You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
74 lines
1.4 KiB
74 lines
1.4 KiB
#!/bin/bash
|
|
|
|
set -eux
|
|
|
|
apt-get -y install bind9 logrotate
|
|
|
|
|
|
## copy configuration
|
|
|
|
|
|
##
|
|
## Logs
|
|
##
|
|
|
|
## set log in /etc/bind/named.conf.options
|
|
|
|
cat <<EOF >> /etc/bind/named.conf.options
|
|
|
|
logging {
|
|
channel warning
|
|
{
|
|
file "/var/log/named/dns.warnings.log";
|
|
severity warning;
|
|
print-category yes;
|
|
print-severity yes;
|
|
print-time yes;
|
|
};
|
|
|
|
channel general_dns
|
|
{
|
|
file "/var/log/named/dns.log";
|
|
severity info;
|
|
print-category yes;
|
|
print-severity yes;
|
|
print-time yes;
|
|
};
|
|
|
|
category default { warning; } ;
|
|
category queries { general_dns; } ;
|
|
};
|
|
|
|
EOF
|
|
|
|
## set up logrotate
|
|
|
|
cat <<EOF >> /etc/logrotate.d/named
|
|
|
|
# The "copytruncate" option means the process can keep appending to the
|
|
# same filehandle. You would otherwise need to make sure it is not
|
|
# running.
|
|
|
|
/var/log/named/*.log {
|
|
missingok
|
|
copytruncate
|
|
notifempty
|
|
compress
|
|
}
|
|
|
|
EOF
|
|
|
|
mkdir -p /var/log/named
|
|
chown bind:bind /var/log/named
|
|
|
|
##
|
|
## BEWARE of recursion (recursion allow your server to answer queries in which he is NOT SOA
|
|
## which IS NEEDED if you want your DNS to be a general purpose DNS.
|
|
##
|
|
|
|
|
|
|
|
# allow-recursion yes;
|
|
# allow-recursion { 127.0.0.1; 172.128/16; 37.59.9.161;};
|
|
# allow-recursion-on { any;};
|
|
|