modules = {
    'policy',
    'hints > iterate',
}

verbose({{ 'true' if kresd.verbose else 'false' }})

{% if kresd.ip %}
net.listen('{{ kresd.ip }}', {{ kresd.port }})
net.listen('{{ kresd.ip }}', {{ kresd.tls_port }}, {tls = true})
{% endif %}

{% if kresd.ip6 %}
net.listen('{{ kresd.ip6 }}', {{ kresd.port }})
net.listen('{{ kresd.ip6 }}', {{ kresd.tls_port }}, {tls = true})
{% endif %}

net.ipv4=true
net.ipv6=true

{% if kresd.tls_key_path and kresd.tls_cert_path %}
net.tls("{{ kresd.tls_cert_path }}", "{{ kresd.tls_key_path }}")
{% endif %}

{% for name, ip in kresd.hints.items() %}
hints['{{ name }}'] = '{{ ip }}'
{% endfor %}

policy.add(policy.all(policy.QTRACE))

{% if kresd.forward %}
policy.add(policy.all(
    {% if kresd.forward.proto == 'tls' %}
    policy.TLS_FORWARD({
        {"{{ kresd.forward.ip }}@{{ kresd.forward.port }}", hostname='{{ kresd.forward.hostname}}', ca_file='{{ kresd.forward.ca_file }}'}})
    {% endif %}
))
{% endif %}

modules.unload("ta_signal_query")
modules.unload("priming")
modules.unload("detect_time_skew")