diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-12-08 15:52:10 +0100 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-12-08 15:52:10 +0100 |
commit | fa8c39d24ee74f8685bc8ea46ded1767ef303116 (patch) | |
tree | 9dc694043678cc0336c59cd95813fc98ac284e99 | |
parent | d76d7b719992ff30b45518436bfa6df33b9b1ab6 (diff) | |
download | playbooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.tar.gz playbooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.tar.xz playbooks-ansible-fa8c39d24ee74f8685bc8ea46ded1767ef303116.zip |
Use host variables in dns config file template
-rw-r--r-- | host_vars/192.168.0.25 | 7 | ||||
-rw-r--r-- | host_vars/d72vewh3wa4lwpaj.onion | 7 | ||||
-rw-r--r-- | host_vars/manchester.casperlefantom.net | 7 | ||||
-rw-r--r-- | host_vars/manchester.home.casperlefantom.net | 7 | ||||
-rw-r--r-- | roles/dnsserver/tasks/config.yml | 2 | ||||
-rw-r--r-- | roles/dnsserver/templates/named.conf.j2 | 30 | ||||
-rw-r--r-- | roles/dnsserver/vars/main.yml | 12 |
7 files changed, 41 insertions, 31 deletions
diff --git a/host_vars/192.168.0.25 b/host_vars/192.168.0.25 index ab9f1a2..fa74623 100644 --- a/host_vars/192.168.0.25 +++ b/host_vars/192.168.0.25 @@ -1,5 +1,10 @@ -is_dnsmaster: true is_mtamaster: true +# dnsserver +dnsslavelist: + - 51.15.179.153 + - "2001:bc8:3fec:f00:7ea::" + - 163.172.211.128 + - "2001:bc8:3fec:b00:b007::" # ntpserver masterlist: - 0.fedora.pool.ntp.org diff --git a/host_vars/d72vewh3wa4lwpaj.onion b/host_vars/d72vewh3wa4lwpaj.onion index ab9f1a2..fa74623 100644 --- a/host_vars/d72vewh3wa4lwpaj.onion +++ b/host_vars/d72vewh3wa4lwpaj.onion @@ -1,5 +1,10 @@ -is_dnsmaster: true is_mtamaster: true +# dnsserver +dnsslavelist: + - 51.15.179.153 + - "2001:bc8:3fec:f00:7ea::" + - 163.172.211.128 + - "2001:bc8:3fec:b00:b007::" # ntpserver masterlist: - 0.fedora.pool.ntp.org diff --git a/host_vars/manchester.casperlefantom.net b/host_vars/manchester.casperlefantom.net index ab9f1a2..fa74623 100644 --- a/host_vars/manchester.casperlefantom.net +++ b/host_vars/manchester.casperlefantom.net @@ -1,5 +1,10 @@ -is_dnsmaster: true is_mtamaster: true +# dnsserver +dnsslavelist: + - 51.15.179.153 + - "2001:bc8:3fec:f00:7ea::" + - 163.172.211.128 + - "2001:bc8:3fec:b00:b007::" # ntpserver masterlist: - 0.fedora.pool.ntp.org diff --git a/host_vars/manchester.home.casperlefantom.net b/host_vars/manchester.home.casperlefantom.net index ab9f1a2..fa74623 100644 --- a/host_vars/manchester.home.casperlefantom.net +++ b/host_vars/manchester.home.casperlefantom.net @@ -1,5 +1,10 @@ -is_dnsmaster: true is_mtamaster: true +# dnsserver +dnsslavelist: + - 51.15.179.153 + - "2001:bc8:3fec:f00:7ea::" + - 163.172.211.128 + - "2001:bc8:3fec:b00:b007::" # ntpserver masterlist: - 0.fedora.pool.ntp.org diff --git a/roles/dnsserver/tasks/config.yml b/roles/dnsserver/tasks/config.yml index eb7bd4d..9878bbb 100644 --- a/roles/dnsserver/tasks/config.yml +++ b/roles/dnsserver/tasks/config.yml @@ -22,6 +22,6 @@ owner: root group: named mode: 0640 - when: is_dnsmaster is defined + when: dnsslavelist is defined notify: reload named with_items: "{{ zonelist }}" diff --git a/roles/dnsserver/templates/named.conf.j2 b/roles/dnsserver/templates/named.conf.j2 index d3cb657..e790752 100644 --- a/roles/dnsserver/templates/named.conf.j2 +++ b/roles/dnsserver/templates/named.conf.j2 @@ -12,9 +12,9 @@ acl "whitelist-recursion" { {% endfor %} }; -{% if is_dnsmaster is defined %} +{% if dnsslavelist is defined %} acl "transferlist" { -{% for item in slavelist %} +{% for item in dnsslavelist %} {{ item }}; {% endfor %} }; @@ -46,8 +46,8 @@ options { allow-recursion { whitelist-recursion; }; allow-transfer { none; }; version "SECRET"; -{% if is_dnsmaster is not defined %} - forwarders { {{ master_ipv6 }}; {{ master_ipv4 }}; }; +{% if dnsslavelist is not defined %} + forwarders { {% for item in masterlist %}{{ item }}; {% endfor %} }; {% endif %} dnssec-enable yes; @@ -125,21 +125,18 @@ key "{{ key.name }}" { }; {% endfor %} -{% if is_dnsmaster is defined %} -{% for item in slavelist %} +{% if dnsslavelist is defined %} +{% for item in dnsslavelist %} server {{ item }} { keys { Forwarder; }; }; {% endfor %} -{% endif %} -{% if is_dnsmaster is not defined %} -server {{ master_ipv4 }} { - keys { Forwarder; }; -}; - -server {{ master_ipv6 }} { +{% else %} +{% for item in masterlist %} +server {{ item }} { keys { Forwarder; }; }; +{% endfor %} {% endif %} controls { @@ -154,16 +151,15 @@ zone "." IN { {% for item in zonelist %} zone "{{ item }}" IN { -{% if is_dnsmaster is defined %} +{% if dnsslavelist is defined %} type master; allow-transfer { transferlist; }; file "{{ item }}.zone"; notify yes; -{% endif %} -{% if is_dnsmaster is not defined %} +{% else %} type slave; file "{{ item }}.zone"; - masters { {{ master_ipv6 }}; {{ master_ipv4 }}; }; + masters { {% for item in masterlist %}{{ item }}; {% endfor %} }; {% endif %} }; {% endfor %} diff --git a/roles/dnsserver/vars/main.yml b/roles/dnsserver/vars/main.yml index 124bea3..7a728e2 100644 --- a/roles/dnsserver/vars/main.yml +++ b/roles/dnsserver/vars/main.yml @@ -1,12 +1,6 @@ -master_ipv4: 82.247.103.117 -master_ipv6: 2a01:e35:2f76:7750::4 - - -slavelist: - - 51.15.179.153 - - "2001:bc8:3fec:f00:7ea::" - - 163.172.211.128 - - "2001:bc8:3fec:b00:b007::" +masterlist: + - 82.247.103.117 + - "2a01:e35:2f76:7750::4" whitelist: - localhost |