git subrepo clone https://github.com/mailcow/mailcow-dockerized.git mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "a832becb"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "a832becb"
git-subrepo: version: "0.4.3"
origin: "???"
commit: "???"
Change-Id: If5be2d621a211e164c9b6577adaa7884449f16b5
diff --git a/mailcow/src/mailcow-dockerized/data/conf/unbound/unbound.conf b/mailcow/src/mailcow-dockerized/data/conf/unbound/unbound.conf
new file mode 100644
index 0000000..27110c0
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/unbound/unbound.conf
@@ -0,0 +1,45 @@
+server:
+ verbosity: 1
+ interface: 0.0.0.0
+ interface: ::0
+ logfile: /dev/console
+ do-ip4: yes
+ do-ip6: yes
+ do-udp: yes
+ do-tcp: yes
+ do-daemonize: no
+ #access-control: 0.0.0.0/0 allow
+ access-control: 10.0.0.0/8 allow
+ access-control: 172.16.0.0/12 allow
+ access-control: 192.168.0.0/16 allow
+ access-control: fc00::/7 allow
+ access-control: fe80::/10 allow
+ #access-control: ::0/0 allow
+ directory: "/etc/unbound"
+ username: unbound
+ auto-trust-anchor-file: trusted-key.key
+ #private-address: 10.0.0.0/8
+ #private-address: 172.16.0.0/12
+ #private-address: 192.168.0.0/16
+ #private-address: 169.254.0.0/16
+ #private-address: fc00::/7
+ #private-address: fe80::/10
+ # cache-min-ttl needs to be less or equal to cache-max-negative-ttl
+ cache-min-ttl: 5
+ cache-max-negative-ttl: 60
+ root-hints: "/etc/unbound/root.hints"
+ hide-identity: yes
+ hide-version: yes
+ max-udp-size: 4096
+ msg-buffer-size: 65552
+ unwanted-reply-threshold: 10000
+ ipsecmod-enabled: no
+
+remote-control:
+ control-enable: yes
+ control-interface: 127.0.0.1
+ control-port: 8953
+ server-key-file: "/etc/unbound/unbound_server.key"
+ server-cert-file: "/etc/unbound/unbound_server.pem"
+ control-key-file: "/etc/unbound/unbound_control.key"
+ control-cert-file: "/etc/unbound/unbound_control.pem"