kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity
bundlewrap/bundles/unbound/metadata.py
Franzi 3eeb253e55
All checks were successful
bundlewrap/pipeline/head This commit looks good
Details
bundles/unbound: introduce, add to nodes
2020-12-13 14:59:44 +01:00

43 lines
863 B
Python
Raw Blame History

defaults = {
'apt': {
'packages': {
'unbound': {},
'unbound-anchor': {},
},
},
'nameservers': {
'127.0.0.1',
},
'unbound': {
'max_ttl': 3600,
},
}
@metadata_reactor
def cpu_cores_to_threads(metadata):
return {
'unbound': {
'threads': metadata.get('vm/cpu', 1)*2,
},
}
@metadata_reactor
def iptables(metadata):
interfaces = metadata.get('unbound/restrict-to-interfaces', set())
iptables = []
for iface in sorted(interfaces):
iptables.append(f'iptables -A INPUT -i {iface} -p tcp --dport 53 -j ACCEPT')
iptables.append(f'iptables -A INPUT -i {iface} -p udp --dport 53 -j ACCEPT')
return {
'iptables': {
'bundle_rules': {
'unbound': iptables,
},
},
}
Reference in a new issue View git blame Copy permalink