crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
ansible/roles/bind-authoritative/templates/bind/named.conf.local.j2

47 lines
933 B
Django/Jinja
Raw Blame History

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

{{ ansible_header | comment(decoration='// ') }}
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
{% if bind.master %}
// Let's Encrypt Challenge DNS-01
key "certbot_challenge." {
algorithm hmac-sha512;
secret "{{ certbot_dns_secret }}";
};
{% endif %}
// Crans zones
{% for zone in bind.zones %}
zone "{{ zone }}" {
{% if bind.master %}
type master;
file "/var/local/re2o-services/dns/generated/dns.{{ zone }}.zone";
forwarders {
{% for slave in bind.slaves -%}
{{ slave }};
{% endfor -%}
};
allow-transfer {
{% for slave in bind.slaves -%}
{{ slave }};
{% endfor -%}
};
update-policy {
grant certbot_challenge. name _acme-challenge.{{ zone }} txt;
};
notify yes;
{% else %}
type slave;
file "bak.{{ zone }}";
masters {
{{ bind.master_ip }};
};
allow-transfer { "none"; };
notify no;
{% endif %}
};
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink