net.listen('::1', 8853, { tls = true })
-- Auto-maintain root TA
-trust_anchors.file = '.local/etc/kresd/root.keys'
+trust_anchors.file = '.local/etc/knot-resolver/root.keys'
-- Large cache size, so we don't need to flush often
-- This can be larger than available RAM, least frequently accessed
static void complete_function(EditLine * el)
{
- //Add left parenthesis to function name.
+ //Add left parenthesis to function name.
el_insertstr(el, "(");
}
//Create necessary folders.
char *dirs[3] =
{ afmt("%s/.local", home), afmt("%s/.local/share", home),
- afmt("%s/.local/share/kresd/", home)
+ afmt("%s/.local/share/knot-resolver/", home)
};
bool ok = true;
for (int i = 0; i < 3; i++) {
}
if (ok) {
hist_file =
- afmt("%s/.local/share/kresd/" HISTORY_FILE, home);
+ afmt("%s/.local/share/knot-resolver/" HISTORY_FILE, home);
}
} else {
- if (!mkdir(afmt("%s/kresd/", data_home), 0755)
+ if (!mkdir(afmt("%s/knot-resolver/", data_home), 0755)
|| errno == EEXIST) {
- hist_file = afmt("%s/kresd/" HISTORY_FILE, data_home);
+ hist_file = afmt("%s/knot-resolver/" HISTORY_FILE, data_home);
}
}
MANDIR ?= $(PREFIX)/share/man
INCLUDEDIR ?= $(PREFIX)/include
MODULEDIR ?= $(LIBDIR)/kdns_modules
-ETCDIR ?= $(PREFIX)/etc/kresd
+ETCDIR ?= $(PREFIX)/etc/knot-resolver
ROOTHINTS ?= $(ETCDIR)/root.hints
COVERAGE_STAGE ?= gcov
COVERAGE_STATSDIR ?= $(CURDIR)/coverage.stats
> user('baduser')
invalid user name
- > user('kresd', 'netgrp')
+ > user('knot-resolver', 'netgrp')
true
> user('root')
Operation not permitted
.. code-block:: lua
- > net.tls("/etc/kresd/server-cert.pem", "/etc/kresd/server-key.pem")
+ > net.tls("/etc/knot-resolver/server-cert.pem", "/etc/knot-resolver/server-key.pem")
> net.tls()
- ("/etc/kresd/server-cert.pem", "/etc/kresd/server-key.pem")
+ ("/etc/knot-resolver/server-cert.pem", "/etc/knot-resolver/server-key.pem")
> net.listen("::", 853)
> net.listen("::", 443, {tls = true})
# (Avoid typos, accidental mismatches, etc.)
#
# To regenerate the C definitions for lua:
-# - you need to have debugging symbols for knot-dns and kresd;
+# - you need to have debugging symbols for knot-dns and knot-resolver;
# you get those by compiling with -g; for knot-dns it might be enough
# to just install it with debugging symbols included (in your distro way)
# - remove file ./kres-gen.lua and run make as usual
brew install pkg-config libuv luajit cmocka
-Building from sources
+Building from sources
---------------------
Initialize git submodules first.
"library", "``LIBDIR``", "``$(PREFIX)/lib``", "pkg-config is auto-generated [#]_"
"daemon", "``SBINDIR``", "``$(PREFIX)/sbin``", ""
- "configuration", "``ETCDIR``", "``$(PREFIX)/etc/kresd``", "Configuration file, templates."
+ "configuration", "``ETCDIR``", "``$(PREFIX)/etc/knot-resolver``", "Configuration file, templates."
"modules", "``MODULEDIR``", "``$(LIBDIR)/kdns_modules``", "Runtime directory for loading dynamic modules [#]_."
"trust anchor file", "``KEYFILE_DEFAULT``", "*(none)*", "Path to read-only trust anchor file, which is used as fallback when no other file is specified. [#]_"
"work directory", "", "the current directory", "Run directory for daemon. (Only relevant during run time, not e.g. during installation.)"
$ make BUILDMODE=dynamic # Default, create dynamic library
$ make BUILDMODE=static # Create static library
-When the library is linked statically, it usually produces a smaller binary. However linking it to various C modules might violate ODR and increase the size.
+When the library is linked statically, it usually produces a smaller binary. However linking it to various C modules might violate ODR and increase the size.
Resolving dependencies
~~~~~~~~~~~~~~~~~~~~~~
net = { '127.0.0.1', '::1', '192.168.1.1' }
-- Drop root privileges
-user('kresd', 'kresd')
+user('knot-resolver', 'knot-resolver')
-- Auto-maintain root TA
trust_anchors.file = 'root.keys'
-- Large cache size, so we don't need to flush ever
-- This can be larger than available RAM, least frequently accessed
-- records will be paged out as long as there's enough disk space to back it
-cache.size = 100 * GB
+cache.size = 100 * GB
-- Load Useful modules
modules = {
net = { '127.0.0.1', '::1', '192.168.1.1' }
-- Drop root privileges
-user('kresd', 'kresd')
+user('knot-resolver', 'knot-resolver')
-- Auto-maintain root TA
trust_anchors.file = 'root.keys'
-- Large cache size, so we don't need to flush often
-- This can be larger than available RAM, least frequently accessed
-- records will be paged out
-cache.size = 4 * GB
+cache.size = 4 * GB
-- Load Useful modules
modules = {
-- net = { '127.0.0.1', '::1' }
-- Drop root privileges
-user('kresd', 'kresd')
+user('knot-resolver', 'knot-resolver')
-- Auto-maintain root TA
trust_anchors.file = 'root.keys'
net = { '127.0.0.1', '::1', '192.168.1.1' }
-- Drop root privileges
-user('kresd', 'kresd')
+user('knot-resolver', 'knot-resolver')
-- Auto-maintain root TA
trust_anchors.file = 'root.keys'
-- Large cache size, so we don't need to flush often
-- This can be larger than available RAM, least frequently accessed
-- records will be paged out
-cache.size = 4 * GB
+cache.size = 4 * GB
-- Forward everything below `company.cz` to `192.168.1.3`
policy.add(policy.suffix(policy.FORWARD('192.168.1.3'), {todname('company.cz')}))
-----------
The module connects to Etcd peers and watches for configuration change.
-By default, the module looks for the subtree under ``/kresd`` directory,
+By default, the module looks for the subtree under ``/knot-resolver`` directory,
but you can change this `in the configuration <https://github.com/mah0x211/lua-etcd#cli-err--etcdnew-optiontable->`_.
The subtree structure corresponds to the configuration variables in the declarative style.
.. code-block:: bash
- $ etcdctl set /kresd/net/127.0.0.1 53
- $ etcdctl set /kresd/cache/size 10000000
+ $ etcdctl set /knot-resolvevr/net/127.0.0.1 53
+ $ etcdctl set /knot-resolver/cache/size 10000000
Configures all listening nodes to following configuration:
modules = {
etcd = {
- prefix = '/kresd',
+ prefix = '/knot-resolver',
peer = 'http://127.0.0.1:7001'
}
}
function etcd.init()
etcd.Etcd = require('etcd.luasocket')
- etcd.defaults = { prefix = '/kresd' }
+ etcd.defaults = { prefix = '/knot-resolver' }
end
function etcd.deinit()
capability net_bind_service,
capability setgid,
capability setuid,
- # seems to be needed during start to read /var/lib/kresd
+ # seems to be needed during start to read /var/lib/knot-resolver
# while we still run as root.
capability dac_override,
network udp,
/proc/sys/net/core/somaxconn r,
- /etc/kresd/* r,
- /var/lib/kresd/ r,
- /var/lib/kresd/** rwlk,
+ /etc/knot-resolver/* r,
+ /var/lib/knot-resolver/ r,
+ /var/lib/knot-resolver/** rwlk,
# modules
/usr/lib{,64}/kdns_modules/*.lua r,
projects / thirdparty / knot-resolver.git / commitdiff
