From 5a09b77070d26d70d6d43afbe547892939b2e1d2 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Sun, 24 Jan 2021 01:30:31 +0100
Subject: [PATCH] Resolve DNS for the accueil vlan

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
 roles/unbound/templates/recursive.conf.j2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/unbound/templates/recursive.conf.j2 b/roles/unbound/templates/recursive.conf.j2
index efdebe1..74d77d9 100644
--- a/roles/unbound/templates/recursive.conf.j2
+++ b/roles/unbound/templates/recursive.conf.j2
@@ -23,12 +23,14 @@ server:
     interface: 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix }}
     interface: 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix }}
     interface: 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix }}
+    interface: 10.{{ subnet_ids.users_accueil }}.0.{{ dns_host_suffix }}
 
 
     # IPv6
     interface: {{ ipv6_base_prefix }}:{{ subnet_ids.ap }}::0:{{ dns_host_suffix }}
     interface: {{ ipv6_base_prefix }}:{{ subnet_ids.users_wired }}::0:{{ dns_host_suffix }}
     interface: {{ ipv6_base_prefix }}:{{ subnet_ids.users_wifi }}::0:{{ dns_host_suffix }}
+    interface: {{ ipv6_base_prefix }}:{{ subnet_ids.users_accueil }}::0:{{ dns_host_suffix }}
 
  
     # By default, anything other than localhost is refused.
@@ -36,6 +38,7 @@ server:
     access-control: 10.{{ subnet_ids.ap }}.0.0/16 allow
     access-control: 10.{{ subnet_ids.users_wired }}.0.0/16 allow
     access-control: 10.{{ subnet_ids.users_wifi }}.0.0/16 allow
+    access-control: 10.{{ subnet_ids.users_accueil }}.0.0/16 allow
     access-control: {{ ipv6_base_prefix }}::/32 allow # Fuck it... :)
 
     num-threads: {{ ansible_processor_vcpus }}