On 06/09/2019 10.07, Jacob Bunk Nielsen wrote:
I want to log a sample of our DNS queries to dnsdist. We run dnsdist
1.3.3 under systemd.
I have tried:
addAction(ProbaRule(0.01), LogAction())
I would expect this to log ~1/100 of our queries. But there's
obviously a bug in the docs for dnsdist
> On Sep 15, 2019, at 1:40 AM, Stephane Bortzmeyer wrote:
>
> DNS challenges? I don't really want to switch my zones to a dynamic
> setup.
For places where adding or changing http was cumbersome or impossible, I setup
a single dynamic zone just for the acme process.
From the “real” zone you
>certbot renew --standalone --deploy-hook
>/usr/local/sbin/restart-dnsdist
There is no need to restart dnsdist.
/usr/sbin/dnsdist -e 'reloadAllCertificates()'
is sufficient
Winfried
___
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mail
On Sun, Sep 15, 2019 at 12:20:46PM +0200,
Andrew Nimmo wrote
a message of 72 lines which said:
> The acme.sh script has a standalone mode, if you have port 80 open:
Thanks, I forgot about that (and, indeed, port 80 was available).
So I did:
certbot certonly --standalone --domain doh.bortzme
> On 15 Sep 2019, at 10:40, Stephane Bortzmeyer wrote:
>
> [I believe I've checked the available documentation, and found
> nothing. Sorry, if I missed it.]
>
> My dnsdist setup (DoT and DoH) uses a CAcert certificate and it works
> fine. Now, I would like to move to Let's Encrypt but I do not
[I believe I've checked the available documentation, and found
nothing. Sorry, if I missed it.]
My dnsdist setup (DoT and DoH) uses a CAcert certificate and it works
fine. Now, I would like to move to Let's Encrypt but I do not see how
to make it work from dnsdist.
HTTP challenges? I don't think
