Loading nixos/tests/knot.nix +67 −73 Original line number Diff line number Diff line Loading @@ -60,44 +60,43 @@ in { services.knot.enable = true; services.knot.extraArgs = [ "-v" ]; services.knot.keyFiles = [ tsigFile ]; services.knot.extraConfig = '' server: listen: 0.0.0.0@53 listen: ::@53 automatic-acl: true remote: - id: secondary address: 192.168.0.2@53 key: xfr_key template: - id: default storage: ${knotZonesEnv} notify: [secondary] dnssec-signing: on services.knot.settings = { server = { listen = [ "0.0.0.0@53" "::@53" ]; automatic-acl = true; }; acl.secondary_acl = { address = "192.168.0.2"; key = "xfr_key"; action = "transfer"; }; remote.secondary.address = "192.168.0.2@53"; template.default = { storage = knotZonesEnv; notify = [ "secondary" ]; acl = [ "secondary_acl" ]; dnssec-signing = true; # Input-only zone files # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 # prevents modification of the zonefiles, since the zonefiles are immutable zonefile-sync: -1 zonefile-load: difference journal-content: changes # move databases below the state directory, because they need to be writable journal-db: /var/lib/knot/journal kasp-db: /var/lib/knot/kasp timer-db: /var/lib/knot/timer zone: - domain: example.com file: example.com.zone - domain: sub.example.com file: sub.example.com.zone log: - target: syslog any: info ''; zonefile-sync = -1; zonefile-load = "difference"; journal-content = "changes"; }; zone = { "example.com".file = "example.com.zone"; "sub.example.com".file = "sub.example.com.zone"; }; log.syslog.any = "info"; }; }; secondary = { lib, ... }: { Loading @@ -113,41 +112,36 @@ in { services.knot.enable = true; services.knot.keyFiles = [ tsigFile ]; services.knot.extraArgs = [ "-v" ]; services.knot.extraConfig = '' server: listen: 0.0.0.0@53 listen: ::@53 automatic-acl: true remote: - id: primary address: 192.168.0.1@53 key: xfr_key template: - id: default master: primary services.knot.settings = { server = { listen = [ "0.0.0.0@53" "::@53" ]; automatic-acl = true; }; remote.primary = { address = "192.168.0.1@53"; key = "xfr_key"; }; template.default = { master = "primary"; # zonefileless setup # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 zonefile-sync: -1 zonefile-load: none journal-content: all # move databases below the state directory, because they need to be writable journal-db: /var/lib/knot/journal kasp-db: /var/lib/knot/kasp timer-db: /var/lib/knot/timer zone: - domain: example.com file: example.com.zone - domain: sub.example.com file: sub.example.com.zone log: - target: syslog any: info ''; zonefile-sync = "-1"; zonefile-load = "none"; journal-content = "all"; }; zone = { "example.com".file = "example.com.zone"; "sub.example.com".file = "sub.example.com.zone"; }; log.syslog.any = "info"; }; }; client = { lib, nodes, ... }: { imports = [ common ]; Loading Loading
nixos/tests/knot.nix +67 −73 Original line number Diff line number Diff line Loading @@ -60,44 +60,43 @@ in { services.knot.enable = true; services.knot.extraArgs = [ "-v" ]; services.knot.keyFiles = [ tsigFile ]; services.knot.extraConfig = '' server: listen: 0.0.0.0@53 listen: ::@53 automatic-acl: true remote: - id: secondary address: 192.168.0.2@53 key: xfr_key template: - id: default storage: ${knotZonesEnv} notify: [secondary] dnssec-signing: on services.knot.settings = { server = { listen = [ "0.0.0.0@53" "::@53" ]; automatic-acl = true; }; acl.secondary_acl = { address = "192.168.0.2"; key = "xfr_key"; action = "transfer"; }; remote.secondary.address = "192.168.0.2@53"; template.default = { storage = knotZonesEnv; notify = [ "secondary" ]; acl = [ "secondary_acl" ]; dnssec-signing = true; # Input-only zone files # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 # prevents modification of the zonefiles, since the zonefiles are immutable zonefile-sync: -1 zonefile-load: difference journal-content: changes # move databases below the state directory, because they need to be writable journal-db: /var/lib/knot/journal kasp-db: /var/lib/knot/kasp timer-db: /var/lib/knot/timer zone: - domain: example.com file: example.com.zone - domain: sub.example.com file: sub.example.com.zone log: - target: syslog any: info ''; zonefile-sync = -1; zonefile-load = "difference"; journal-content = "changes"; }; zone = { "example.com".file = "example.com.zone"; "sub.example.com".file = "sub.example.com.zone"; }; log.syslog.any = "info"; }; }; secondary = { lib, ... }: { Loading @@ -113,41 +112,36 @@ in { services.knot.enable = true; services.knot.keyFiles = [ tsigFile ]; services.knot.extraArgs = [ "-v" ]; services.knot.extraConfig = '' server: listen: 0.0.0.0@53 listen: ::@53 automatic-acl: true remote: - id: primary address: 192.168.0.1@53 key: xfr_key template: - id: default master: primary services.knot.settings = { server = { listen = [ "0.0.0.0@53" "::@53" ]; automatic-acl = true; }; remote.primary = { address = "192.168.0.1@53"; key = "xfr_key"; }; template.default = { master = "primary"; # zonefileless setup # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 zonefile-sync: -1 zonefile-load: none journal-content: all # move databases below the state directory, because they need to be writable journal-db: /var/lib/knot/journal kasp-db: /var/lib/knot/kasp timer-db: /var/lib/knot/timer zone: - domain: example.com file: example.com.zone - domain: sub.example.com file: sub.example.com.zone log: - target: syslog any: info ''; zonefile-sync = "-1"; zonefile-load = "none"; journal-content = "all"; }; zone = { "example.com".file = "example.com.zone"; "sub.example.com".file = "sub.example.com.zone"; }; log.syslog.any = "info"; }; }; client = { lib, nodes, ... }: { imports = [ common ]; Loading
