from typing import List, Optional
-from knot_resolver_manager.datamodel.types import CheckedPath, SizeUnit, TimeUnit
+from knot_resolver_manager.datamodel.types import CheckedPath, DomainName, SizeUnit, TimeUnit
from knot_resolver_manager.utils import SchemaNode
class PrefillSchema(SchemaNode):
- domain: str
+ """
+ Prefill the cache periodically by importing zone data obtained over HTTP.
+
+ ---
+ origin: Origin for the imported data. Cache prefilling is only supported for the root zone ('.').
+ url: URL of the zone file to be imported.
+ refresh_interval: Time interval between consecutive refreshes of the imported zone data.
+ ca_file: Path to the file containing a CA certificate bundle that is used to authenticate the HTTPS connection.
+ """
+
+ origin: DomainName
url: str
refresh_interval: TimeUnit = TimeUnit("1d")
ca_file: Optional[CheckedPath] = None
+ def _validate(self) -> None:
+ if self.origin != ".":
+ raise ValueError("cache prefilling is not yet supported for non-root zones")
+
class CacheSchema(SchemaNode):
+ """
+ DNS resolver cache configuration.
+
+ ---
+ storage: DNS resolver cache storage.
+ size_max: Maximum size of the cache.
+ ttl_min: Minimum time-to-live for cache entries.
+ ttl_max: Maximum time-to-live for cache entries.
+ ns_timeout: Time interval for which a nameserver address will be ignored after determining that it does not return (useful) answers.
+ prefill: Prefill the cache periodically by importing zone data obtained over HTTP.
+ """
+
storage: CheckedPath = CheckedPath("/var/cache/knot-resolver")
size_max: SizeUnit = SizeUnit("100M")
ttl_min: TimeUnit = TimeUnit("5s")
server: DNS server control and management configuration.
options: Fine-tuning global parameters of DNS resolver operation.
network: Network connections and protocols.
- static-hints: Static hints configuration section.
+ static_hints: Static hints configuration section.
views: List of views and its configuration.
policy: List of policy rules and its configuration.
rpz: List of Response Policy Zones and its configuration.
- stub-zones: List of Stub Zones and its configuration.
- forward-zones: List of Forward Zones and its configuration.
+ stub_zones: List of Stub Zones and its configuration.
+ forward_zones: List of Forward Zones and its configuration.
cache: DNS resolver cache configuration.
dnssec: DNSSEC disabling/enabling and configuration.
dns64: DNS64 disabling/enabling and configuration.
class LuaSchema(SchemaNode):
+ """
+ Custom Lua configuration.
+
+ ---
+ script_only: Ignore all declarative configuration and use only Lua script or file.
+ script: Custom Lua configuration script.
+ script_file: Path to custom Lua configuration script file.
+ """
+
script_only: bool = False
script: Optional[str] = None
script_file: Optional[str] = None
groupid: Additional identifier in case more managers are running on single machine.
nsid: Name Server Identifier (RFC 5001) which allows DNS clients to request resolver to send back its NSID along with the reply to a DNS request.
workers: The number of running 'Knot Resolver daemon' (kresd) workers. Based on number of CPUs if set to 'auto'.
- use-cache-gc: Use cache garbage collector (kres-cache-gc) automatically.
+ use_cache_gc: Use cache garbage collector (kres-cache-gc) automatically.
backend: Forces manager to use a specific service manager. Defaults to autodetection.
watchdog: Systemd watchdog configuration. Can only be used with 'systemd' backend.
rundir: Directory where the manager can create files and which will be manager's cwd
class ViewSchema(SchemaNode):
+ """
+ Configuration parameters that allows you to create personalized policy rules and other.
+
+ ---
+ subnets: Identifies clients based on subnets.
+ tsig: Identifies clients based on a TSIG key name. This is only for testing purposes, TSIG signature is not verified!
+ options: List of flags for clients specified in view.
+ """
+
subnets: Optional[List[IPNetwork]] = None
tsig: Optional[List[str]] = None
options: Optional[List[FlagsEnum]] = None
projects / thirdparty / knot-resolver.git / commitdiff
