51 lines
1.1 KiB
Django/Jinja
51 lines
1.1 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
# Listen only on the specified interface(s)
|
|
interface={{ dnsmasq_interface }}
|
|
|
|
# Tells dnsmasq to never forward A or AAAA queries for plain names
|
|
domain-needed
|
|
|
|
# Specifies DNS domains
|
|
domain={{ dnsmasq_domain }}
|
|
local=/{{ dnsmasq_domain }}/
|
|
|
|
# Add the domain to simple names
|
|
expand-hosts
|
|
|
|
# Disable negative caching
|
|
no-negcache
|
|
|
|
# Don't read /etc/resolv.conf
|
|
no-resolv
|
|
|
|
# Don't read the hostnames in /etc/hosts
|
|
no-hosts
|
|
|
|
# Specify upstream servers directly
|
|
{% for server in dnsmasq_servers %}
|
|
server={{ server }}
|
|
{% endfor %}
|
|
|
|
# Specify upstream servers directly (PTR)
|
|
{% for server in dnsmasq_rev_servers %}
|
|
rev-server={{ server }}
|
|
{% endfor %}
|
|
|
|
# Do not detect and block dns-rebind on queries to these domains
|
|
{% for domain in dnsmasq_rebind_domains %}
|
|
rebind-domain-ok=/{{ domain }}/
|
|
{% endfor %}
|
|
|
|
# Reject (and log) addresses from upstream nameservers which are in the private ranges
|
|
stop-dns-rebind
|
|
|
|
# Exempt 127.0.0.0/8 and ::1 from rebinding checks
|
|
rebind-localhost-ok
|
|
|
|
# Set the size of dnsmasq's cache
|
|
cache-size=4096
|
|
|
|
# Additional hosts file. Read the specified file as well as /etc/hosts
|
|
addn-hosts={{ dnsmasq_records_directory }}
|