dot, readme

1 files changed, 18 insertions, 0 deletions

diff --git a/internal/config/config.go b/internal/config/config.go
index b2c88ee..42af236 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -15,14 +15,20 @@ type Config struct {
 	Admin     AdminConfig     `toml:"admin"`
 	ACL       ACLConfig       `toml:"acl"`
 	Log       LogConfig       `toml:"log"`
+	TLS       TLSConfig       `toml:"tls"`
 }
 
 type ServerConfig struct {
 	ListenUDP string `toml:"listen_udp"`
 	ListenTCP string `toml:"listen_tcp"`
 	ListenDOH string `toml:"listen_doh"`
+	ListenDoT string `toml:"listen_dot"`
 }
 
+type TLSConfig struct {
+	Cert string `toml:"cert"`
+	Key  string `toml:"key"`
+}
 type CacheConfig struct {
 	MaxEntries int    `toml:"max_entries"`
 	DBPath     string `toml:"db_path"`
@@ -164,6 +170,15 @@ func Merge(dst, src Config) Config {
 	if src.Admin.Listen != "" {
 		dst.Admin.Listen = src.Admin.Listen
 	}
+	if src.Server.ListenDoT != "" {
+		dst.Server.ListenDoT = src.Server.ListenDoT
+	}
+	if src.TLS.Cert != "" {
+		dst.TLS.Cert = src.TLS.Cert
+	}
+	if src.TLS.Key != "" {
+		dst.TLS.Key = src.TLS.Key
+	}
 	return dst
 }
 
@@ -202,5 +217,8 @@ func (c Config) Validate() error {
 	if c.Resolver.Mode == "forward" && len(c.Resolver.Forwarders) == 0 {
 		return fmt.Errorf("resolver mode=forward requires at least one forwarder")
 	}
+	if c.Server.ListenDoT != "" && (c.TLS.Cert == "" || c.TLS.Key == "") {
+		return fmt.Errorf("listen_dot requires tls.cert and tls.key")
+	}
 	return nil
 }