Deployed e19caf9 with MkDocs version: 1.6.0

assets/conf/freebsd/forward.conf

@@ -0,0 +1,32 @@
+# This file was generated by local-unbound-setup.
+# Modifications will be overwritten.
+forward-zone:
+	name: "."
+	forward-tls-upstream: yes		# Use DNS-over-TLS
+	forward-first: no			# do NOT send direct
+###IPv4
+# 9.9.9.9 - Threat-blocking with DNSSEC
+	forward-addr: 9.9.9.9@853#dns.quad9.net
+	forward-addr: 149.112.112.112@853#dns.quad9.net
+
+# 9.9.9.11 - Threat blocking, DNSSEC, and ECS
+#	forward-addr: 9.9.9.11@853#dns11.quad9.net
+#       forward-addr: 149.112.112.11@853#dns11.quad9.net
+
+# 9.9.9.10 - No threat blocking, no DNSSEC
+#	forward-addr: 9.9.9.10@853#dns10.quad9.net
+#       forward-addr: 149.112.112.10@853#dns10.quad9.net
+
+
+###IPv6	- Uncomment if your system is configured for IPv6.
+# 9.9.9.9 - Threat-blocking with DNSSEC
+#	forward-addr: 2620:fe::fe@853#dns.quad9.net
+#	forward-addr: 2620:fe::9@853#dns.quad9.net
+
+# 9.9.9.11 - Threat blocking, DNSSEC, and ECS
+#       forward-addr: 2620:fe::11@853#dns11.quad9.net
+#       forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
+
+# 9.9.9.10 - No threat blocking, no DNSSEC
+#       forward-addr: 2620:fe::10@853#dns10.quad9.net
+#       forward-addr: 2620:fe::fe:10@853#dns10.quad9.net

assets/conf/freebsd/unbound.conf

@@ -0,0 +1,14 @@
+# This file was generated by local-unbound-setup.
+# Modifications will be overwritten.
+server:
+	username: unbound
+	directory: /var/unbound
+	chroot: /var/unbound
+	pidfile: /var/run/local_unbound.pid
+	#auto-trust-anchor-file: /var/unbound/root.key
+	tls-cert-bundle: /etc/ssl/cert.pem
+
+include: /var/unbound/forward.conf
+include: /var/unbound/lan-zones.conf
+include: /var/unbound/control.conf
+include: /var/unbound/conf.d/*.conf

assets/conf/openbsd/unbound.conf

@@ -0,0 +1,87 @@
+# $OpenBSD: unbound.conf,v 1.21 2020/10/28 11:35:58 sthen Exp $
+# Modified by Quad9.net:
+# - Disable DNSSEC Validation. Quad9 already performs DNSSEC validation, and DNSSEC validation on a forwarder significantly decreases performance due to duplicate DNSSEC validation and can occassionally result in a false BOGUS result.
+# - DNS-over-TLS enabled.
+# - Pre-populate all Quad9 services
+
+server:
+	interface: 127.0.0.1
+	#interface: 127.0.0.1@5353	# listen on alternative port
+	interface: ::1
+	#do-ip6: no
+
+	# override the default "any" address to send queries; if multiple
+	# addresses are available, they are used randomly to counter spoofing
+	#outgoing-interface: 192.0.2.1
+	#outgoing-interface: 2001:db8::53
+
+	access-control: 0.0.0.0/0 refuse
+	access-control: 127.0.0.0/8 allow
+	access-control: ::0/0 refuse
+	access-control: ::1 allow
+
+	hide-identity: yes
+	hide-version: yes
+
+	# Perform DNSSEC validation.
+	#
+	#auto-trust-anchor-file: "/var/unbound/db/root.key"
+	#val-log-level: 2
+
+	# Synthesize NXDOMAINs from DNSSEC NSEC chains.
+	# https://tools.ietf.org/html/rfc8198
+	#
+	# aggressive-nsec: yes
+
+	# Serve zones authoritatively from Unbound to resolver clients.
+	# Not for external service.
+	#
+	#local-zone: "local." static
+	#local-data: "mycomputer.local. IN A 192.0.2.51"
+	#local-zone: "2.0.192.in-addr.arpa." static
+	#local-data-ptr: "192.0.2.51 mycomputer.local"
+
+	# Use TCP for "forward-zone" requests. Useful if you are making
+	# DNS requests over an SSH port forwarding.
+	#
+	#tcp-upstream: yes
+
+	# CA Certificates used for forward-tls-upstream (RFC7858) hostname
+	# verification.  Since it's outside the chroot it is only loaded at
+	# startup and thus cannot be changed via a reload.
+	tls-cert-bundle: "/etc/ssl/cert.pem"
+
+remote-control:
+	control-enable: yes
+	control-interface: /var/run/unbound.sock
+
+forward-zone:
+	name: "."
+	forward-tls-upstream: yes		# Use DNS-over-TLS
+	forward-first: no			# do NOT send direct
+###IPv4
+# 9.9.9.9 - Threat-blocking with DNSSEC
+	forward-addr: 9.9.9.9@853#dns.quad9.net
+	forward-addr: 149.112.112.112@853#dns.quad9.net
+
+# 9.9.9.11 - Threat blocking, DNSSEC, and ECS
+#	forward-addr: 9.9.9.11@853#dns11.quad9.net
+#       forward-addr: 149.112.112.11@853#dns11.quad9.net
+
+# 9.9.9.10 - No threat blocking, no DNSSEC
+#	forward-addr: 9.9.9.10@853#dns10.quad9.net
+#       forward-addr: 149.112.112.10@853#dns10.quad9.net
+
+
+###IPv6	- Uncomment if your system is configured for IPv6.
+# 9.9.9.9 - Threat-blocking with DNSSEC
+#	forward-addr: 2620:fe::fe@853#dns.quad9.net
+#	forward-addr: 2620:fe::9@853#dns.quad9.net
+
+# 9.9.9.11 - Threat blocking, DNSSEC, and ECS
+#       forward-addr: 2620:fe::11@853#dns11.quad9.net
+#       forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
+
+# 9.9.9.10 - No threat blocking, no DNSSEC
+#       forward-addr: 2620:fe::10@853#dns10.quad9.net
+#       forward-addr: 2620:fe::fe:10@853#dns10.quad9.net