diff --git a/doc/installation.xml b/doc/installation.xml
index 57eb0e09e43ddc012fa584eeb5923e0f349b543e..092deed61e10eda75c730dc38e70cdec90dae5c7 100644
--- a/doc/installation.xml
+++ b/doc/installation.xml
@@ -11,9 +11,9 @@
<para>
Knot DNS requires few libraries to be compiled:
<itemizedlist>
- <listitem><tt>OpenSSL</tt></listitem>
- <listitem><tt>zlib</tt></listitem>
- <listitem><tt>Userspace RCU</tt></listitem>
+ <listitem>OpenSSL</listitem>
+ <listitem>zlib</listitem>
+ <listitem>Userspace RCU</listitem>
</itemizedlist>
</para>
<para>
@@ -39,7 +39,10 @@
library and liburcu-dev for development files.
</para>
<para>
- Minimum supported version of Userspace RCU library is [TODO].
+ Minimum supported version of Userspace RCU library is 0.4.0,
+ but we recommend using latest available version. It is
+ especially on non-Linux systems as we got some compatibility
+ patches accepted in later releases of Userspace RCU.
</para>
</section>
</section>
@@ -55,20 +58,28 @@
<para>
For all available options run:
- <tt>./configure --help</tt>
+ <programlisting>
+ ./configure --help
+ </programlisting>
</para>
</section>
<section>
<title>Compilation</title>
<para>
- After running <tt>./configure</tt> you can compile Knot DNS by
- running <tt>make</tt> command, which will produce binaries and
+ After running ./configure you can compile Knot DNS by
+ running make command, which will produce binaries and
other related files.
+ <programlisting>
+ make
+ </programlisting>
</para>
<para>
- Knot DNS build process is safe to paralelize using <tt>make -j
- N</tt>, where N is number of concurrent processes. Using this
+ Knot DNS build process is safe to paralelize using "make -j
+ N", where N is number of concurrent processes. Using this
option can increase speed of the compilation.
+ <programlisting>
+ make -j N
+ </programlisting>
</para>
</section>
<section>
@@ -77,10 +88,13 @@
When you have finished building the Knot DNS, it's time to
install the binaries and configuration files into the
operation system hierarchy. You can do so by
- executing <tt>make install</tt> command. When installing as a
+ executing "make install" command. When installing as a
non-root user you might have to gain elevated privileges by
- switching to root user, e.g. <tt>sudo make install</tt>
- or <tt>su -c 'make install'</tt>.
+ switching to root user, e.g. "sudo make install"
+ or "su -c 'make install'".
+ <programlisting>
+ make install
+ </programlisting>
</para>
</section>
</section>
diff --git a/doc/reference.xml b/doc/reference.xml
index fddd5552ee98162f85d06e56af699d4efcc2323a..cce56eb799227770c3ed01a843c8c550b402382b 100644
--- a/doc/reference.xml
+++ b/doc/reference.xml
@@ -1,6 +1,197 @@
<chapter>
<title>Knot DNS Configuration Reference</title>
<para>
- [TODO]
+ This reference describe every configuration option in Knot DNS.
</para>
+ <section xml:id="section">
+ <title>system</title>
+ <para>
+ The <emphasis>system</emphasis> statement contains general
+ options related to the operating system and other general
+ options which don't fit anywhere else.
+ </para>
+ <section>
+ <title>Options</title>
+ <para>
+ Contains zero or more:
+ <itemizedlist>
+ <listitem><link xml:id="identity">identity</link> "<emphasis>identity</emphasis>";</listitem>
+ <listitem><link xml:id="version">version</link> "<emphasis>version</emphasis>";</listitem>
+ <listitem><link xml:id="nsid">nsid</link> "<emphasis>nsid</emphasis>";</listitem>
+ <listitem><link xml:id="storage">storage</link> "<emphasis>directory</emphasis>";</listitem>
+ <listitem><link xml:id="pidfile">pidfile</link> "<emphasis>pidfile</emphasis>";</listitem>
+ <listitem><link xml:id="workers">workers</link> <emphasis>number</emphasis>;</listitem>
+ <listitem><link xml:id="user">user</link> <emphasis>user</emphasis>[.<emphasis>group</emphasis>];</listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ <section>
+ <title>Example:</title>
+ <para>
+ <programlisting>
+ system {
+ version "1.0.7";
+ storage "/var/lib/knot";
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section>
+ <title>Statement Definition and Usage</title>
+ <section xml:id="identity">
+ <title>identity</title>
+ <para>
+ Identity of the server (see RFC 4892). Not used yet.
+ </para>
+ <para>
+ <programlisting>
+ system {
+ identity "Knot DNS";
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="version">
+ <title>version</title>
+ <para>
+ Version of the server (see RFC 4892). Not used yet.
+ </para>
+ <para>
+ <programlisting>
+ system {
+ version "1.0.5";
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="nsid">
+ <title>nsid</title>
+ <para>
+ DNS Name Server Identifier (RFC 5001)
+ </para>
+ <para>
+ Use a string format "text" or a hexstring f.e. 0x01ab00
+ </para>
+ <para>
+ <programlisting>
+ system {
+ nsid 0x00cafe;
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="storage">
+ <title>storage</title>
+ <para>
+ The working directory of the Knot DNS, it is used to store compiled zone files and it's also a default location of the pidfile.
+ </para>
+ <para>
+ <programlisting>
+ system {
+ storage "/var/lib/knot";
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="pidfile">
+ <title>pidfile</title>
+ <para>
+ Custom pidfile location.
+ </para>
+ <para>
+ Default value: knot.pid in <link xml:id="storage">storage</link> directory)
+ </para>
+ <para>
+ <programlisting>
+ system {
+ pidfile "/var/run/knot.pid";
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="workers">
+ <title>workers</title>
+ <para>
+ Number of workers (threads) per interface. This option is used to force number of threads used per interface.
+ </para>
+ <para>
+ Default value: unset (auto-estimates optimal value from the number of online CPUs)
+ </para>
+ <para>
+ <programlisting>
+ system {
+ workers: 16
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section xml:id="user">
+ <title>user</title>
+ <para>
+ System user or user.group under which the Knot DNS is run after starting and binding to interfaces.
+ </para>
+ <para>
+ Default value: root.root
+ </para>
+ <para>
+ <programlisting>
+ system {
+ user knot.knot;
+ }
+ </programlisting>
+ </para>
+ </section>
+ </section>
+ </section>
+ <section xml:id="keys">
+ <title>keys</title>
+ <para>
+ The <emphasis>keys</emphasis> statement sets up the TSIG keys used to authenticate zone transfers.
+ </para>
+ <section>
+ <title>Options</title>
+ <para>
+ Contains one or more:
+ <itemizedlist>
+ <listitem><emphasis><link xml:id="key_id">key_id</link></emphasis> <emphasis>algorithm</emphasis> "<emphasis>key-contents</emphasis>";</listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ <section>
+ <title>Example</title>
+ <para>
+ <programlisting>
+ keys {
+ key0.server0 hmac-md5 "Wg==";
+ foobar.example.com. hmac-sha256 "RQ==";
+ }
+ </programlisting>
+ </para>
+ </section>
+ <section>
+ <title>Statement Definition and Usage</title>
+ <section xml:id="key_id">
+ <title><emphasis>key_id</emphasis></title>
+ <para>
+ The <emphasis>key_id</emphasis> statement defines a secret shared key for use with TSIG. It consists of
+ </para>
+ <para>
+ You will need to use bind or ldns utils to generate TSIG keys. Knot DNS doesn't have it's own generation utilities yet.
+ <programlisting>
+ $ dnssec-keygen -a HMAC-SHA256 -b 256 -n HOST foobar.example.com
+ Kfoobar.example.com.+163+21239
+ $ cat Kfoobar.example.com.+163+21239.key
+ foobar.example.com. IN KEY 512 3 163 rqv2WRyDgIUaHcJi03Zssor9jtG1kOpb3dPywxZfTeo=
+ </programlisting>
+ </para>
+ <para>
+ Key generated in previous paragraph would be written as:
+ <programlisting>
+ keys {
+ foobar.example.com. hmac-sha256 "rqv2WRyDgIUaHcJi03Zssor9jtG1kOpb3dPywxZfTeo=";
+ }
+ </programlisting>
+ </para>
+ </section>
+ </section>
+ </section>
</chapter>