cznic-resolver-knot.yang 3.17 KB
Newer Older
mrazekales's avatar
mrazekales committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
module cznic-resolver-knot {

  yang-version "1.1";

  namespace "https://www.nic.cz/ns/yang/resolver-knot";

  prefix "kres";

  import ietf-inet-types {
    prefix "inet";
  }

  import cznic-resolver-common {
    prefix "drc";
  }

  organization
    "CZ.NIC, z. s. p. o.";

  contact
    "Editor:   Ladislav Lhotka
               <mailto:lhotka@nic.cz>";

  description
25
    "This YANG module augments common resolver data with parts
mrazekales's avatar
mrazekales committed
26 27
     specific to Knot Resolver.";

28
  revision 2018-10-26 {
mrazekales's avatar
mrazekales committed
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119
    description
      "Initial revision.";
  }

  /* Data definitions */

  augment "/drc:dns-resolver/drc:resolver/drc:hints" {
    description
      "Knot Resolver module: hints";
    list hint {
      key "name";
      description
        "Each entry defines a static hint.

         Forward queries for A/AAAA records corresponding to 'name'
         (the list key) shall be answered with all IPv4/IPv6
         addresses from the 'values' leaf-list.

         The PTR record linking all addresses from 'values' to 'name'
         in the reverse zone.

         If multiple entries with the same address in 'values' exist,
         the one having the 'canonical' flag set to true is used for
         the PTR record in the reverse zone. If no such entry exists,
         the name for the PTR record is chosen randomly.";
      uses drc:static-hint;
      leaf canonical {
        type boolean;
        must ". = 'false' or "
           + "not(../preceding-sibling::hint[canonical = 'true' and "
           + "values = current()/../values])" {
          error-message
            "Duplicate canonical name for the same IP address.";
        }
        default "false";
        description
          "Only one key can be designated as the canonical name for
           any given IP address.";
      }
    }
    leaf hosts-file {
      type drc:fs-path;
      description
        "Static hints will be added from the file with this path. The
         file has to be in the format of Unix /etc/hosts file.";
    }
  }

  augment "/drc:dns-resolver/drc:cache" {
    description
      "Knot Resolver module: prefill";
    list prefill {
      key "origin";
      description
        "Prefill the cache periodically by importing zone data
         obtained over HTTP.";
      leaf origin {
        type inet:domain-name;
        must ". = '.'" {
          error-message "Cache prefilling is not yet supported for "
                      + "non-root zones.";
          description
            "Cache prefilling is only supported for the root zone.";
        }
        description
          "Origin for the imported data.";
      }
      leaf url {
        type inet:uri;
        mandatory "true";
        description
          "URL of the zone file to be imported.";
      }
      leaf ca-file {
        type drc:fs-path;
        mandatory "true";
        description
          "Path to the file containing a CA certificate bundle that
           is used to authenticate the HTTPS connection.";
      }
      leaf refresh-interval {
        type uint32;
        units "seconds";
        default "86400";
        description
          "Time interval between consecutive refreshes of the
           imported zone data.";
      }
    }
  }
}