### ncdns will look for its configuration file in the following directories. ### The first configuration file found is used and all others are ignored. ### ### /etc/ncdns/ncdns.conf ) Non-Windows only ### /etc/ncdns.conf ) ### (executable path)/ncdns.conf ### (executable path)/../etc/ncdns/ncdns.conf ### (executable path)/../etc/ncdns.conf ### ### You may explicitly specify a path to the configuration file on the ### command line by passing '-conf=PATH'. [ncdns] ### This is a TOML configuration file. Values must be in quotes where shown. ### Basic Settings (Required) ### ------------------------- ### The interface to bind to. Defaults to ":53", which causes ncdns to attempt to ### bind to all interfaces on port 53. Unless you are running ncdns as root you ### will probably find that this fails. On Linux, you can run the following ### command on the ncdns binary to authorize it to bind to ports under 1024. ### ### sudo setcap 'cap_net_bind_service=+ep' ./ncdns ### ### On BSD, there are sysctls to disable the low port restrictions. ### ### IMPORTANT NOTE: For Go versions 1.5.0 and 1.5.1 (but not 1.4.x or earlier ### or 1.5.2 when released, or any later version, or HEAD) there is a bug which ### means ncdns cannot listen on privileged ports on Linux systems. This bug ### manifests as ncdns hanging once executed without ever beginning to serve ### requests. This bug will manifest whenever ncdns is executed as root or with ### a non-empty capability set, so it precludes use of setcap to bind to privileged ### ports just as it precludes the use of conventional privilege dropping. ### #bind="127.0.0.1:53" ### namecoind access (Required) ### --------------------------- ### You must configure the RPC address, username and password ## of a trusted ### (i.e. local) namecoind instance. ### The address, in "hostname:port" format, of the Namecoin JSON-RPC interface. #namecoinrpcaddress="127.0.0.1:8336" ### The username with which to connect to the Namecoin JSON-RPC interface. #namecoinrpcusername="user" ### The password with which to connect to the Namecoin JSON-RPC interface. #namecoinrpcpassword="password" ### ncdns caches values retrieved from Namecoin. This value limits the number of ### items ncdns may store in its cache. The default value is 100. #cachemaxentries=150 ### Nameserver Identity (Optional) ### ------------------------------ ### ncdns needs to be able to state the hostname and IP address at which the ### nameserver lies. If you are only using ncdns locally you can avoid configuring ### these. ### ### If SelfName is specified, ncdns lists the name specified as an NS record at ### the zone apex: ### ### bit. IN NS ns1.example.com. ### ### This requires that you be able to assign the ncdns instance a hostname. ### ### If SelfName is left blank (the default), ncdns will generate an internal ### psuedo-hostname under the zone, which will resolve to the value of SelfIP. ### ### The default value of SelfIP is the bogus IP of "127.127.127.127", which will ### work acceptably in some cases (e.g. with Unbound). #selfname="ns1.example.com." #selfip="192.0.2.1" ### DNSSEC (Optional) ### ----------------- ### The following options concern DNSSEC and are optional. ### Leaving them all blank will disable DNSSEC. ### Path to the file containing the KSK public key. #publickey="etc/Kbit.+008+12345.key" ### Path to the file containing the KSK private key. #privatekey="etc/Kbit.+008+12345.private" ### Path to the file containing the ZSK public key. #zonepublickey="etc/Kbit.+008+12345.key" ### Path to the file containing the ZSK private key. #zoneprivatekey="etc/Kbit.+008+12345.private" ### HTTP server (Optional) ### ---------------------- ### Use of the HTTP server is optional. ### Set this to enable the HTTP server. If you leave this blank, the HTTP ### server will not be enabled. #httplistenaddr=":8202" ### The template directory is usually detected automatically. If it cannot be found ### automatically, you must set the full path to it here manually. Paths will be ### interpreted relative to the configuration file. #tplpath="../tpl"