31 lines
889 B
YAML
31 lines
889 B
YAML
---
|
|
interfaces:
|
|
adm: eth1
|
|
srv: eth0
|
|
|
|
loc_bind:
|
|
options:
|
|
secondaries: "{{ query('ldap', 'ip', 'sputnik', 'adm') | union(query('ldap', 'ip', 'en7', 'adm')) }}"
|
|
key_directory: /var/cache/bind/keys
|
|
default:
|
|
format: generated/%s.db
|
|
type: primary
|
|
notify: "yes"
|
|
dnssec: true
|
|
zones:
|
|
_acme-challenge.crans.org:
|
|
update_policy:
|
|
- grant certbot_challenge. name _acme-challenge.crans.org. txt
|
|
format: bak.%s
|
|
_acme-challenge.adm.crans.org:
|
|
update_policy:
|
|
- grant certbot_adm_challenge. name _acme-challenge.adm.crans.org. txt
|
|
format: bak.%s
|
|
rfc2136_keys:
|
|
certbot_challenge.:
|
|
algorithm: hmac-sha512
|
|
secret: "{{ vault.bind.rfc2136_keys['certbot_challenge.'].secret }}"
|
|
certbot_adm_challenge.:
|
|
algorithm: hmac-sha512
|
|
secret: "{{ vault.bind.rfc2136_keys['certbot_adm_challenge.'].secret }}"
|