-
-
Save blufor/2d231d6d6b614d42f2db03ba46bb1d70 to your computer and use it in GitHub Desktop.
Knot Resolver config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
dev1.prg-krl.atc: 10.254.128.1@8600 | |
dev2.prg-krl.atc: 10.254.129.1@8600 | |
dev3.prg-krl.atc: 10.254.130.1@8600 | |
dev4.prg-krl.atc: 10.254.131.1@8600 | |
dev5.prg-krl.atc: 10.254.132.1@8600 | |
dev6.prg-krl.atc: 10.254.133.1@8600 | |
dev7.prg-krl.atc: 10.254.134.1@8600 | |
dev8.prg-krl.atc: 10.254.135.1@8600 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function load_yaml(file) | |
local yaml = require('lyaml') | |
local io = require('io') | |
local fd = io.open(file) | |
local str = fd:read("*a") | |
fd:close() | |
return yaml.load(str) | |
end | |
static = load_yaml("/etc/knot-resolver/nameservers.yaml") | |
consul = load_yaml("/etc/knot-resolver/consul.yaml") | |
net.ipv6 = false | |
net.listen('127.0.0.1', '53') | |
net.listen('169.254.69.69', '53') | |
net.listen('10.254.6.2', '53') | |
user('knot-resolver', 'knot-resolver') | |
-- trust_anchors.file = 'root.keys' | |
cache.storage = 'lmdb:///var/cache/knot-resolver' | |
cache.size = 1 * GB | |
modules = { | |
'policy', -- Block queries to local zones/bad sites | |
'hints', -- Load /etc/hosts and allow custom root hints | |
'stats', -- Track internal statistics | |
} | |
for env, srv in pairs(consul) do | |
for _, subzone in ipairs({'service', 'node', 'query', 'lb'}) do | |
print(string.format('Adding zone %s.%s forward to %s', subzone, env, srv)) | |
policy.add(policy.suffix(policy.STUB(srv), {todname(string.format('%s.%s', subzone, env))})) | |
end | |
end | |
for _, bundle in ipairs(static) do | |
for _, zone in ipairs(bundle['zones']) do | |
print(string.format('Adding zone %s forward to %s', zone, bundle['servers'])) | |
policy.add(policy.suffix(policy.STUB(bundle['servers']), {todname(zone)})) | |
end | |
end | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- servers: | |
- 10.254.4.2@5353 | |
- 10.254.6.2@5353 | |
zones: | |
- 10.in-addr.arpa | |
# - aws-cac1.atc | |
# - aws-euc1.atc | |
# - aws-euw1.atc | |
# - aws-euw2.atc | |
# - aws-use1.atc | |
# - aws-usw2.atc | |
# - prg-krl.atc | |
- atc | |
- servers: | |
- 172.16.56.250 | |
zones: | |
- 16.172.in-addr.arpa | |
- ataccama.com | |
- adastragrp.com | |
- adastracorp.net | |
- adastracorpnet.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment