifempty
  40. compress
  41. }
  42. EOF
  43. mkdir -p /var/log/named
  44. chown bind:bind /var/log/named
  45. ##
  46. ## BEWARE of recursion (recursion allow your server to answer queries in which he is NOT SOA
  47. ## which IS NEEDED if you want your DNS to be a general purpose DNS.
  48. ##
  49. # allow-recursion yes;
  50. # allow-recursion { 127.0.0.1; 172.128/16; 37.59.9.161;};
  51. # allow-recursion-on { any;};