Initial commit with bind9

2022-06-04 21:50:50 +02:00 · 2022-06-04 21:50:50 +02:00 · 825091c417
commit 825091c417
4 changed files with 115 additions and 0 deletions
--- a/bind9/lan.db
+++ b/bind9/lan.db
@ -0,0 +1,35 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL  604800
+@  IN  SOA  dm.lan. root.localhost. (
+      39
+      604800
+      86400
+      2419200
+      604800 )
+;
+@  IN  NS  dm.lan.
+lan.  IN  A  192.168.1.2
+@  IN  AAAA fe80::52e5:49ff:fe3a:745d
+
+box.lan.          IN  A       192.168.1.1
+dm.lan.           IN  A       192.168.1.2
+tc.lan.           IN  A       192.168.1.3
+ozy.lan.          IN  A       192.168.1.4
+sil.lan.          IN  A       192.168.1.5
+jus.lan.          IN  A       192.168.1.6
+
+tcw.lan.          IN  A       192.168.1.8
+sil.lan.          IN  A       192.168.1.9
+
+drmanhattan.lan.      IN  CNAME   dm.lan.
+ozymandias.lan.       IN  CNAME   ozy.lan.
+thecomedian.lan.      IN  CNAME   tc.lan.
+ozymandias.lan.       IN  CNAME   ozy.lan.
+silhouette.lan.       IN  CNAME   sil.lan.
+justice.lan.          IN  CNAME   jus.lan.
+thecomedian-wifi.lan. IN  CNAME   tcw.lan.  
+silk.lan.             IN  CNAME   sil.lan.
+
+kodi.lan.             IN  CNAME   jus.lan.
--- a/bind9/local.db
+++ b/bind9/local.db
@ -0,0 +1,15 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.
+@	IN	A	127.0.0.1
+@	IN	AAAA	::1
+
--- a/bind9/named.conf
+++ b/bind9/named.conf
@ -0,0 +1,52 @@
+acl goodclients {
+    localhost;
+    192.168.1.0/24;
+};
+
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	//Set the IP addresses of your ISP's DNS servers:
+	forwarders {
+   80.67.169.12; // fdn.fr
+   80.67.169.40; // fdn.fr
+	 1.1.1.1; // Cloudflare
+	};
+
+  allow-query { goodclients; };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation auto;
+
+	listen-on-v6 { any; };
+};
+
+// Provide a reverse mapping for the loopback
+// address 127.0.0.1
+//zone "0.0.127.in-addr.arpa" {
+//     type master;
+//     file "localhost.rev";
+//     notify no;
+//};
+
+zone "localhost" {
+	type master;
+	file "/etc/bind/local.db";
+};
+
+zone "lan" {
+     type master;
+     file "/etc/bind/lan.db";
+};
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,13 @@
+version: '3'
+
+services:
+  bind9:
+    image: ubuntu/bind9:9.18-22.04_beta
+    volumes:
+      - ./bind9/named.conf:/etc/bind/named.conf
+      - ./bind9/local.db:/etc/bind/local.db
+      - ./bind9/lan.db:/etc/bind/lan.db
+    environment:
+      - TZ=CEST
+    ports:
+      - "53:53/udp"