Ryan Malloy
3dd99fa81a
Brings up a parallel CoreDNS instance on ports 11053/19153 with a single test.example.com zone. Useful for verifying the custom image builds and the rfc2136 plugin accepts/applies UPDATEs end-to-end before touching production zones. Already validated the msgAcceptFunc override fix end-to-end via nsupdate, with the auto plugin re-serving the new record within 5s. Note: zones/test.example.com.zone gets rewritten by the plugin during testing. If perms get hosed (docker writes as root), run sudo chown -R rpm:rpm test/zones/ to reclaim.
31 lines
1.0 KiB
Plaintext
31 lines
1.0 KiB
Plaintext
# Test stack Corefile -- isolated from the production Corefile by virtue
|
|
# of running in a separate docker-compose project on different ports.
|
|
#
|
|
# Plugin chain semantics:
|
|
# - auto loads test.example.com.zone from /zones; reload every 5s
|
|
# so we see UPDATE-induced changes promptly during smoke tests
|
|
# - rfc2136 intercepts UPDATE opcode; passes all queries through to auto
|
|
#
|
|
# Plugin.cfg order (set in coredns/Dockerfile) puts rfc2136 BEFORE auto AND
|
|
# BEFORE cache, so UPDATE messages reach our handler before anything else.
|
|
|
|
. {
|
|
auto {
|
|
directory /zones (.*)\.zone {1}
|
|
reload 5s
|
|
}
|
|
|
|
rfc2136 test.example.com {
|
|
zones-dir /zones
|
|
tsig-key acme-update-key. hmac-sha256 {$ACME_TSIG_SECRET}
|
|
ttl 60
|
|
# Auto-commit OFF in test: there's no git repo at /zones inside
|
|
# the container, and we don't want spurious commits during smoke
|
|
# tests. End-to-end auto-commit testing happens on dell01.
|
|
auto-commit false
|
|
}
|
|
|
|
log
|
|
errors
|
|
}
|