blob: 4d95521531b738f517fa8b6bc7d1aeec9b5a188e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
modules = {
'policy',
'hints > iterate',
}
verbose({{ 'true' if kresd.verbose else 'false' }})
{% if kresd.ip %}
net.listen('{{ kresd.ip }}', {{ kresd.port }})
net.listen('{{ kresd.ip }}', {{ kresd.tls_port }}, {tls = true})
{% endif %}
{% if kresd.ip6 %}
net.listen('{{ kresd.ip6 }}', {{ kresd.port }})
net.listen('{{ kresd.ip6 }}', {{ kresd.tls_port }}, {tls = true})
{% endif %}
net.ipv4=true
net.ipv6=true
{% if kresd.tls_key_path and kresd.tls_cert_path %}
net.tls("{{ kresd.tls_cert_path }}", "{{ kresd.tls_key_path }}")
{% endif %}
{% for name, ip in kresd.hints.items() %}
hints['{{ name }}'] = '{{ ip }}'
{% endfor %}
policy.add(policy.all(policy.QTRACE))
{% if kresd.forward %}
policy.add(policy.all(
{% if kresd.forward.proto == 'tls' %}
policy.TLS_FORWARD({
{"{{ kresd.forward.ip }}@{{ kresd.forward.port }}", hostname='{{ kresd.forward.hostname}}', ca_file='{{ kresd.forward.ca_file }}'}})
{% endif %}
))
{% endif %}
modules.unload("ta_signal_query")
modules.unload("priming")
modules.unload("detect_time_skew")
|
