From 95d41c4d4db39d082bd1f8d36b2f98c8d4bebeac Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Tue, 28 Sep 2021 12:11:58 +0200
Subject: [PATCH] initial

---
 .gitlab-ci.yml | 36 ++++++++++++++++++++++++++++++++++++
 Dockerfile     | 18 ++++++++++++++++++
 unbound.conf   | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 91 insertions(+)
 create mode 100644 .gitlab-ci.yml
 create mode 100644 Dockerfile
 create mode 100644 unbound.conf

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..b588c88
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,36 @@
+stages:
+    - check
+    - build
+    - deploy
+
+include:
+    - project: dockerized/commons
+      ref: master
+      file: gitlab-ci-template.yml
+
+deploy:
+    image: registry.hottis.de/dockerized/docker-bash:latest
+    stage: deploy
+    tags:
+        - hottis
+        - linux
+        - docker
+    only:
+        - tags
+    variables:
+        GIT_STRATEGY: none
+        CONTAINER_NAME: unbound
+    script:
+        - docker stop $CONTAINER_NAME || echo "container not running, never mind"
+        - docker rm $CONTAINER_NAME || echo "container not existing, never mind"
+        - docker run 
+          -d 
+          --network docker-server 
+          --ip 172.16.10.43 
+          -v sink_config:/etc/sink 
+          --name $CONTAINER_NAME 
+          --restart always 
+          $IMAGE_NAME:$CI_COMMIT_TAG
+    environment:
+        name: production
+
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..2fccb72
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,18 @@
+FROM alpine:3.13
+
+RUN \
+  apk add --no-cache unbound && \
+  mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf-dist
+
+COPY unbound.conf /etc/unbound/unbound.conf
+
+EXPOSE 53/udp
+
+VOLUME /etc/unbound
+
+CMD [ "/usr/sbin/unbound" ]
+
+  
+
+
+
diff --git a/unbound.conf b/unbound.conf
new file mode 100644
index 0000000..9839c17
--- /dev/null
+++ b/unbound.conf
@@ -0,0 +1,37 @@
+server:
+    interface: 0.0.0.0
+    do-ip4: yes
+    do-ip6: no
+
+    do-daemonize: no
+
+    verbosity: 1
+    logfile: ""
+    log-time-ascii: yes
+    log-queries: yes
+    log-replies: yes
+
+    access-control: 172.16.0.0/16 allow
+    access-control: 10.200.200.0/24 allow
+    access-control: 172.17.0.0/16 allow
+
+    local-zone: "nober.de." transparent
+        local-data: "base.hv.nober.de. IN A 192.0.2.51"
+        local-data: "api.hv.nober.de. IN A 192.0.2.51"
+
+    local-zone: "hottis.de." transparent
+        local-data: "authservice.hottis.de. IN A 172.16.10.41"
+        local-data: "bitwarden.hottis.de. IN A 172.16.10.41"
+        local-data: "smarthome.hottis.de. IN A 172.16.10.41"
+        local-data: "registry.hottis.de. IN A 172.16.10.41"
+        local-data: "home.hottis.de. IN A 172.16.1.11"
+        local-data: "repo.hottis.de. IN A 172.16.1.11"
+        local-data: "sink.hottis.de. IN A 172.16.10.42"
+        local-data: "brkrint.hottis.de. IN A 172.16.2.16"
+
+    local-zone: "mainscnt.eu." transparent
+        local-data: "grafana.mainscnt.eu. IN A 172.16.10.41"
+        local-data: "wiki.mainscnt.eu. IN A 172.16.10.41"
+        local-data: "broker.mainscnt.eu. IN A 172.16.10.40"
+        local-data: "db.mainscnt.eu. IN A 172.16.10.27"
+