54 lines
1.1 KiB
Plaintext
54 lines
1.1 KiB
Plaintext
server:
|
|
version: "Knot"
|
|
nsid: ""
|
|
rundir: "/run/knot"
|
|
user: "knot:knot"
|
|
automatic-acl: "on"
|
|
listen: [ "2001:db8::1@42053", "203.0.113.1@42053" ]
|
|
|
|
log:
|
|
- target: "/var/log/knot/knot.log"
|
|
any: "debug"
|
|
|
|
database:
|
|
storage: "/var/lib/knot"
|
|
|
|
key:
|
|
- id: "primary-to-secondary."
|
|
algorithm: "hmac-sha256"
|
|
secret: "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGH" # keymgr -t primary-to-secondary hmac-sha256
|
|
|
|
remote:
|
|
- id: "secondary"
|
|
address: [ "2001:db8::2@53", "203.0.113.2@53" ]
|
|
key: "primary-to-secondary."
|
|
|
|
policy:
|
|
- id: "niver"
|
|
algorithm: "ed25519"
|
|
nsec3: "on"
|
|
nsec3-iterations: 10
|
|
|
|
template:
|
|
- id: "niver-ns"
|
|
storage: "/srv/niver/ns"
|
|
file: "%s.zone"
|
|
zonefile-load: "difference"
|
|
dnssec-signing: "on"
|
|
dnssec-policy: "niver"
|
|
catalog-role: "member"
|
|
catalog-zone: "niver.test.invalid."
|
|
|
|
zone:
|
|
- domain: "niver.test."
|
|
storage: "/srv/niver/reg"
|
|
file: "%s.zone"
|
|
zonefile-load: "difference"
|
|
dnssec-signing: "on"
|
|
dnssec-policy: "niver"
|
|
|
|
- domain: "niver.test.invalid."
|
|
notify: "secondary"
|
|
zonefile-load: "difference"
|
|
catalog-role: "generate"
|