From 29c072b2fb443624f36c78d03c3f04fabc44d110 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ale=C5=A1=20Mr=C3=A1zek?= Date: Fri, 2 Jun 2023 15:31:33 +0200 Subject: [PATCH] manager: forward config example --- .../etc/knot-resolver/config.policy.dev.yml | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/manager/etc/knot-resolver/config.policy.dev.yml b/manager/etc/knot-resolver/config.policy.dev.yml index bccf8edbb..b93fcceb3 100644 --- a/manager/etc/knot-resolver/config.policy.dev.yml +++ b/manager/etc/knot-resolver/config.policy.dev.yml @@ -1,9 +1,9 @@ -rundir: etc/knot-resolver/runtime +rundir: runtime workers: 1 management: interface: 127.0.0.1@5000 cache: - storage: ../cache + storage: cache logging: level: notice groups: @@ -38,7 +38,7 @@ local-data: - type: nxdomain roots: [ sub4.example.org ] rpz: - - file: blocklist.rpz + - file: runtime/blocklist.rpz tags: [t01, t02] # ttl: 1d @@ -54,19 +54,18 @@ local-data: # A 192.168.2.4 # local.example.org AAAA ::1 -# forward: -# - subtree: '.' -# servers: -# - address: [ 192.0.2.1, 192.0.2.2@5353 ] -# transport: tls -# pin-sha256: Wg== -# - address: 2001:DB8::d0c -# transport: tls -# hostname: res.example.com -# ca-file: /etc/knot-resolver/tlsca.crt -# options: -# dnssec: true # default -# - subtree: 1.168.192.in-addr.arpa -# servers: [ 192.0.2.1@5353 ] -# options: -# dnssec: false # policy.STUB? \ No newline at end of file +forward: + - subtree: '.' + options: + dnssec: true + authoritative: false + servers: + - address: [2001:148f:fffe::1, 185.43.135.1] + transport: tls + hostname: odvr.nic.cz + - address: [ 192.0.2.1, 192.0.2.2 ] + pin-sha256: ['YQ==', 'Wg=='] + - subtree: 1.168.192.in-addr.arpa + options: + dnssec: false + servers: [ 192.0.2.1@5353 ] -- 2.47.2