#
# Example configuration file.
#
# See unbound.conf(5) man page, version 1.9.4.
#
# this is a comment.

#Use this to include other text into the file.
include-toplevel: "testdata/valid_include_toplevel3.conf"

# The server clause sets the main parameters.
server:
# whitespace is not necessary, but looks cleaner.

# verbosity number, 0 is least verbose. 1 is default.
# verbosity: 1

# print statistics to the log (for every thread) every N seconds.
# Set to "" or 0 to disable. Default is disabled.
# statistics-interval: 0

# enable shm for stats, default no.  if you enable also enable
# statistics-interval, every time it also writes stats to the
# shared memory segment keyed with shm-key.
# shm-enable: no

# shm for stats uses this key, and key+1 for the shared mem segment.
# shm-key: 11777

# enable cumulative statistics, without clearing them after printing.
# statistics-cumulative: no

# enable extended statistics (query types, answer codes, status)
# printed from unbound-control. default off, because of speed.
# extended-statistics: no

# number of threads to create. 1 disables threading.
# num-threads: 2

# Python config section. To enable:
# o use --with-pythonmodule to configure before compiling.
# o list python in the module-config string (above) to enable.
#   It can be at the start, it gets validated results, or just before
#   the iterator and process before DNSSEC validation.
# o and give a python-script to run.
python:
# Script file to load
# python-script: "/etc/unbound/ubmodule-tst.py"

# Remote control config section.
remote-control:
  # Enable remote control with unbound-control(8) here.
  # set up the keys and certificates with unbound-control-setup.
  # control-enable: no

  # what interfaces are listened to for remote control.
  # give 0.0.0.0 and ::0 to listen to all interfaces.
  # set to an absolute path to use a unix local name pipe, certificates
  # are not used for that, so key and cert files need not be present.
  # control-interface: 127.0.0.1
  # control-interface: ::1
  control-interface: /var/run/test.sock

  # port number for remote control operations.
  # control-port: 8955

  # for localhost, you can disable use of TLS by setting this to "no"
  # For local sockets this option is ignored, and TLS is not used.
  # control-use-cert: "yes"

  # unbound server key file.
  # server-key-file: "/etc/unbound/unbound_server.key"

  # unbound server certificate file.
  # server-cert-file: "/etc/unbound/unbound_server.pem"

  # unbound-control key file.
  control-key-file: "/etc/unbound/unbound_control_2.key"

  # unbound-control certificate file.
  control-cert-file: "/etc/unbound/unbound_control_2.pem"