#!/bin/bash set -eux apt-get -y install bind9 logrotate ## copy configuration ## ## Logs ## ## set log in /etc/bind/named.conf.options cat <<EOF >> /etc/bind/named.conf.options logging { channel warning { file "/var/log/named/dns.warnings.log"; severity warning; print-category yes; print-severity yes; print-time yes; }; channel general_dns { file "/var/log/named/dns.log"; severity info; print-category yes; print-severity yes; print-time yes; }; category default { warning; } ; category queries { general_dns; } ; }; EOF ## set up logrotate cat <<EOF >> /etc/logrotate.d/named # The "copytruncate" option means the process can keep appending to the # same filehandle. You would otherwise need to make sure it is not # running. /var/log/named/*.log { missingok copytruncate notifempty compress } EOF mkdir -p /var/log/named chown bind:bind /var/log/named ## ## BEWARE of recursion (recursion allow your server to answer queries in which he is NOT SOA ## which IS NEEDED if you want your DNS to be a general purpose DNS. ## # allow-recursion yes; # allow-recursion { 127.0.0.1; 172.128/16; 37.59.9.161;}; # allow-recursion-on { any;};