The Nest
Explore
0
a cosier place on the webs 
## listen_addrs: address on which to listen for incoming connections
##  this can be a list of ipv4 or ipv6 addresses
listen_addrs_ipv4 = ["0.0.0.0"]
listen_addrs_ipv6 = ["::0"]

## listen_port: port on which to list, default 53
listen_port = 53

## tcp_request_timeout: TCP request timeout in seconds. Allows TCP connections
##  to timeout if there are no requests from a client in the specified amount of
##  time. This is not a socket level timeout, so trickles of data will not count,
##  a full request must be received for it to not count against the timeout.
##  Specifying a timeout of 0 will disable it.
# tcp_request_timeout = 5

## DNS over TLS certificate information.
# tls_cert = { path = "path/to/some.pkcs12", password = "if_encrypted" }

## port on which to listen, default 853 (should not be 53)
# tls_listen_port = 853

## directory: path on the host filesystem to where zone files are stored.
# directory = "/var/named"

## Default zones, these should be present on all nameservers, except in rare
##  configuration cases
[[zones]]
zone = "localhost"
zone_type = "Primary"
file = "default/localhost.zone"

[[zones]]
zone = "0.0.127.in-addr.arpa"
zone_type = "Primary"
file = "default/127.0.0.1.zone"

[[zones]]
zone = "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
zone_type = "Primary"
file = "default/ipv6_1.zone"

[[zones]]
zone = "255.in-addr.arpa"
zone_type = "Primary"
file = "default/255.zone"

[[zones]]
zone = "0.in-addr.arpa"
zone_type = "Primary"
file = "default/0.zone"

[[zones]]
## zone: this is the ORIGIN of the zone, aka the base name, '.' is implied on the end
zone = "lunar.town"

## zone_type: Primary, Secondary, Hint, Forward
zone_type = "Primary"

## file: this is relative to the directory above
file = "lunar.town.zone"

## if false, updates will not be allowed, default false
# allow_update = false

## if false, AXFRs requests will result in Refused responses
# allow_axfr = false

## if true, looks to see if a chained pem file exists at $file.pem (see
## supported_algorithms below).
## these keys will also be registered as authorities for update,
## meaning that SIG(0) updates can be established by initially using these
## keys. the zone will be signed with all specified keys, it may be desirable
## to limit this set for performance reasons.
# enable_dnssec = false

## set of DNSSEC algorithms to use to sign the zone. enable_dnssec must be true.
## these will be lookedup by $file.{key_name}.pem, for backward compatibility
## with previous versions of Trust-DNS, if enable_dnssec is enabled but
## supported_algorithms is not specified, it will default to "RSASHA256" and
## look for the $file.pem for the key. To control key length, or other options
## keys of the specified formats can be generated in PEM format. Instructions
## for custom keys can be found elsewhere.
##
## supported extensions are 'der', 'pem'. ED25519 keys are only supported
## with 'pk8'.
##
## the currently supported set of supported_algorithms are
## ["RSASHA256", "RSASHA512", "ECDSAP256SHA256", "ECDSAP384SHA384", "ED25519"]
##
## keys are listed in pairs of key_name and algorithm, the search path is the
## same directory has the zone $file (this section would be relative to the
## example.com zone):
# [[zones.keys]]
## relative to the zone $file
# key_path = "my_rsa_2048.pem"
## the password used to encrypt/decrypt the file (must be PEM), blank for none
# password = ""
## specify the algorithm
# algorithm = "RSASHA256"
## this key should be used to sign the zone
# is_zone_signing_key = true
## this key is authorized for dynamic update access to the zone via SIG0
# is_zone_update_auth = true
#
# [[zones.keys]]
# key_path = "/path/to/my_ed25519.pk8"
# algorithm = "ED25519"
## for keys that are not zone signing, the pem need only include the pubic_key
# is_zone_signing_key = false
# is_zone_update_auth = true