It lets operators manage DNS records as Kubernetes CRDs, delivering an authoritative DNS service with DNSSEC, DNS‑over‑HTTPS, DNS‑over‑TLS, and Prometheus metrics. A master component watches CRDs, rebuilds an in‑memory DB and pushes it to slave daemons that answer queries, while a router proxy handles multiple protocols and rate‑limiting. Designed for self‑hosted, supply‑chain‑resilient DNS in Kubernetes, it offers tighter security and customizability than generic DNS servers. Its zero‑dependency Go implementation reduces binary size and attack surface.
View on GitHub →fsgh42/xfx1-dns