---
origin: Origin for the imported data. Cache prefilling is only supported for the root zone ('.').
- url: URL of the zone file to be imported.
+ url: URL of the zone data to be imported.
refresh_interval: Time interval between consecutive refreshes of the imported zone data.
ca_file: Path to the file containing a CA certificate bundle that is used to authenticate the HTTPS connection.
"""
DNS resolver cache configuration.
---
- storage: DNS resolver cache storage.
+ storage: Cache storage of the DNS resolver.
size_max: Maximum size of the cache.
- ttl_min: Minimum time-to-live for cache entries.
- ttl_max: Maximum time-to-live for cache entries.
+ ttl_min: Minimum time-to-live for the cache entries.
+ ttl_max: Maximum time-to-live for the cache entries.
ns_timeout: Time interval for which a nameserver address will be ignored after determining that it does not return (useful) answers.
prefill: Prefill the cache periodically by importing zone data obtained over HTTP.
"""
class ForwardServerSchema(SchemaNode):
+ """
+ Configuration of Forward server.
+
+ ---
+ address: IP address of Forward server.
+ pin_sha256: Hash of accepted CA certificate.
+ hostname: Hostname of the Forward server.
+ ca_file: Path to CA certificate file.
+ """
+
address: IPAddressOptionalPort
pin_sha256: Optional[Union[str, List[str]]] = None
hostname: Optional[DomainName] = None
class ForwardZoneSchema(SchemaNode):
+ """
+ Configuration of Forward Zone.
+
+ ---
+ tls: Enable/disable TLS for Forward servers.
+ servers: IP address of Forward server.
+ views: Use this Forward Zone only for clients defined by views.
+ options: Configuration flags for Forward Zone.
+ """
+
tls: bool = False
servers: Union[List[IPAddressOptionalPort], List[ForwardServerSchema]]
views: Optional[List[str]] = None
class RPZSchema(SchemaNode):
+ """
+ Configuration or Response Policy Zone (RPZ).
+
+ ---
+ action: RPZ rule action, typically 'deny'.
+ file: Path to the RPZ zone file.
+ watch: Reload the file when it changes.
+ views: Use RPZ rule only for clients defined by views.
+ options: Configuration flags for RPZ rule.
+ message: Deny message for 'deny' action.
+ """
+
action: PolicyActionEnum
file: CheckedPath
watch: bool = True
class StubServerSchema(SchemaNode):
+ """
+ Configuration of Stub server.
+
+ ---
+ address: IP address of Stub server.
+ """
+
address: IPAddressOptionalPort
class StubZoneSchema(SchemaNode):
+ """
+ Configuration of Stub Zone.
+
+ ---
+ servers: IP address of Stub server.
+ views: Use this Stub Zone only for clients defined by views.
+ options: Configuration flags for Stub Zone.
+ """
+
servers: Union[List[IPAddressOptionalPort], List[StubServerSchema]]
views: Optional[List[str]] = None
options: Optional[List[PolicyFlagEnum]] = None
projects / thirdparty / knot-resolver.git / commitdiff
