On 31/12/2025 13.37, Michael Grimm via knot-resolver-users wrote:
Is there a document available that describes which configuration file formats are accepted by Knot Resolver 6.x.x?

On https://www.knot-resolver.cz/documentation/v6.0.17/upgrading-to-6.html#upgrading-to-6 I find:

| new declarative configuration in YAML that can be validated before running

Background of my question is that my current LUA configuration works right away besides [1]. 
Does that mean, LUA configuration is still being supported?
Or do I need to migrate to YAML?

With 6.x we strongly prefer YAML.  It's actually one of the main motivators for 6.x that Lua turned out to be a constant source of confusion.  (e.g. people often writing code that's a correct Lua script but doesn't do what they intended)  And the language is too powerful to work with easily (e.g. "check correctness").

We've moved docs about Lua stuff to developer part of docs, and some parts of that might be not really up to date, too.  Generally you shouldn't use Lua unless you know what you're doing.  And even in that case it's expected that you use YAML for 99% of your config and only add extra tweaks in Lua (via the lua: section in YAML mentioned in another message in this thread).


FYI: This is FreeBSD and kresctl tool isn't available here.

OK, that's a complication.  In 6.0.17 we added FreeBSD support to code added in 6.x, and now we're in contact with the maintainer of the [port], but the last version I saw didn't seem to package all parts needed for YAML (e.g. executables called knot-resolver and kresctl).

[port]: https://www.freshports.org/dns/knot-resolver


Here my issue [1]:

Serving local hints.add_hosts as done in 5.7.6 stopped working (LUA config):
--
-- local domains
--
hints.add_hosts('/usr/local/etc/knot-resolver/LOCALZONES/domain1.lan')
hints.add_hosts('/usr/local/etc/knot-resolver/LOCALZONES/domain2.lan')
policy.add(
	policy.suffix(
		policy.PASS, {
			todname('1.0.10.in-addr.arpa'),
			todname('2.0.10.in-addr.arpa'),
		}
	)
)

A good news is that 6.x is much better in doing what people expect around local-data stuff.  So you don't even need anything like this PASS anymore in YAML, as only missing addresses will get blocked by these default rules.  It will suffice to just have:

local-data:
  addresses-files:
    - /usr/local/etc/knot-resolver/LOCALZONES/domain1.lan     - /usr/local/etc/knot-resolver/LOCALZONES/domain2.lan


--Vladimir