-
Notifications
You must be signed in to change notification settings - Fork 4
/
config.ini
127 lines (109 loc) · 4.23 KB
/
config.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
; Enable postgres & pdns api config changes
; AUTOCONFIG_ENABLED=yes
; DNS UI config file
[web]
enabled = 1
; Do not include a trailing / in the baseurl
baseurl = https://dns.example.com
logo = /logo-header-opera.png
; footer may contain HTML. Literal & " < and > should be escaped as & " < $gt;
footer = 'Developed by <a href="https://www.opera.com/">Opera Software</a>.'
; Enable this option if you want system and zone admins to be forced to request changes just like the operators.
;force_change_review = 1
; Enable this option if you want all users to be forced to enter a comment for every change made.
;force_change_comment = 1
[email]
enabled = 0
; The mail address that outgoing mails will be sent from
from_address = dns@example.com
from_name = "DNS management system"
; Where to mail problem notifications to
report_address = admin@example.com
report_name = "Domain administrator"
; You can use the reroute directive to redirect all outgoing mail to a single
; mail address - typically for temporary testing purposes
;reroute = example@example.com
[database]
; Connection details to the Postgres database
dsn = "pgsql:host=__POSTGRES_HOST__;port=__POSTGRES_PORT__;dbname=__POSTGRES_DB__"
username = "__POSTGRES_USER__"
password = "__POSTGRES_PASSWORD__"
[authentication]
; compare the user ID's case? (on by default)
user_case_sensitive = 1
[php_auth]
enabled = 1
admin_group = "systems"
[ldap]
enabled = 0
; Address to connect to LDAP server
host = ldaps://ldap.example.com:636
; Use StartTLS for connection security (recommended if using ldap:// instead of ldaps:// above)
starttls = 0
; LDAP subtree containing USER entries
dn_user = "ou=users,dc=example,dc=com"
; LDAP subtree containing GROUP entries
dn_group = "ou=groups,dc=example,dc=com"
; Set to 1 if the LDAP library should process referrals. In most cases this
; is not needed, and for AD servers it can cause errors when querying the
; whole tree.
follow_referrals = 0
; Leave bind_dn empty if binding is not required
bind_dn =
bind_password =
; User attributes
user_id = uid
user_name = cn
user_email = mail
; If inactive users exist in your LDAP directory, filter with the following settings:
; Field to filter on:
;user_active = organizationalstatus
; Use *one* of user_active_true or user_active_false
; user_active_true means user is active if the user_active field equals its value
;user_active_true = 'current'
; user_active_false means user is active if the user_active field does not equal its value
;user_active_false = 'former'
; Group membership attributes. Examples below are for typical setups:
;
; POSIX groups
; group_member = memberUid
; group_member_value = uid
;
; Group-of-names groups
; group_member = member
; group_member_value = dn
;
; Attribute of group where members are stored
group_member = memberUid
; User attribute to compare with
group_member_value = uid
; Members of admin_group are given full access to DNS UI web interface
admin_group_cn = administrators
[powerdns]
api_url = "http://__PDNS_API_HOST__:__PDNS_API_PORT__/api/v1/servers/localhost"
api_key = "__PDNS_API_KEY__"
; Earlier version of DNS UI use INCEPTION-INCREMENT as the default for soa_edit_api but this has
; been dropped in PowerDNS 4.2; DEFAULT should be used instead, but one can set a different value
; for backwards compatibility with earlier PowerDNS versions.
soa_edit_api = DEFAULT
[dns]
; Enable DNSSEC UI (requires PowerDNS 4.1)
dnssec = 1
; Allow enabling/disabling DNSSEC through the UI
dnssec_edit = 1
; If enabled (the default), matching PTR records will be automatically created
; when new A or AAAA records are added.
autocreate_reverse_records = 1
; Space-separated lists
local_zone_suffixes = "localdomain"
local_ipv4_ranges = "10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 127.0.0.0/8"
local_ipv6_ranges = "fd00::/8 ::1/128"
; if non-empty, only allow entering these (comma seperated) values in the Classification column
; Note that this is purely a front-end restriction, designed to avoid accidental errors.
;classification_whitelist = "internal,public"
[git_tracked_export]
; If enabled, will export zones as bind9 zone format to the specified path and
; will git add / git commit on behalf of the active user.
; path must be a git repository writable by the webserver user.
enabled = 0
path = /tmp/dns-export