pyrox.dev / nix
My Nix Configuration
fork atom
nix / hosts / prefect / services / named.conf
at main 3.2 kB view raw
1include "/etc/bind/rndc.key"; 2controls { 3 inet 127.0.0.1 allow {localhost;} keys {"rndc-key";}; 4}; 5 6acl cachenetworks { 127.0.0.0/24; }; 7acl dn42-dns { 172.20.129.2; 172.20.1.255; 172.22.76.110; 172.20.14.33; }; 8 9options { 10 directory "/run/named"; 11 pid-file "/run/named/named.pid"; 12 13 # Server Identity 14 version "420.69"; 15 server-id "zaphod"; 16 hostname "zaphod"; 17 18 # Enable DNSSEC 19 dnssec-validation no; 20 21 # Only listen to local addresses 22 listen-on { 127.0.0.1; }; 23 listen-on-v6 { ::1; }; 24 allow-query { any; }; 25 # disable the integrated handling of RFC1918 and non-assigned IPv6 space reverse dns 26 empty-zones-enable no; 27 validate-except { 28 # DN42 Zones 29 "dn42"; 30 "20.172.in-addr.arpa"; 31 "21.172.in-addr.arpa"; 32 "22.172.in-addr.arpa"; 33 "23.172.in-addr.arpa"; 34 "10.in-addr.arpa"; 35 "d.f.ip6.arpa"; 36 # ChaosVPN Zones 37 "hack"; 38 "31.172.in-addr.arpa"; 39 "100.10.in-addr.arpa"; 40 "101.10.in-addr.arpa"; 41 "102.10.in-addr.arpa"; 42 "103.10.in-addr.arpa"; 43 44 # NeoNetwork Zones 45 "neo"; 46 "127.10.in-addr.arpa"; 47 "7.2.1.0.0.1.d.f.ip6.arpa"; 48 }; 49 50 # Recursion settings 51 recursion yes; 52 allow-recursion { any; }; 53 allow-recursion-on { any; }; 54 allow-query-cache { any; }; 55 allow-query-cache-on { any; }; 56 prefetch 10; 57}; 58 59# DN42 Zones 60zone "dn42" { 61 type forward; 62 forward only; 63 forwarders { 172.20.0.53; 172.23.0.53; }; 64}; 65zone "20.172.in-addr.arpa" { 66 type forward; 67 forward only; 68 forwarders { 172.20.0.53; 172.23.0.53; }; 69}; 70zone "21.172.in-addr.arpa" { 71 type forward; 72 forward only; 73 forwarders { 172.20.0.53; 172.23.0.53; }; 74}; 75zone "22.172.in-addr.arpa" { 76 type forward; 77 forward only; 78 forwarders { 172.20.0.53; 172.23.0.53; }; 79}; 80zone "23.172.in-addr.arpa" { 81 type forward; 82 forward only; 83 forwarders { 172.20.0.53; 172.23.0.53; }; 84}; 85zone "10.in-addr.arpa" { 86 type forward; 87 forward only; 88 forwarders { 172.20.0.53; 172.23.0.53; }; 89}; 90zone "d.f.ip6.arpa" { 91 type forward; 92 forward only; 93 forwarders { 172.20.0.53; 172.23.0.53; }; 94}; 95 96# ChaosVPN Zones 97zone "hack" { 98 type forward; 99 forward only; 100 forwarders { 172.31.0.5; 172.31.255.53; }; 101}; 102zone "31.172.in-addr.arpa" { 103 type forward; 104 forward only; 105 forwarders { 172.31.0.5; 172.31.255.53; }; 106}; 107zone "100.10.in-addr.arpa" { 108 type forward; 109 forward only; 110 forwarders { 172.31.0.5; 172.31.255.53; }; 111}; 112zone "101.10.in-addr.arpa" { 113 type forward; 114 forward only; 115 forwarders { 172.31.0.5; 172.31.255.53; }; 116}; 117zone "102.10.in-addr.arpa" { 118 type forward; 119 forward only; 120 forwarders { 172.31.0.5; 172.31.255.53; }; 121}; 122zone "103.10.in-addr.arpa" { 123 type forward; 124 forward only; 125 forwarders { 172.31.0.5; 172.31.255.53; }; 126}; 127 128# NeoNetwork 129zone "neo" { 130 type forward; 131 forward only; 132 forwarders { 10.127.255.53; }; 133}; 134zone "127.10.in-addr.arpa" { 135 type forward; 136 forward only; 137 forwarders { 10.127.255.53; }; 138}; 139zone "7.2.1.0.0.1.d.f.ip6.arpa" { 140 type forward; 141 forward only; 142 forwarders { 10.127.255.53; }; 143}; 144 145zone "crxn" { 146 type forward; 147 forward only; 148 forwarders { fd92:58b6:2b2::5353; }; 149}; 150# Fallback root zone 151zone "." { 152 type forward; 153 forward only; 154 forwarders { 100.123.15.72; 9.9.9.9; }; 155}; 156 157 158