added documentation to settings.sample

diff --git a/conf/settings.sample b/conf/settings.sample
index 4fdaa6f15ed0fa2b7331f9445370ca03becd6342..b1046dbd7387473a81200b0b20e11cafc7d21e00 100644 (file)
--- a/conf/settings.sample
+++ b/conf/settings.sample
@@ -1,16 +1,41 @@
+# microdnssec, (c) Svenne Krap, 2010
+# released under 2-clause BSD-license
+# This config file is in bash syntax.
+
+
+#### this part of the setup is regarding the machine where microdnssec runs and signs domains. 
+
+# the full path to the dnssec-signzone binary

 signzone=/usr/sbin/dnssec-signzone
 signzone=/usr/sbin/dnssec-signzone

+
+# the full path to the dnssec-keygen binary

 keygen=/usr/bin/dnssec-keygen
 keygen=/usr/bin/dnssec-keygen

+
+# length in bytes of the NSEC3 salt

 salt_length=32
 salt_length=32

+
+# try resign after this many times 24 hours

 resign_days=10
 resign_days=10

+
+# name of the zone.conf file to make. BEWARE this file is overwritten and should not be managed manually.

 zoneconf_name="seczone.conf"
 
 zoneconf_name="seczone.conf"
 

+#### Setup nameservers
+# amount of nameservers to use. All will be used as primaries. 
+# Please ensure that there exists the same amount of config blocks below (named nsX_...)

 num_nameservers=2
 
 num_nameservers=2
 

+## A standard config block
+# hostname of dns-server to put in zones

 ns1_public_name="ns1.example.com"
 ns1_public_name="ns1.example.com"

+# ssh access credential and hostname to upload

 ns1_ssh_access="root@ns1.example.com"
 ns1_ssh_access="root@ns1.example.com"

+# the full path to where the files ($zoneconf and zones) are put

 ns1_conf_path="/opt/bind/etc/"
 ns1_conf_path="/opt/bind/etc/"

+# the full path to the rndc command to reconfig the server

 ns1_rndc_path="/opt/bind/sbin/rndc"
 
 ns1_rndc_path="/opt/bind/sbin/rndc"
 

+## second config block

 ns2_public_name="ns2.example.com"
 ns2_ssh_access="root@ns2.example.com"
 ns2_conf_path="/opt/bind/etc/"
 ns2_public_name="ns2.example.com"
 ns2_ssh_access="root@ns2.example.com"
 ns2_conf_path="/opt/bind/etc/"