cznic-resolver-knot.yang 3.17 KB
Newer Older
mrazekales's avatar
mrazekales committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119
module cznic-resolver-knot {

  yang-version "1.1";

  namespace "https://www.nic.cz/ns/yang/resolver-knot";

  prefix "kres";

  import ietf-inet-types {
    prefix "inet";
  }

  import cznic-resolver-common {
    prefix "drc";
  }

  organization
    "CZ.NIC, z. s. p. o.";

  contact
    "Editor:   Ladislav Lhotka
               <mailto:lhotka@nic.cz>";

  description
    "This YANG module augment common resolver data with parts
     specific to Knot Resolver.";

  revision 2018-07-27 {
    description
      "Initial revision.";
  }

  /* Data definitions */

  augment "/drc:dns-resolver/drc:resolver/drc:hints" {
    description
      "Knot Resolver module: hints";
    list hint {
      key "name";
      description
        "Each entry defines a static hint.

         Forward queries for A/AAAA records corresponding to 'name'
         (the list key) shall be answered with all IPv4/IPv6
         addresses from the 'values' leaf-list.

         The PTR record linking all addresses from 'values' to 'name'
         in the reverse zone.

         If multiple entries with the same address in 'values' exist,
         the one having the 'canonical' flag set to true is used for
         the PTR record in the reverse zone. If no such entry exists,
         the name for the PTR record is chosen randomly.";
      uses drc:static-hint;
      leaf canonical {
        type boolean;
        must ". = 'false' or "
           + "not(../preceding-sibling::hint[canonical = 'true' and "
           + "values = current()/../values])" {
          error-message
            "Duplicate canonical name for the same IP address.";
        }
        default "false";
        description
          "Only one key can be designated as the canonical name for
           any given IP address.";
      }
    }
    leaf hosts-file {
      type drc:fs-path;
      description
        "Static hints will be added from the file with this path. The
         file has to be in the format of Unix /etc/hosts file.";
    }
  }

  augment "/drc:dns-resolver/drc:cache" {
    description
      "Knot Resolver module: prefill";
    list prefill {
      key "origin";
      description
        "Prefill the cache periodically by importing zone data
         obtained over HTTP.";
      leaf origin {
        type inet:domain-name;
        must ". = '.'" {
          error-message "Cache prefilling is not yet supported for "
                      + "non-root zones.";
          description
            "Cache prefilling is only supported for the root zone.";
        }
        description
          "Origin for the imported data.";
      }
      leaf url {
        type inet:uri;
        mandatory "true";
        description
          "URL of the zone file to be imported.";
      }
      leaf ca-file {
        type drc:fs-path;
        mandatory "true";
        description
          "Path to the file containing a CA certificate bundle that
           is used to authenticate the HTTPS connection.";
      }
      leaf refresh-interval {
        type uint32;
        units "seconds";
        default "86400";
        description
          "Time interval between consecutive refreshes of the
           imported zone data.";
      }
    }
  }
}