´edit´
This only works if unbount isn't already on your system, uninstall & purge older versions before continuing!
/edit
compile:
#!/bin/bash
sudo apt-get -y install libssl-dev
sudo apt-get -y install libexpat1-dev
sudo groupadd -g 991 unbound
sudo useradd -c "unbound-1.9.1" -d /var/lib/unbound -u 991 -g unbound -s /bin/false unbound
file=unbound-1.9.1
mkdir -p unbound
cd unbound
wget https://nlnetlabs.nl/downloads/unbound/$file.tar.gz
tar xzf $file.tar.gz
cd $file
sudo ./configure --prefix=/usr --sysconfdir=/etc --disable-static --with-pidfile=/run/unbound.pid
sudo make
sudo make install
cd ..
cd ..
dnssec:
# dnssec
sudo chown unbound:unbound /etc/unbound
sudo /usr/sbin/unbound-anchor -a /etc/unbound/root.key -v
remote control:
#remote control
sudo /usr/sbin/unbound-control-setup
create /lib/systemd/system/unbound.service, content:
Description=Validating, recursive, and caching DNS resolver
Documentation=man:unbound(8)
Requires=network.target
After=network.target
Before=network-online.target nss-lookup.target
Wants=nss-lookup.target
[Install]
WantedBy=multi-user.target
[Service]
ExecStartPre=-/usr/sbin/unbound-anchor -a /etc/unbound/root.key -v
ExecStart=/usr/sbin/unbound -d -v
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
RestartSec=360
systemctl:
sudo systemctl daemon-reload
sudo systemctl enable unbound.service
sudo systemctl start unbound.service