source-git / dnssec-trigger

Clone
Source Code
GIT

Files

c8 master
  1.   c8
  2.   example.conf.in
Blob Blame History Raw 
# config for dnssec-trigger @VERSION@.
# this is a comment. there must be one statement per line.

# logging detail, 0=only errors, 1=operations, 2=detail, 3,4 debug detail.
# verbosity: 1

# pidfile location
# pidfile: "@pidfile@"

# log to a file instead of syslog, default is to syslog
# logfile: "/var/log/dnssec-trigger.log"

# log to syslog, or (log to to stderr or a logfile if specified). yes or no.
# use-syslog: yes

# chroot to this directory
# chroot: ""

# the unbound-control binary if not found in PATH.
# commandline options can be appended "unbound-control -c my.conf" if you wish.
# unbound-control: "@unbound_control_path@"

# where is resolv.conf to edit.
# resolvconf: "/etc/resolv.conf"

# the domain example.com line (if any) to add to resolv.conf(5). default none.
# domain: ""

# domain name search path to add to resolv.conf(5). default none.
# the search path from DHCP is not picked up, it could be used to misdirect.
# search: ""

# the command to run to open login pages on hot spots, a web browser.
# empty string runs no command.
# login-command: "@login_command@"

# the url to open to get hot spot login, it gets overridden by the hotspot.
# login-location: "@login_location@"

# do not perform actions (unbound-control or resolv.conf), for a dry-run.
# noaction: no

# port number to use for probe daemon.
# port: 8955

# these keys and certificates can be generated with the script
# dnssec-trigger-control-setup
# server-key-file: "@keydir@/dnssec_trigger_server.key"
# server-cert-file: "@keydir@/dnssec_trigger_server.pem"
# control-key-file: "@keydir@/dnssec_trigger_control.key"
# control-cert-file: "@keydir@/dnssec_trigger_control.pem"

# check for updates, download and ask to install them (for Windows, OSX).
# check-updates: @check_updates@

# webservers that are probed to see if internet access is possible.
# They serve a simple static page over HTTP port 80.  It probes a random url:
# after a space is the content expected on the page, (the page can contain
# whitespace before and after this code).  Without urls it skips http probes.

# provided by NLnetLabs
# It is provided on a best effort basis, with no service guarantee.
url: "http://ster.nlnetlabs.nl/hotspot.txt OK"

# provided by FedoraProject
url: "http://fedoraproject.org/static/hotspot.txt OK"

# fallback open DNSSEC resolvers that run on TCP port 80 and TCP port 443.
# These relay incoming DNS traffic on the other port numbers to the usual DNS
# the ssl443 adds an ssl server IP, you may also specify one or more hashes
# the following on one line: ssl443:<space><IP>{<space><HASHoutput>}
# hash is output of openssl x509 -sha256 -fingerprint -in server.pem
# You can add more with extra config lines.

# provided by NLnetLabs
# It is provided on a best effort basis, with no service guarantee.
tcp80: 185.49.140.67
tcp80: 2a04:b900::10:0:0:67
ssl443: 185.49.140.67 7E:CF:B4:BE:B9:9A:56:0D:F7:3B:40:51:A4:78:E6:A6:FD:66:0F:10:58:DC:A8:2E:C0:43:D4:77:5A:71:8A:CF
ssl443: 2a04:b900::10:0:0:67 7E:CF:B4:BE:B9:9A:56:0D:F7:3B:40:51:A4:78:E6:A6:FD:66:0F:10:58:DC:A8:2E:C0:43:D4:77:5A:71:8A:CF

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation