daniel/ansible-bind9-role
1
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Releases Wiki Activity

docs: update CONFIGURATION_GRAMMAR.md for forwarders port/tls support

Browse Source 
- Add tls parameter to forwarders grammar in options section
- Add tls parameter to forwarders grammar in zone section
- Update options and zone examples to demonstrate tls usage
- Rename 'Address with Port/DSCP' section to 'Address with Port/TLS'
- Update all data type examples to show port/tls patterns instead of port/dscp
- Document global and per-address port/tls configuration options
This commit is contained in:
Daniel Akulenok
2026-01-28 23:03:19 +01:00
parent 3d2919721b
commit e8f84fce0b
1 changed files with 16 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
CONFIGURATION_GRAMMAR.md
View File

@@ -458,6 +458,7 @@ options:
- <address> - <address>
- address: <address> - address: <address>
port: <port> port: <port>
tls: <tls_name>
# DNSSEC # DNSSEC
dnssec_enable: <bool> # DEPRECATED in 9.15+ dnssec_enable: <bool> # DEPRECATED in 9.15+
@@ -593,7 +594,8 @@ options:
forwarders: forwarders:
- 1.1.1.1 - 1.1.1.1
- 8.8.8.8 - address: 8.8.8.8
tls: dot-tls
dnssec_validation: auto dnssec_validation: auto
@@ -917,6 +919,7 @@ zones:
- <address> - <address>
- address: <address> - address: <address>
port: <port> port: <port>
tls: <tls_name>
# DNSSEC # DNSSEC
dnssec_policy: <policy_name> # DNSSEC policy to use dnssec_policy: <policy_name> # DNSSEC policy to use
@@ -1017,7 +1020,8 @@ zones:
forward: only forward: only
forwarders: forwarders:
- 10.0.0.1 - 10.0.0.1
- 10.0.0.2 - address: 10.0.0.2
tls: internal-tls
``` ```
--- ---
@@ -1079,9 +1083,9 @@ addresses:
- 10.0.0.0/8 - 10.0.0.0/8
``` ```
### Address with Port/DSCP ### Address with Port/TLS
For options accepting `address [port X] [dscp Y]`: For options accepting `address [port X] [tls Y]` (e.g., `forwarders`):
```yaml ```yaml
# Simple list # Simple list
@@ -1089,27 +1093,28 @@ forwarders:
- 1.1.1.1 - 1.1.1.1
- 8.8.8.8 - 8.8.8.8
# With source port/dscp # With global port/tls
forwarders: forwarders:
port: 5353 port: 853
dscp: 46 tls: dot-tls
addresses: addresses:
- 1.1.1.1 - 1.1.1.1
- 8.8.8.8 - 8.8.8.8
# Per-address port/dscp # Per-address port/tls
forwarders: forwarders:
- address: 1.1.1.1 - address: 1.1.1.1
port: 53 port: 53
- address: 8.8.8.8 - address: 8.8.8.8
port: 5353 port: 853
dscp: 46 tls: cloudflare-tls
# Mixed format # Mixed format
forwarders: forwarders:
- 1.1.1.1 - 1.1.1.1
- address: 8.8.8.8 - address: 8.8.8.8
port: 5353 port: 853
tls: dot-tls
``` ```
### Address with Key/TLS ### Address with Key/TLS