[dns] Update based on reality

lab/ansible/roles/caddy/files/Caddyfile

@@ -106,7 +106,7 @@ paper.unbl.ink {
     reverse_proxy laptop.service:8090
 }
 paper.lab.unbl.ink {
-    reverse_proxy laptop.service:8090
+    reverse_proxy paper.service:8090
 }
 podcasts.lab.unbl.ink {
     reverse_proxy podcasts.service:8004

lab/ansible/roles/unbound/files/filebeat.yml

@@ -0,0 +1,32 @@
+setup.ilm.enabled: false
+setup.template.enabled: true
+setup.template.name: "{{ansible_hostname}}-log"
+setup.template.pattern: "{{ansible_hostname}}-log-*"
+setup.template.overwrite: true
+
+filebeat.inputs:
+- type: log
+  enabled: true
+  paths:
+    - /var/log/auth.log
+    - /var/log/messages
+    - /user/local/etc/unbound/unbound.log
+
+processors:
+- dissect:
+    tokenizer: "[%{date}] unbound[%{pid}:%{thread}] query: %{source_ip} %{domain}. %{record_type} IN"
+    field: "message"
+    ignore_failure: true  # Ignore failures to allow the next processor to run
+- dissect:
+    tokenizer: "[%{date}] unbound[%{pid}:%{thread}] reply: %{client_ip} %{query} %{query_type} %{query_class} %{response_code} %{resp
+onse_time} %{ttl} %{size}"
+    field: message"
+    ignore_failure: true  # Ignore failures to allow the next processor to run
+
+output.elasticsearch:
+  hosts: ["http://linux.service:5080"]
+  timeout: 10
+  path: "/api/default/"
+  index: default
+  username: "openobserve@unbl.ink"
+  password: "{{openobserve_password}}"

lab/ansible/roles/unbound/files/service.zones

@@ -1,5 +1,5 @@
 local-zone: "service." static
-local-data: "archive.service    IN      A       192.168.40.78"
+local-data: "archive.service    IN      A       192.168.40.142"
 local-data: "bastion.service    IN      A       192.168.40.83"
 local-data: "bedroom.service    IN      A       192.168.40.2"
 local-data: "cache.service      IN      A       192.168.40.16"
@@ -41,7 +41,7 @@ local-data: "emus.service       IN      A       192.168.40.163"
 local-data: "fittrackee.service IN      A       192.168.40.37"
 local-data: "links.service      IN      A       192.168.40.161"
 local-data: "pallene.service    IN      A       192.168.40.236"
-local-data: "paper.service      IN      A       192.168.40.206"
+local-data: "paper.service      IN      A       192.168.40.204"
 local-data: "pass.service       IN      A       192.168.40.30"
 local-data: "s3.service         IN      A       192.168.40.113"
 local-data: "wger.service       IN      A       192.168.40.250"

lab/ansible/roles/unbound/files/unblink.zones

@@ -1,16 +1,16 @@
 private-domain: "unbl.ink."
 local-zone: "unbl.ink." static
 local-data: "box.unbl.ink       IN      A       142.93.153.227"
-local-data: "www.unbl.ink	    IN  	A   	142.93.153.227"
+local-data: "www.unbl.ink	   IN  	A   	142.93.153.227"
 local-data: "greip.unbl.ink     IN      A       198.244.198.117"
 local-data: "bt1.unbl.ink       IN      A       198.244.198.117"
-local-data: "bastion.unbl.ink	IN	    A	    192.168.40.83"
+local-data: "bastion.unbl.ink	IN	   A	   192.168.40.83"
 local-data: "bt2.unbl.ink       IN      A       198.12.85.133"
-local-data: "ntfy.unbl.ink	    IN  	A 	    147.182.174.4"
+local-data: "ntfy.unbl.ink	   IN  	A 	   147.182.174.4"
 local-data: "pandora.unbl.ink   IN      A       198.12.85.133"
 local-data: "dns.unbl.ink       IN      A       192.168.40.24"
 local-data: "cache.unbl.ink     IN      A       192.168.40.83"
-local-data: "code.unbl.ink      IN	    A	    192.168.40.83"
+local-data: "code.unbl.ink      IN	   A	   192.168.40.83"
 local-data: "photos.unbl.ink    IN      A       192.168.40.83"
 local-data: "play.unbl.ink      IN      A       192.168.40.83"
 local-data: "snap.unbl.ink      IN      A       192.168.40.83"
@@ -26,10 +26,10 @@ local-data: "links.unbl.ink     IN      A       192.168.40.83"
 local-data: "bastion.unbl.ink   IN      A       192.168.40.83"
 local-data: "ko.lab.unbl.ink    IN      A       192.168.40.83"
 local-data: "db.lab.unbl.ink    IN      A       192.168.40.83"
-local-data: "emus.lab.unbl.ink	IN  	A	    192.168.40.83"
+local-data: "emus.lab.unbl.ink	IN  	A	   192.168.40.83"
 local-data: "music.lab.unbl.ink IN      A       192.168.40.83"
-local-data: "play.lab.unbl.ink	IN	    A	    192.168.40.83"
-local-data: "base.lab.unbl.ink	IN	    A	    192.168.40.83"
+local-data: "play.lab.unbl.ink	IN	   A	   192.168.40.83"
+local-data: "base.lab.unbl.ink	IN	   A	   192.168.40.83"
 local-data: "rss.lab.unbl.ink   IN      A       192.168.40.83"
 local-data: "logs.lab.unbl.ink  IN      A       192.168.40.83"
 local-data: "kodi.lab.unbl.ink  IN      A       192.168.40.83"
@@ -38,8 +38,12 @@ local-data: "calibre.lab.unbl.ink   IN     A       192.168.40.83"
 local-data: "archive.lab.unbl.ink   IN     A       192.168.40.83"
 local-data: "mc-map.lab.unbl.ink    IN     A       192.168.40.83"
 local-data: "cocorev.lab.unbl.ink    IN     A       192.168.40.83"
-local-data: "front.see.unbl.ink     IN     A       192.168.40.83"
 local-data: "orchard.see.unbl.ink   IN     A       192.168.40.83"
+local-data: "front.see.unbl.ink     IN     A       192.168.40.83"
+local-data: "barn.see.unbl.ink     IN     A       192.168.40.83"
+local-data: "chicks.see.unbl.ink     IN     A       192.168.40.83"
+local-data: "chick-cam.lab.unbl.ink     IN     A       192.168.40.83"
+local-data: "garage.see.unbl.ink     IN     A       192.168.40.83"
 local-data: "master.see.unbl.ink    IN     A       192.168.40.83"
 local-data: "woods.see.unbl.ink     IN     A       192.168.40.83"
 local-data: "dining.see.unbl.ink    IN     A       192.168.40.83"
@@ -55,10 +59,10 @@ local-data: "living.see.unbl.ink         IN     A       192.168.40.83"
 local-data: "mail.see.unbl.ink           IN     A       192.168.40.83"
 local-data: "ci.lab.unbl.ink             IN     A       192.168.40.83"
 local-data: "podcasts.lab.unbl.ink       IN     A       192.168.40.83"
-local-data: "console.s3.unbl.ink   	     IN     A       192.168.40.83"
+local-data: "console.s3.unbl.ink   	    IN     A       192.168.40.83"
 local-data: "life.lab.unbl.ink           IN      A      192.168.40.83"
 local-data: "library.lab.unbl.ink        IN     A   	192.168.40.83"
-local-data: "change.lab.unbl.ink         IN	    A   	192.168.40.83"
-local-data: "paper.lab.unbl.ink          IN	    A   	192.168.40.83"
-local-data: "files.lab.unbl.ink          IN	    A   	192.168.40.83"
-local-data: "unbl.ink	                 IN     A   	142.93.153.227"
+local-data: "change.lab.unbl.ink         IN	   A   	192.168.40.83"
+local-data: "paper.lab.unbl.ink          IN	   A   	192.168.40.83"
+local-data: "files.lab.unbl.ink          IN	   A   	192.168.40.83"
+local-data: "unbl.ink	                IN     A   	142.93.153.227"

lab/ansible/roles/unbound/files/unbound.conf

@@ -15,7 +15,7 @@ server:
 
 	logfile: "unbound.log"
 	log-queries: yes
-	log-replies: yes
+	log-replies: no
 	log-tag-queryreply: yes
 
 	prefetch: yes