nextdns router - where / how config files stored & changed

Hi,

I want to make some changes to the config of nextdns which is running on my Unifi Cloud Gateway Fiber. At the moment my config is pretty vanilla and any changes I've made have been using command line switches via SSH -- the next changes would be easier to edit straight into the config file.

What I want to check is exactly where and how nextdns stores a) the current working configuration file, if anywhere (which I thought was in /etc), and b) the backup config file if there indeed is one (which I thought was in /data). I am referring to the file nextdns.conf.

See below three information blocks which should be closely correlated but there are important differences. Note that the only parameters I added or changed from the vanilla router-mode install are/were adding my profile (router should have prompted at install but it didn't) and I also set report-client-info=true:

1. The actual config which I listed out of the running daemon:

# nextdns config list
cache-max-age 0s
report-client-info true
detect-captive-portals false
debug false
log-queries false
discovery-dns
use-hosts true
timeout 5s
auto-activate false
control /var/run/nextdns.sock
profile 0a0000
mdns all
bogus-priv true
setup-router true
hardened-privacy false
max-inflight-requests 256
listen localhost:53
cache-size 0
max-ttl 0s

2. The file I believed to be the live working config file /etc/nextdns.conf (but it cannot be because it is not the same as the config list from the running daemon itself):

# cat /etc/nextdns.conf
profile 192.168.0.0/24=0a0000,192.168.10.0/24=0b0000,192.168.20.0/24=0c0000,192.168.100.0/24=0d0000,192.168.200.0/24=0e0000,default=0a0000
auto-activate true
setup-router true
report-client-info true
log-queries true
listen localhost:53
timeout 5s
cache-size 0
cache-max-age 0s
max-ttl 0s
hardened-privacy false
bogus-priv true
debug false
mdns all
use-hosts true
max-inflight-requests 256
control /var/run/nextdns.sockdetect-captive-portals false
discovery-dns

...and...

3. The file I believed to be a copy backup of the working config file in /etc, copy stored as /data/nextdns.conf but it's certainly not a copy of the file in /etc -- it is however somewhat close to the actual config listed reported from the live daemon (which makes me wonder if the file in /etc is just bogus), in particular it only shows one profile item which (currently) is correct and as shown in the config list from the daemon:

# cat /data/nextdns.conf
listen localhost:53
control /var/run/nextdns.sock
cache-max-age 0s
max-ttl 0s
report-client-info true
detect-captive-portals false
hardened-privacy false
bogus-priv true
max-inflight-requests 256
debug false
profile 0a0000
use-hosts true
setup-router true
log-queries false
discovery-dns
cache-size 0
mdns all
timeout 5s
auto-activate false

It was a bit of a journey to get it working well, as it is, so I don't want to mess anything up by editing the wrong config file.

Any input appreciated.

Thanks

Alastair