summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthieu Saulnier <fantom@fedoraproject.org>2018-12-08 15:52:10 +0100
committerMatthieu Saulnier <fantom@fedoraproject.org>2018-12-08 15:52:10 +0100
commitfa8c39d24ee74f8685bc8ea46ded1767ef303116 (patch)
tree9dc694043678cc0336c59cd95813fc98ac284e99
parentd76d7b719992ff30b45518436bfa6df33b9b1ab6 (diff)
downloadplaybooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.tar.gz
playbooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.tar.xz
playbooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.zip
Use host variables in dns config file template
-rw-r--r--host_vars/192.168.0.257
-rw-r--r--host_vars/d72vewh3wa4lwpaj.onion7
-rw-r--r--host_vars/manchester.casperlefantom.net7
-rw-r--r--host_vars/manchester.home.casperlefantom.net7
-rw-r--r--roles/dnsserver/tasks/config.yml2
-rw-r--r--roles/dnsserver/templates/named.conf.j230
-rw-r--r--roles/dnsserver/vars/main.yml12
7 files changed, 41 insertions, 31 deletions
diff --git a/host_vars/192.168.0.25 b/host_vars/192.168.0.25
index ab9f1a2..fa74623 100644
--- a/host_vars/192.168.0.25
+++ b/host_vars/192.168.0.25
@@ -1,5 +1,10 @@
-is_dnsmaster: true
is_mtamaster: true
+# dnsserver
+dnsslavelist:
+ - 51.15.179.153
+ - "2001:bc8:3fec:f00:7ea::"
+ - 163.172.211.128
+ - "2001:bc8:3fec:b00:b007::"
# ntpserver
masterlist:
- 0.fedora.pool.ntp.org
diff --git a/host_vars/d72vewh3wa4lwpaj.onion b/host_vars/d72vewh3wa4lwpaj.onion
index ab9f1a2..fa74623 100644
--- a/host_vars/d72vewh3wa4lwpaj.onion
+++ b/host_vars/d72vewh3wa4lwpaj.onion
@@ -1,5 +1,10 @@
-is_dnsmaster: true
is_mtamaster: true
+# dnsserver
+dnsslavelist:
+ - 51.15.179.153
+ - "2001:bc8:3fec:f00:7ea::"
+ - 163.172.211.128
+ - "2001:bc8:3fec:b00:b007::"
# ntpserver
masterlist:
- 0.fedora.pool.ntp.org
diff --git a/host_vars/manchester.casperlefantom.net b/host_vars/manchester.casperlefantom.net
index ab9f1a2..fa74623 100644
--- a/host_vars/manchester.casperlefantom.net
+++ b/host_vars/manchester.casperlefantom.net
@@ -1,5 +1,10 @@
-is_dnsmaster: true
is_mtamaster: true
+# dnsserver
+dnsslavelist:
+ - 51.15.179.153
+ - "2001:bc8:3fec:f00:7ea::"
+ - 163.172.211.128
+ - "2001:bc8:3fec:b00:b007::"
# ntpserver
masterlist:
- 0.fedora.pool.ntp.org
diff --git a/host_vars/manchester.home.casperlefantom.net b/host_vars/manchester.home.casperlefantom.net
index ab9f1a2..fa74623 100644
--- a/host_vars/manchester.home.casperlefantom.net
+++ b/host_vars/manchester.home.casperlefantom.net
@@ -1,5 +1,10 @@
-is_dnsmaster: true
is_mtamaster: true
+# dnsserver
+dnsslavelist:
+ - 51.15.179.153
+ - "2001:bc8:3fec:f00:7ea::"
+ - 163.172.211.128
+ - "2001:bc8:3fec:b00:b007::"
# ntpserver
masterlist:
- 0.fedora.pool.ntp.org
diff --git a/roles/dnsserver/tasks/config.yml b/roles/dnsserver/tasks/config.yml
index eb7bd4d..9878bbb 100644
--- a/roles/dnsserver/tasks/config.yml
+++ b/roles/dnsserver/tasks/config.yml
@@ -22,6 +22,6 @@
owner: root
group: named
mode: 0640
- when: is_dnsmaster is defined
+ when: dnsslavelist is defined
notify: reload named
with_items: "{{ zonelist }}"
diff --git a/roles/dnsserver/templates/named.conf.j2 b/roles/dnsserver/templates/named.conf.j2
index d3cb657..e790752 100644
--- a/roles/dnsserver/templates/named.conf.j2
+++ b/roles/dnsserver/templates/named.conf.j2
@@ -12,9 +12,9 @@ acl "whitelist-recursion" {
{% endfor %}
};
-{% if is_dnsmaster is defined %}
+{% if dnsslavelist is defined %}
acl "transferlist" {
-{% for item in slavelist %}
+{% for item in dnsslavelist %}
{{ item }};
{% endfor %}
};
@@ -46,8 +46,8 @@ options {
allow-recursion { whitelist-recursion; };
allow-transfer { none; };
version "SECRET";
-{% if is_dnsmaster is not defined %}
- forwarders { {{ master_ipv6 }}; {{ master_ipv4 }}; };
+{% if dnsslavelist is not defined %}
+ forwarders { {% for item in masterlist %}{{ item }}; {% endfor %} };
{% endif %}
dnssec-enable yes;
@@ -125,21 +125,18 @@ key "{{ key.name }}" {
};
{% endfor %}
-{% if is_dnsmaster is defined %}
-{% for item in slavelist %}
+{% if dnsslavelist is defined %}
+{% for item in dnsslavelist %}
server {{ item }} {
keys { Forwarder; };
};
{% endfor %}
-{% endif %}
-{% if is_dnsmaster is not defined %}
-server {{ master_ipv4 }} {
- keys { Forwarder; };
-};
-
-server {{ master_ipv6 }} {
+{% else %}
+{% for item in masterlist %}
+server {{ item }} {
keys { Forwarder; };
};
+{% endfor %}
{% endif %}
controls {
@@ -154,16 +151,15 @@ zone "." IN {
{% for item in zonelist %}
zone "{{ item }}" IN {
-{% if is_dnsmaster is defined %}
+{% if dnsslavelist is defined %}
type master;
allow-transfer { transferlist; };
file "{{ item }}.zone";
notify yes;
-{% endif %}
-{% if is_dnsmaster is not defined %}
+{% else %}
type slave;
file "{{ item }}.zone";
- masters { {{ master_ipv6 }}; {{ master_ipv4 }}; };
+ masters { {% for item in masterlist %}{{ item }}; {% endfor %} };
{% endif %}
};
{% endfor %}
diff --git a/roles/dnsserver/vars/main.yml b/roles/dnsserver/vars/main.yml
index 124bea3..7a728e2 100644
--- a/roles/dnsserver/vars/main.yml
+++ b/roles/dnsserver/vars/main.yml
@@ -1,12 +1,6 @@
-master_ipv4: 82.247.103.117
-master_ipv6: 2a01:e35:2f76:7750::4
-
-
-slavelist:
- - 51.15.179.153
- - "2001:bc8:3fec:f00:7ea::"
- - 163.172.211.128
- - "2001:bc8:3fec:b00:b007::"
+masterlist:
+ - 82.247.103.117
+ - "2a01:e35:2f76:7750::4"
whitelist:
- localhost