49 lines
972 B
Plaintext
49 lines
972 B
Plaintext
# This is a sample of a minimal configuration file for Knot DNS.
|
||
# See knot.conf(5) or refer to the server documentation.
|
||
|
||
server:
|
||
rundir: "/run/knot"
|
||
user: knot:knot
|
||
listen: [ 0.0.0.0@53, ::@53 ]
|
||
|
||
log:
|
||
- target: syslog
|
||
any: info
|
||
|
||
key:
|
||
- id: grimoire.
|
||
algorithm: hmac-sha256
|
||
secret: {{ key }}
|
||
|
||
remote:
|
||
- id: secpb
|
||
address: [78.194.169.74, 2a01:e34:ec2a:94a0::4]
|
||
|
||
- id: grimoire
|
||
address: [135.181.158.2, 2a01:4f9:c010:ed58::1]
|
||
key: grimoire.
|
||
|
||
acl:
|
||
- id: secpb_acl
|
||
address: [78.194.169.74, 2a01:e34:ec2a:94a0::4]
|
||
action: transfer
|
||
- id: grimoire_acl_axfr
|
||
address: [135.181.158.2, 2a01:4f9:c010:ed58::1]
|
||
key: grimoire.
|
||
action: transfer
|
||
|
||
template:
|
||
- id: default
|
||
storage: "/var/lib/knot"
|
||
file: "%s.zone"
|
||
zonefile-load: difference
|
||
dnssec-signing: on
|
||
dnssec-policy: default
|
||
notify: secpb
|
||
acl: secpb_acl
|
||
|
||
zone:
|
||
{% for zone_name in zones %}
|
||
- domain: {{ zone_name }}
|
||
{% endfor %}
|