From e9f84d7d994656162e41136e375d6cdfa86446ed Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Sat, 25 Sep 2021 16:25:59 +0200
Subject: [PATCH 1/3] Improve the unbound configuration

---
 optional/unbound/unbound.conf | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/optional/unbound/unbound.conf b/optional/unbound/unbound.conf
index 6c8fc64d..42b2d4d8 100644
--- a/optional/unbound/unbound.conf
+++ b/optional/unbound/unbound.conf
@@ -1,19 +1,21 @@
 server:
   verbosity: 1
   interface: 0.0.0.0
-  interface: ::0
+  {{ 'interface: ::0' if SUBNET6 }}
   logfile: ""
   do-ip4: yes
-  do-ip6: yes
+  do-ip6: {{ 'yes' if SUBNET6 else 'no' }}
   do-udp: yes
   do-tcp: yes
   do-daemonize: no
   access-control: {{ SUBNET }} allow
+  {{ 'access-control: {{ SUBNET6 }} allow' if SUBNET6 }}
   directory: "/etc/unbound"
   username: unbound
   auto-trust-anchor-file: trusted-key.key
   root-hints: "/etc/unbound/root.hints"
   hide-identity: yes
   hide-version: yes
-  max-udp-size: 4096
-  msg-buffer-size: 65552
+  cache-min-ttl: 300
+  qname-minimisation: yes
+

From 739702a0349d099bf70cb71f18a2bd12180897ab Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Sat, 25 Sep 2021 16:31:11 +0200
Subject: [PATCH 2/3] doc

---
 towncrier/newsfragments/1992.enhancement | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 towncrier/newsfragments/1992.enhancement

diff --git a/towncrier/newsfragments/1992.enhancement b/towncrier/newsfragments/1992.enhancement
new file mode 100644
index 00000000..56a11538
--- /dev/null
+++ b/towncrier/newsfragments/1992.enhancement
@@ -0,0 +1,3 @@
+Make unbound work with ipv6
+Add a cache-min-ttl of 5minutes
+Enable qname minimisation (privacy)

From 1cf0f76b529389b47eff0c7e9800c53263e073af Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Mon, 27 Sep 2021 09:04:15 +0200
Subject: [PATCH 3/3] not required anymore

---
 optional/unbound/unbound.conf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/optional/unbound/unbound.conf b/optional/unbound/unbound.conf
index 42b2d4d8..df0c76ff 100644
--- a/optional/unbound/unbound.conf
+++ b/optional/unbound/unbound.conf
@@ -17,5 +17,4 @@ server:
   hide-identity: yes
   hide-version: yes
   cache-min-ttl: 300
-  qname-minimisation: yes