Skip to content

Instantly share code, notes, and snippets.

@apsun

apsun/server.conf

Last active March 2, 2022 16:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save apsun/88225baad34610155c8451913375b5ce to your computer and use it in GitHub Desktop.
Save apsun/88225baad34610155c8451913375b5ce to your computer and use it in GitHub Desktop.
Download ZIP
Unbound config for a forwarding DNS server for use with WireGuard
Raw
server.conf
server:
verbosity: 1
interface: 0.0.0.0
interface: ::0
port: 53
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
# allow access from anywhere
# access-control: 0.0.0.0/0 allow
# access-control: ::0/0 allow
# allow access from localhost
access-control: 127.0.0.0/8 allow
access-control: ::1/128 allow
# allow access within wireguard
access-control: 10.19.84.0/24 allow
access-control: fd07:d3fc:8a02::0/48 allow
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment