Commit c72abc43 authored by Daniel Salzman's avatar Daniel Salzman

doc: update modules without configuration

parent cd9554c2
......@@ -672,7 +672,7 @@ This option is only available in the \fIdefault\fP template.
\fIDefault:\fP \fI\%storage\fP/timers
.SS global\-module
.sp
An ordered list of references to query modules in the form
An ordered list of references to query modules in the form of \fImodule_name\fP or
\fImodule_name/module_id\fP\&. These modules apply to all queries.
.sp
\fBNOTE:\fP
......@@ -938,7 +938,7 @@ done by hand (see RFC 1982).
\fIDefault:\fP increment
.SS module
.sp
An ordered list of references to query modules in the form
An ordered list of references to query modules in the form of \fImodule_name\fP or
\fImodule_name/module_id\fP\&. These modules apply only to the current zone queries.
.sp
\fIDefault:\fP not set
......@@ -1183,58 +1183,6 @@ A module identifier.
A path to the directory where the database is stored.
.sp
\fIRequired\fP
.SH MODULE ONLINE-SIGN
.sp
The module provides online DNSSEC signing.
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
mod\-online\-sign:
\- id: STR
.ft P
.fi
.UNINDENT
.UNINDENT
.SS id
.sp
A module identifier.
.SH MODULE WHOAMI
.sp
The module synthesizes an A or AAAA record containing the query source IP address,
at the apex of the zone being served.
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
mod\-whoami:
\- id: STR
.ft P
.fi
.UNINDENT
.UNINDENT
.SS id
.sp
A module identifier.
.SH MODULE NOUDP
.sp
The module sends empty truncated response to any UDP query.
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
mod\-noudp:
\- id: STR
.ft P
.fi
.UNINDENT
.UNINDENT
.SS id
.sp
A module identifier.
.SH AUTHOR
CZ.NIC Labs <http://www.knot-dns.cz>
.SH COPYRIGHT
......
......@@ -22,11 +22,16 @@ represents a 'processing step'. Now, if a query module is loaded for a
zone, it is provided with an implicit query plan which can be extended
by the module or even changed altogether.
Each module is configured in the corresponding module section and is
identified for the subsequent usage. Then the identifier is referenced
in the form of ``module_name/module_id`` through a zone/template :ref:`zone_module`
option or through the *default* template :ref:`template_global-module` option
if it is used for all queries.
A module is active if its name, which includes the ``mod-`` prefix, is assigned
to the zone/template :ref:`zone_module` option or to the *default* template
:ref:`template_global-module` option if activating for all queries.
If the module is configurable, a corresponding module section with
an identifier must be created and then referenced in the form of
``module_name/module_id``.
.. NOTE::
Query modules are processed in the order they are specified in the
zone/template configuration.
``dnstap`` – dnstap-enabled query logging
-----------------------------------------
......@@ -343,14 +348,14 @@ How to use the online signing module:
* Enable the module in server configuration and hook it to the zone::
mod-online-sign:
- id: default
zone:
- domain: example.com
module: mod-online-sign/default
module: mod-online-sign
dnssec-signing: false
.. NOTE::
This module is not configurable.
* Make sure the zone is not signed and also that the automatic signing is
disabled. All is set, you are good to go. Reload (or start) the server:
......@@ -361,9 +366,6 @@ How to use the online signing module:
The following example stacks the online signing with reverse record synthesis
module::
mod-online-sign:
- id: default
mod-synth-record:
- id: lan-forward
type: forward
......@@ -377,8 +379,7 @@ module::
zone:
- domain: corp.example.net
module: mod-synth-record/lan-forward
module: mod-online-sign/default
module: [mod-synth-record/lan-forward, mod-online-sign]
Known issues:
......@@ -424,18 +425,18 @@ nameservers that only have IPv6 addresses.
To enable this module, you need to add something like the following to
the Knot DNS configuration file::
mod-whoami:
- id: default
zone:
- domain: whoami.domain.example
file: "/path/to/whoami.domain.example"
module: [mod-whoami/default]
module: mod-whoami
zone:
- domain: whoami6.domain.example
file: "/path/to/whoami6.domain.example"
module: [mod-whoami/default]
module: mod-whoami
.. NOTE::
This module is not configurable.
The whoami.domain.example zone file example:
......@@ -503,15 +504,14 @@ AAAA-only glue records.
The module sends empty truncated response to any UDP query. This is similar
to a slipped answer in :ref:`response rate limiting<server_rate-limit>`.
TCP queries are not affected.
To enable this module globally, you need to add something like the following
to the configuration file::
mod-noudp:
- id: default
template:
- id: default
global-module: mod-noudp/default
global-module: mod-noudp
The TCP queries are not affected.
.. NOTE::
This module is not configurable.
......@@ -814,7 +814,7 @@ as a relative path to the *default* template :ref:`storage<zone_storage>`.
global-module
-------------
An ordered list of references to query modules in the form
An ordered list of references to query modules in the form of *module_name* or
*module_name/module_id*. These modules apply to all queries.
.. NOTE::
......@@ -1113,7 +1113,7 @@ Possible values:
module
------
An ordered list of references to query modules in the form
An ordered list of references to query modules in the form of *module_name* or
*module_name/module_id*. These modules apply only to the current zone queries.
*Default:* not set
......@@ -1418,61 +1418,3 @@ dbdir
A path to the directory where the database is stored.
*Required*
.. _mod-online-sign:
Module online-sign
==================
The module provides online DNSSEC signing.
::
mod-online-sign:
- id: STR
.. _mod-online-sign_id:
id
--
A module identifier.
.. _mod-whoami:
Module whoami
=============
The module synthesizes an A or AAAA record containing the query source IP address,
at the apex of the zone being served.
::
mod-whoami:
- id: STR
.. _mod-whoami_id:
id
--
A module identifier.
.. _mod-noudp:
Module noudp
============
The module sends empty truncated response to any UDP query.
::
mod-noudp:
- id: STR
.. _mod-noudp_id:
id
--
A module identifier.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment