74 lines
1.4 KiB

#!/bin/bash
set -eux
apt-get -y install bind9 logrotate
## copy configuration
##
## Logs
##
## set log in /etc/bind/named.conf.options
cat <<EOF >> /etc/bind/named.conf.options
logging {
channel warning
{
file "/var/log/named/dns.warnings.log";
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns
{
file "/var/log/named/dns.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning; } ;
category queries { general_dns; } ;
};
EOF
## set up logrotate
cat <<EOF >> /etc/logrotate.d/named
# The "copytruncate" option means the process can keep appending to the
# same filehandle. You would otherwise need to make sure it is not
# running.
/var/log/named/*.log {
missingok
copytruncate
notifempty
compress
}
EOF
mkdir -p /var/log/named
chown bind:bind /var/log/named
##
## BEWARE of recursion (recursion allow your server to answer queries in which he is NOT SOA
## which IS NEEDED if you want your DNS to be a general purpose DNS.
##
# allow-recursion yes;
# allow-recursion { 127.0.0.1; 172.128/16; 37.59.9.161;};
# allow-recursion-on { any;};