pax_global_header00006660000000000000000000000064150670154010014511gustar00rootroot0000000000000052 comment=bdd016136a9e4c0ef6211776d33a5aa4fd5826e4 README.md000066400000000000000000000057531506701540100123460ustar00rootroot00000000000000# Sparky unbound Verify unbound installation cookbook on Rocky Linux using Sparky # Cookbook https://docs.rockylinux.org/guides/dns/unbound_recursive_dns/ # Report example ``` 11:02:50 :: [repository] - index updated from http://sparrowhub.io/repo/api/v1/index run stage: use-case [task run: task.bash - create directory scm] [task stdout] 11:04:04 :: directory path: scm 11:04:04 :: directory owner: 11:04:04 :: directory group: 11:04:04 :: directory access rights: drwxr-xr-x [task run: task.bash - bash: echo OK] [task stdout] 11:04:58 :: OK >>> send request: GET job file from http://10.0.2.2:4000/file/sparky-rocky/avghkszjwqytrlfiuodm.3318/use_case_repo.tar ... [task run: task.bash - bash: unpack use_case_repo.tar] [task stdout] 11:05:37 :: total 116 11:05:37 :: -rw-r--r--. 1 admin admin 26 May 22 10:22 main.raku 11:05:37 :: -rw-r--r--. 1 admin admin 158 May 22 10:13 README.md 11:05:37 :: drwxr-xr-x. 3 admin admin 21 May 22 11:05 tasks 11:05:37 :: -rw-r--r--. 1 admin admin 109056 May 22 11:05 use_case_repo.tar load scenario from main.raku [task run: task.bash - tasks/unbound] [task stdout] 11:05:44 :: Last metadata expiration check: 0:26:23 ago on Thu 22 May 2025 10:39:21 AM UTC. 11:05:45 :: Package bind-utils-32:9.16.23-24.el9_5.3.x86_64 is already installed. 11:05:45 :: Dependencies resolved. 11:05:45 :: Nothing to do. 11:05:45 :: Complete! 11:05:50 :: Last metadata expiration check: 0:26:29 ago on Thu 22 May 2025 10:39:21 AM UTC. 11:05:50 :: Package unbound-1.16.2-8.el9_5.1.x86_64 is already installed. 11:05:51 :: Dependencies resolved. 11:05:51 :: Nothing to do. 11:05:51 :: Complete! 11:05:57 :: Last metadata expiration check: 0:26:36 ago on Thu 22 May 2025 10:39:21 AM UTC. 11:05:57 :: Package firewalld-1.3.4-9.el9_5.noarch is already installed. 11:05:57 :: Dependencies resolved. 11:05:57 :: Nothing to do. 11:05:57 :: Complete! 11:06:07 :: success 11:06:13 :: success 11:06:17 :: dns check ... 11:06:17 :: Using domain server: 11:06:17 :: Name: 10.0.2.15 11:06:17 :: Address: 10.0.2.15#53 11:06:17 :: Aliases: 11:06:17 :: 11:06:17 :: google.com has address 173.194.221.138 11:06:17 :: google.com has address 173.194.221.101 11:06:17 :: google.com has address 173.194.221.139 11:06:17 :: google.com has address 173.194.221.113 11:06:17 :: google.com has address 173.194.221.100 11:06:17 :: google.com has address 173.194.221.102 11:06:17 :: google.com has IPv6 address 2a00:1450:4010:c0a::64 11:06:17 :: google.com has IPv6 address 2a00:1450:4010:c0a::66 11:06:17 :: google.com has IPv6 address 2a00:1450:4010:c0a::71 11:06:17 :: google.com has IPv6 address 2a00:1450:4010:c0a::8a 11:06:17 :: google.com mail is handled by 10 smtp.google.com. [task stderr] 11:06:17 :: Warning: ALREADY_ENABLED: 'dns' already in 'public' [task check] stdout match (s) True stdout match (s) True stdout match (s) True stdout match (s) True stdout match (s) <^^ \s* $$> True stdout match (s) True --- ``` main.raku000066400000000000000000000000321506701540100126600ustar00rootroot00000000000000task-run "tasks/unbound"; tasks/000077500000000000000000000000001506701540100122025ustar00rootroot00000000000000tasks/unbound/000077500000000000000000000000001506701540100136545ustar00rootroot00000000000000tasks/unbound/task.bash000066400000000000000000000011461506701540100154570ustar00rootroot00000000000000#!/bin/bash - set -e sudo dnf install bind-utils -y sudo dnf install unbound -y sudo bash -c 'cat < /etc/unbound/unbound.conf server: interface: 0.0.0.0 interface: :: access-control: 10.0.2.0/16 allow access-control: 2001:db8::/64 allow chroot: "" forward-zone: name: "." forward-addr: 1.0.0.1@53 forward-addr: 1.1.1.1@53 EOF' sudo dnf install firewalld -y sudo systemctl enable --now firewalld sudo firewall-cmd --add-service=dns --zone=public sudo firewall-cmd --runtime-to-permanent sudo systemctl enable --now unbound echo "dns check ..." host google.com 127.0.0.1 tasks/unbound/task.check000066400000000000000000000001711506701540100156140ustar00rootroot00000000000000begin: Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: regexp: ^^ \s* $$ google.com has address end: