๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible-playbooks/roles/ns/templates/custom.j2

61 lines
1.1 KiB

2 years ago
allow-dnsupdate-from=
allow-notify-from=
allow-unsigned-notify=no
allow-unsigned-supermaster=no
# keep entries in packet cache for 65s instead of default 20
cache-ttl=65
chroot=
config-dir={{ pdns_dir }}
consistent-backends=yes
daemon=yes
default-ksk-algorithm=ed25519
default-soa-content=ns.{{ int_tld }} admin.{{ tld }} 0 3600 360 604800 120
default-ttl=1200
default-zsk-algorithm=ed25519
disable-axfr=yes
distributor-threads=1
dnsupdate=no # disable it for now
guardian=yes
local-port=53
logging-facility=1
loglevel=4
master=no
max-cache-entries=50000
max-ent-entries=10000
max-packet-cache-entries=10000
max-queue-length=2500
max-tcp-connections=60
negquery-cache-ttl=60
only-notify=
query-cache-ttl=20
queue-limit=1500
receiver-threads={{ container_cores }}
reuseport=yes
signing-threads={{ container_cores }}
security-poll-suffix=
version-string=anonymous
webserver=no
write-pid=yes
launch=gpgsql
gpgsql-host={{ hostvars['postgres']['ansible_host'] | mandatory }}
gpgsql-port=5432
gpgsql-dbname={{ database_name }}
gpgsql-user={{ database_user }}
gpgsql-password={{ database_password }}
gpgsql-dnssec=yes