if PACKAGE_coredns

comment "Transport & Security"

config COREDNS_PLUGIN_TLS
	bool "TLS plugin"
	default y
	help
	  Enable TLS (DNS-over-TLS) listener support.

config COREDNS_PLUGIN_QUIC
	bool "QUIC plugin (DNS-over-QUIC)"
	default n
	help
	  Enable DNS-over-QUIC (DoQ) listener support. Requires TLS certificates.

config COREDNS_PLUGIN_GRPC
	bool "gRPC plugin"
	default n
	help
	  Forward or receive DNS messages over gRPC.

config COREDNS_PLUGIN_PROXYPROTO
	bool "Proxy Protocol plugin"
	default n
	help
	  Add PROXY protocol (v1/v2) support to preserve original client IPs
	  when CoreDNS sits behind a load balancer or reverse proxy.

comment "Service Discovery Backends"

config COREDNS_PLUGIN_KUBERNETES
	bool "Kubernetes plugin"
	default n
	help
	  Serve DNS records for Kubernetes services and pods.
	  Only useful when running inside a Kubernetes cluster.

config COREDNS_PLUGIN_K8S_EXTERNAL
	bool "k8s_external plugin"
	default n
	help
	  Serve DNS records for external-facing Kubernetes services
	  (e.g. LoadBalancer / ExternalName).

config COREDNS_PLUGIN_ETCD
	bool "Etcd plugin"
	default n
	help
	  Serve DNS records from an etcd v3 datastore (SkyDNS-compatible).

config COREDNS_PLUGIN_NOMAD
	bool "Nomad plugin"
	default n
	help
	  Serve DNS records from HashiCorp Nomad service registrations.

comment "Cloud DNS Backends"

config COREDNS_PLUGIN_ROUTE53
	bool "Route53 plugin (AWS)"
	default n
	help
	  Serve DNS records from AWS Route 53 hosted zones.
	  Adds significant binary size due to AWS SDK.

config COREDNS_PLUGIN_AZURE
	bool "Azure DNS plugin"
	default n
	help
	  Serve DNS records from Azure DNS hosted zones.
	  Adds significant binary size due to Azure SDK.

config COREDNS_PLUGIN_CLOUDDNS
	bool "Cloud DNS plugin (GCP)"
	default n
	help
	  Serve DNS records from Google Cloud DNS managed zones.
	  Adds significant binary size due to GCP SDK.

comment "Extra Built-in Plugins"

config COREDNS_PLUGIN_GEOIP
	bool "GeoIP plugin"
	default n
	help
	  Add GeoIP-based metadata to requests (requires MaxMind database).

config COREDNS_PLUGIN_ON
	bool "On-event plugin"
	default n
	help
	  Execute a command on server start/shutdown events.

comment "Third-party Plugins"

config COREDNS_PLUGIN_WGSD
	bool "WireGuard Service Discovery plugin"
	default y if PACKAGE_wgsd-coredns
	select COREDNS_REQUIRE_GO_GET
	help
	  wgsd serves WireGuard peer information via DNS-SD (RFC 6763)
	  semantics. Use cases include:
	   - Building a mesh of WireGuard peers from a central registry
	   - Dynamic discovery of WireGuard endpoint addressing
	   - NAT-to-NAT connectivity where UDP hole punching is supported

config COREDNS_PLUGIN_NETBOX
	bool "Netbox plugin"
	default n
	select COREDNS_REQUIRE_GO_GET
	help
	  Serve DNS records from a NetBox IPAM/DCIM instance.

config COREDNS_PLUGIN_FANOUT
	bool "Fanout plugin"
	default n
	select COREDNS_REQUIRE_GO_GET
	help
	  Forward DNS queries to multiple upstreams simultaneously and return
	  the first successful response (race / fan-out strategy).

config COREDNS_PLUGIN_FINALIZE
	bool "Finalize plugin"
	default n
	select COREDNS_REQUIRE_GO_GET
	help
	  Ensure all CNAME chains in responses are fully resolved before
	  sending the answer to the client.

config COREDNS_REQUIRE_GO_GET
	bool
	default n
	help
	  Custom / third-party plugins require 'go get ./...' during build
	  to pull their module dependencies.

endif