knot is particular about ownership and permissions. If
knot's home directory or config files have incorrect attributes
it won't run. Once running, the zone files and timers must also have
correct attributes or it will fail, sometimes silently. If it is not running
check the log files. The zone file directory is specified in the
config files at template: storage:
I use /var/lib/knot/.
Each nameserver has one configuration file. Regardless of role, it is
always named /etc/knot/knot.conf.
Permissions are:chmod 750 /etc/knot/chmod 660 /etc/knot/knot.confchmod 750 /var/lib/knot/chmod 660 /var/lib/knot/[zone-files]chmod 750 /var/lib/knot/timers/chmod 660 /var/lib/knot/timers/[timer-data]Ownership is:chown -R knot:knot /etc/knotchown -R knot:knot /var/lib/knot
Basic VM 1GB Ram - 20G Storage - 1 CPU - $4 USD / month
Host operating system
Debian 12 Bookworm
knotd version 3.2.6
installed from an apt package
VM provider - no BS, solid service, highly recommended Kamatera Cloud Platform
Generated configs are valid and can be used as-is for your knot.conf files
When a config file changes a "systemctl restart
knot" is required
When a zone file changes a "systemctl reload
knot" is required
SOA records must be on a single line (tricky to debug this one)
Zone file changes won't propagate until the serial number on each modified zone has been increased and knot has been reloaded
If you don't need to Listen on a localhost address delete "listen: 127.x.x.x"
To use only the Public network leave the form's Private IP boxes empty
If available the servers will synchronize over the private network
This will get you started. Basic setup, works well.