diff options
| author | Cullum Smith <cullum@sacredheartsc.com> | 2024-08-02 19:10:39 -0400 |
|---|---|---|
| committer | Cullum Smith <cullum@sacredheartsc.com> | 2024-08-02 19:10:39 -0400 |
| commit | cbcd022f302adc39ecb89fba6faf72e68184c0e0 (patch) | |
| tree | a5ab154e08fa3c4fa110b09d3475736c66840c8b /files/usr/local/etc/pdns | |
| parent | ceb339370d7a0cc4a83fe54103a650dfb3f72261 (diff) | |
| download | infrastructure-cbcd022f302adc39ecb89fba6faf72e68184c0e0.tar.gz | |
halfway working idm server and laptop hostclasses
Diffstat (limited to 'files/usr/local/etc/pdns')
| -rw-r--r-- | files/usr/local/etc/pdns/pdns.conf.idm_server | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/files/usr/local/etc/pdns/pdns.conf.idm_server b/files/usr/local/etc/pdns/pdns.conf.idm_server new file mode 100644 index 0000000..fc63bd6 --- /dev/null +++ b/files/usr/local/etc/pdns/pdns.conf.idm_server @@ -0,0 +1,29 @@ +# With SASL_MECH=EXTERNAL set in system ldap.conf, PowerDNS can be fooled +# into performing an EXTERNAL (Unix peercred) bind over the ldapi:/// domain +# socket. +# +# You must set ldap-bindmethod=gssapi (?!) for this to work. This behavior doesn't +# seem to be documented anywhere, but hey, it's nice! +ldap-host=ldapi:/// +ldap-bindmethod=gssapi + +ldap-basedn=${dns_basedn} +ldap-reconnect-attempts=2147483647 +ldap-method=simple + +launch=ldap + +local-address=127.0.0.1,::1 +local-port=${pdns_port} +distributor-threads=${pdns_distributor_threads} +receiver-threads=${pdns_receiver_threads} +reuseport=yes + +allow-axfr-ips=${pdns_allow_axfr_ips} + +cache-ttl=${pdns_cache_ttl} +query-cache-ttl=${pdns_query_cache_ttl} +negquery-cache-ttl=${pdns_negquery_cache_ttl} +zone-cache-refresh-interval=0 + +security-poll-suffix= |