Change default cds-cdnskey-publish to always

This commit is contained in:
s3lph 2022-06-14 21:17:14 +02:00
parent e4e9e21e8c
commit ce27010642
2 changed files with 3 additions and 2 deletions

View file

@ -7,7 +7,7 @@ namespace: s3lph
name: nameserver name: nameserver
# The version of the collection. Must be compatible with semantic versioning # The version of the collection. Must be compatible with semantic versioning
version: "0.3.3" version: "0.3.4"
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md readme: README.md

View file

@ -30,7 +30,8 @@ knot_dnssec_policy_ksk_size: 256
knot_dnssec_policy_zsk_size: 256 knot_dnssec_policy_zsk_size: 256
knot_dnssec_policy_zsk_lifetime: 30d knot_dnssec_policy_zsk_lifetime: 30d
knot_dnssec_policy_ksk_lifetime: 0 knot_dnssec_policy_ksk_lifetime: 0
knot_dnssec_policy_cds_publish: 'double-ds' # double-ds breaks algorithm rollovers: https://gitlab.nic.cz/knot/knot-dns/-/issues/804
knot_dnssec_policy_cds_publish: 'always'
knot_dnssec_policy_propagation_delay: 1h knot_dnssec_policy_propagation_delay: 1h
knot_dnssec_submission_check_interval: 1h knot_dnssec_submission_check_interval: 1h