70 Commits

Author SHA1 Message Date
Daniel Akulenok 98180fddf5 docs: Update author and company contact information 2026-01-27 23:09:31 +01:00
Daniel Akulenok 32a3de5bab feat: Add BIND 9.20 forwarders configuration support
- Update forwarders template with enhanced functionality
- Add molecule test cases for forwarders validation
- Update options and zone templates for compatibility
2026-01-23 12:24:06 +01:00
Daniel Akulenok 29a30e9edd Merge branch 'main' of ssh://git.valid.dk:2222/daniel/ansible-bind9-role 2026-01-23 10:34:22 +01:00
Daniel Akulenok dfa3f0d4c3 test: Configure Molecule testing framework
- Add Ansible collections configuration
- Update converge and prepare playbooks
- Restructure molecule.yml for improved testing
2026-01-23 00:30:22 +01:00
daniel f2e4938336 revert 26c6e7844d
revert feat: Add remote-servers support for BIND 9.20
2026-01-22 22:36:55 +00:00
daniel 421922729d revert b5a9e97712
revert refactor: Update templates to use dynamic ordering and add deprecation warnings
2026-01-22 22:36:50 +00:00
daniel 4084573f2b revert 192747e438
revert refactor: Rename leaf config to site config

feat: Add argument specs and atomic validation
2026-01-22 22:36:43 +00:00
daniel d59001964b revert 986b33df21
revert fix: explicit boolean checks for Ansible 12 compatibility
2026-01-22 22:36:25 +00:00
daniel c334b2d4e7 revert 2502389156
revert Merge pull request 'feature/bind9-20-support' (#1) from feature/bind9-20-support into main

Reviewed-on: https://gitea/daniel/ansible-bind9-role/pulls/1
2026-01-22 22:34:13 +00:00
daniel 83f635de8c revert 0a8ea77c63
revert Merge pull request 'feature/role-improvements' (#2) from feature/role-improvements into main

Reviewed-on: https://gitea/daniel/ansible-bind9-role/pulls/2
2026-01-22 22:33:44 +00:00
daniel cc329af080 Merge pull request 'feature/role-improvements' (#2) from feature/role-improvements into main
Reviewed-on: https://gitea/daniel/ansible-bind9-role/pulls/2
2025-12-07 20:22:40 +00:00
daniel da9b182763 Merge pull request 'feature/bind9-20-support' (#1) from feature/bind9-20-support into main
Reviewed-on: https://gitea/daniel/ansible-bind9-role/pulls/1
2025-12-07 19:37:05 +00:00
Daniel Akulenok ff135cb4b5 fix: Add explicit boolean comparison for Ansible 2.12+ compatibility 2025-12-07 20:28:26 +01:00
Daniel Akulenok bc7528d5d6 refactor: Rename leaf config to site config
feat: Add argument specs and atomic validation
2025-12-07 20:24:22 +01:00
Daniel Akulenok 7903afdcd3 refactor: Implement dynamic ordering in BIND templates
- Simplify options and zone templates
- Add deprecation warnings for legacy configurations
- Reduce template complexity and improve maintainability
2025-12-07 20:15:54 +01:00
Daniel Akulenok 91dfea3138 feat: Add remote-servers configuration for BIND 9.20
- Create new remote-servers template
- Integrate into configuration generator
2025-12-07 20:15:41 +01:00
Daniel Akulenok 04425702a1 style: Fix formatting and spacing 2024-05-15 12:21:17 +02:00
Daniel Akulenok b0f1908a73 style: Fix formatting and spacing 2024-05-15 11:04:46 +02:00
Daniel Akulenok 700526f824 refactor: Remove unnecessary comments 2024-05-14 14:40:41 +02:00
Daniel Akulenok de2b34df01 refactor: Replace Jinja2 macros with direct logic in zone and view templates 2024-05-14 14:36:54 +02:00
Daniel Akulenok e830133900 refactor: Simplify trust-anchors template implementation 2024-05-14 14:34:49 +02:00
Daniel Akulenok c510418964 refactor: Remove macro usage from TLS configuration template 2024-05-14 14:30:18 +02:00
Daniel Akulenok 9973b4f395 refactor: Simplify statistics-channels template 2024-05-14 14:29:10 +02:00
Daniel Akulenok 145d991eb8 refactor: Remove Jinja2 macro dependencies from templates 2024-05-14 14:26:36 +02:00
Daniel Akulenok 18632b56de refactor: Remove Jinja2 macro dependencies from templates 2024-05-14 14:12:19 +02:00
Daniel Akulenok ebde5fefc6 test: Add Podman support for testing 2024-05-14 14:02:06 +02:00
Daniel Akulenok 40e3ec16a1 refactor: Simplify key configuration template by removing macros 2024-05-14 14:01:49 +02:00
Daniel Akulenok 4bb9d67cd5 refactor: Remove macro usage from HTTP configuration template 2024-05-14 13:47:59 +02:00
Daniel Akulenok f6bad45074 refactor: Remove macro usage from HTTP configuration template 2024-05-14 13:47:03 +02:00
Daniel Akulenok 057e06ec72 refactor: Simplify DNSSEC policy template by removing macros 2024-05-14 13:45:31 +02:00
Daniel Akulenok fa23194990 refactor: Remove macro dependencies from DLZ template 2024-05-14 13:44:21 +02:00
Daniel Akulenok 170f780abe refactor: Simplify include template by removing macro usage 2024-05-14 13:42:02 +02:00
Daniel Akulenok e2b700e0c3 refactor: Remove Jinja2 macros from controls template 2024-05-14 13:39:56 +02:00
Daniel Akulenok 4872dd09ad fix: Correct typo in template 2024-05-14 13:28:15 +02:00
Daniel Akulenok 866b2bebfd fix: Correct typo in template 2024-05-14 13:24:54 +02:00
Daniel Akulenok 827f7d3d85 Merge branch 'main' of ssh://git.valid.dk:2222/daniel/ansible-bind9-role 2024-05-14 10:31:38 +02:00
Daniel Akulenok 61092ca31e refactor: Continue removing macro dependencies from templates 2024-05-14 10:31:16 +02:00
Daniel Akulenok a35c70b44d fix: Replace incorrectly used macro with proper Jinja2 filter 2024-05-14 10:06:12 +02:00
Daniel Akulenok 3c09b49dbd refactor: Remove macro usage from options template 2024-05-14 10:04:31 +02:00
Daniel Akulenok 3c63023427 fix: Correct named_boolean usage in template filter 2024-05-13 21:31:37 +02:00
Daniel Akulenok f726cdea51 Update to local changes 2024-01-02 10:37:18 +01:00
Daniel Akulenok 1dcc4978f2 Fix backup file string 2022-10-27 09:37:47 +02:00
Daniel Akulenok 38a888bfab Make name optional 2022-10-04 12:53:45 +02:00
Daniel Akulenok 7274f04c92 Extend function to also iterate over list of addresses with the same key 2022-10-03 12:26:42 +02:00
Daniel Akulenok 2de8b879ce dnssec_validation can be boolean or auto 2022-09-16 13:26:08 +02:00
Daniel Akulenok 8e0cd723b7 Merge branch 'molecule' into 'main'
Molecule

See merge request operations/ansible-bind9-role!3
2022-08-30 14:10:25 +00:00
Daniel Akulenok eb543c5796 not too many empty lines or else lint goes crazy 2022-08-30 16:09:22 +02:00
Daniel Akulenok c421acfde6 Indentation Saga 2022-08-30 16:02:43 +02:00
Daniel Akulenok 6700165eb1 Molecule lint 2022-08-30 16:02:26 +02:00
Daniel Akulenok a8b64dde7b Add gitlab ci 2022-08-30 16:01:31 +02:00
Daniel Akulenok 193d3e581d we do not use travis 2022-08-30 15:37:41 +02:00
Daniel Akulenok 39558fce5b remove all the vars 2022-08-30 15:37:32 +02:00
Daniel Akulenok 71c33ac5e0 Working molecule 2022-08-30 13:55:13 +02:00
Daniel Akulenok 67b9ce2f05 Update README.md 2022-08-30 10:33:31 +00:00
Daniel Akulenok 0a0cc376d9 Merge branch 'main' of gitlab.off.valid.dk:operations/ansible-bind9-role 2022-08-30 12:32:28 +02:00
Daniel Akulenok f06b782f29 Update README.md 2022-08-30 08:11:38 +00:00
Daniel Akulenok b49b4a61ae Merge branch 'dak-main-patch-16249' into 'main'
Update README.md

See merge request operations/ansible-bind9-role!2
2022-08-30 08:07:27 +00:00
Daniel Akulenok 76dccd713a Update README.md 2022-08-30 08:07:00 +00:00
Daniel Akulenok 209e40786b Merge branch 'documentation' into 'main'
Documentation

See merge request operations/ansible-bind9-role!1
2022-08-30 08:03:51 +00:00
Daniel Akulenok fcb7b30ac2 Documentation 2022-08-30 08:03:51 +00:00
Daniel Akulenok 6bb6c3e416 Add variables documentation 2022-08-30 08:02:31 +00:00
Daniel Akulenok d0def303ee key tls line 2022-08-23 13:40:18 +02:00
Daniel Akulenok f0f0dc44ad readme 2022-08-23 13:17:19 +02:00
Daniel Akulenok 24b702239d expand readme 2022-08-23 12:10:39 +02:00
Daniel Akulenok fabe862186 changes to indentation 2022-08-19 22:01:36 +02:00
Daniel Akulenok 34015db98c reorder some options 2022-08-19 21:48:25 +02:00
Daniel Akulenok 34c8d68508 Merge branch 'main' of gitlab.off.valid.dk:operations/ansible-bind9-role 2022-08-05 14:46:02 +02:00
Daniel Akulenok a31be6a85b remove debugging 2022-08-05 14:45:34 +02:00
Daniel Akulenok 8fe293f0ed Try make small commit 2022-08-04 12:47:36 +02:00
Daniel Akulenok fbf6b76ba4 Move all of the role here 2022-08-04 12:41:40 +02:00
16 changed files with 116 additions and 1711 deletions
-63
View File
@@ -1,63 +0,0 @@
---
name: Test
on: # noqa: yaml[truthy]
push:
branches:
- main
- feature/**
pull_request:
branches:
- main
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install tools
run: |
pip install --no-cache-dir yamllint ansible-lint
- name: Run yamllint
run: yamllint -d relaxed .
- name: Run ansible-lint
run: ansible-lint --strict --profile=production
test:
name: Test
runs-on: ubuntu-latest
needs: lint
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install podman
run: |
sudo apt-get update
sudo apt-get install -y podman
- name: Install dependencies
run: |
pip install --no-cache-dir \
ansible \
molecule[podman] \
podman-compose \
pyyaml \
jinja2
- name: Run Molecule tests
run: molecule test
-6
View File
@@ -1,6 +0,0 @@
<!--# cspell: ignore SSOT CMDB -->
# AGENTS.md
Ensure that all practices and instructions described by
https://raw.githubusercontent.com/ansible/ansible-creator/refs/heads/main/docs/agents.md
are followed.
File diff suppressed because it is too large Load Diff
+15 -20
View File
@@ -38,7 +38,7 @@ named.conf
bind configuration is set through the various bind9_*_config parameters. These are, in order of precedence:
1. bind9_default_config
2. bind9_group_config
3. bind9_site_config
3. bind9_leaf_config
4. bind9_host_config
All these configuration parameters are merged in a way where each successing config supercedes the previous one at a config-file level. To illustrate:
@@ -59,7 +59,7 @@ bind9_group_config:
- name: "."
type: mirror
bind9_site_config:
bind9_leaf_config:
- name: named.conf.local
zone:
- name: "."
@@ -81,7 +81,7 @@ bind9_config:
file: /etc/share/dns/root.hints
```
The `named.conf.options` block in `bind9_default_config` got completely overwritten by the `bind9_group_config`, and the `bind9_site_config` completely overwrote `named.conf.local`, however, `named.conf.options` was left intact after merging with `bind9_site_config`.
The `named.conf.options` block in `bind9_default_config` got completely overwritten by the `bind9_group_config`, and the `bind9_leaf_config` completely overwrote `named.conf.local`, however, `named.conf.options` was left intact after merging with `bind9_leaf_config`.
Configuration Grammar
---------------------
@@ -126,43 +126,38 @@ Simple options are defined just as that.
```
Some options have several optional parameters. For those, a somewhat flexible
configuration format has been created. Common patterns include:
- **Address with Port/DSCP**: Used by options like `primaries`, `parental_agents` (e.g., `address [ port <port> ] [ dscp <dscp> ]`)
- **Address with Port/TLS**: Used by options like `forwarders` (e.g., `address [ port <port> ] [ tls <tls> ]`)
configuration format has been created
```
ADDRESS_PORT_TLS_OPTION: # Example: forwarders option
# <option> [ port <port> ] [ tls <tls> ] { <address> [ port <port> ] [ tls <tls> ]; ... }
IP_PORT_DSCP_OPTION: # Any option that is defined as one of:
# <option> [ port <port> ] [ dscp <dscp> ] { <address> [ port <port> ] [ dscp <dscp> ]; ... }
# <option> [ port <port> ] [ dscp <dscp> ] { <address> [ port <port> ] [ key <key> ] [ tls <tls> ]; ... }
# has a few optional syntaxes
# Example 1: Simple address list
- ADDRESS1
- ADDRESS2
# Example 2: To define global port/tls, use 'addresses' sub-element
# Example 2: To define source port/dscp, use 'addresses' sub-element
[ port: PORT ]
[ tls: TLS_NAME ]
[ dscp: DSCP ]
addresses:
- ADDRESS1
- ADDRESS2
- 127.0.0.1
# Example 3: To define per-address port/tls, use 'addresses' as a list of dicts
# Example 3: To define target port/dscp, use 'addresses' as a list of dicts
addresses:
- address: ADDRESS
[ port: PORT ]
[ tls: TLS_NAME ]
[ dscp: DSCP ]
- address: 127.0.0.1
port: 53
- address: 127.0.0.1
port: 853
tls: dot-tls
- address: 8.8.8.8
port: 853
tls: google-tls
dscp: 42
- address: 127.0.0.1
port: 5353
dscp: 42
# Example 4: The various formats can be mixed and matched within the main element
- ADDRESS1
- address: ADDRESS2
port: PORT
tls: TLS_NAME
```
+2 -2
View File
@@ -14,7 +14,7 @@ bind9_debug_config: false
bind9_config_indent: 4
bind9_group_config: []
bind9_site_config: []
bind9_leaf_config: []
bind9_host_config: []
bind9_default_config:
@@ -30,7 +30,7 @@ bind9_default_config:
bind9_config: "{{ [bind9_default_config,
bind9_group_config,
bind9_site_config,
bind9_leaf_config,
bind9_host_config] |
community.general.lists_mergeby('name',
recursive=true,
+1 -1
View File
@@ -21,5 +21,5 @@
ansible_facts.date_time.iso8601_basic_short + '.tar.gz' }}"
owner: root
group: root
mode: '0640'
mode: 0640
when: bind9_backup_config is defined and bind9_backup_config
-56
View File
@@ -1,56 +0,0 @@
---
argument_specs:
main:
short_description: The main entry point for the bind9 role.
options:
bind9_config:
type: list
elements: dict
description:
- A list of configuration dictionaries that are merged to
produce the final configuration.
- Each element must have a 'name' key (filename).
bind9_default_config:
type: list
elements: dict
description: Default configuration.
bind9_group_config:
type: list
elements: dict
description: Group-level configuration.
bind9_site_config:
type: list
elements: dict
description: Site/Leaf-level configuration.
bind9_host_config:
type: list
elements: dict
description: Host-level configuration.
bind9_backup_config:
type: bool
default: true
description: Whether to backup configuration files before overwriting.
bind9_debug_config:
type: bool
default: false
description: Whether to print the merged configuration during execution.
bind9_config_indent:
type: int
default: 4
description: Indentation level for generated configuration files.
bind9_packages:
type: list
elements: str
description: List of packages to install.
bind9_cfgdir:
type: str
description: Directory for configuration files.
bind9_working_directory:
type: str
description: Working directory for BIND.
bind9_libdir:
type: str
description: Library directory for BIND.
bind9_backup_dir:
type: str
description: Directory for backups.
+1 -1
View File
@@ -7,7 +7,7 @@ galaxy_info:
description: Configure Bind9
company: Valid.dk
issue_tracker_url: https://git.valid.dk/daniel/ansible-bind9-role
issue_tracker_url: https://gitlab.valid.dk/operations/ansible-bind9-role
license: GPL-3.0-or-later
+1
View File
@@ -4,3 +4,4 @@ collections:
- name: ansible.posix
- name: community.crypto
- name: community.general
+22 -32
View File
@@ -1,41 +1,31 @@
---
- name: Converge
hosts: all
tasks:
- name: Include bind9 role
ansible.builtin.include_role:
name: ../../../ansible-bind9-role # noqa: role-name[path]
vars:
bind9_host_config:
bind9_group_config:
- name: named.conf.options
options:
directory: "{{ bind9_working_directory }}"
recursion: true
allow_query:
- any
allow_recursion:
- 10.0.0.0/8
- 192.168.0.0/16
- 172.16.0.0/12
- localhost
- localnets
forwarders:
- address: 91.239.100.100
tls: censurfridns-anycast
- address: 89.233.43.71
tls: censurfridns-unicast
forward: first
dnssec_validation: auto
- name: named.conf.local
port: 853
tls: common-upstream
addresses:
- address: 192.0.2.10
port: 5353
tls: leaf-a
- address:
- 2001:db8::10
- 198.51.100.10
tls: dual-stack
- 203.0.113.10
tls:
- name: censurfridns-anycast
remote_hostname: anycast.uncensoreddns.org
- name: censurfridns-unicast
remote_hostname: unicast.uncensoreddns.org
zones:
- name: example.internal
type: forward
forward: only
forwarders:
- 10.0.0.53
- 10.0.0.54
- name: common-upstream
remote_hostname: upstream.example
- name: leaf-a
remote_hostname: leaf-a.example
- name: dual-stack
remote_hostname: dual-stack.example
tasks:
- name: Include bind9 role
ansible.builtin.include_role:
name: ../../../ansible-bind9-role
+1 -6
View File
@@ -1,11 +1,6 @@
---
- name: Prepare
hosts: all
- hosts: all
tasks:
- name: Update apt
ansible.builtin.apt:
update_cache: true
- name: Install bind9-dnsutils package
ansible.builtin.apt:
name: bind9-dnsutils
state: present
+13 -68
View File
@@ -1,76 +1,21 @@
---
- name: Verify
- name: Verify forwarders configuration
hosts: all
gather_facts: true
gather_facts: false
tasks:
- name: Check that BIND9 is installed
ansible.builtin.package:
name: bind9
state: present
check_mode: true
register: __bind9_package_check
failed_when: __bind9_package_check is changed
- name: Check that BIND9 service is running
ansible.builtin.service:
name: named
state: started
enabled: true
check_mode: true
register: __bind9_service_check
failed_when: __bind9_service_check is changed
- name: Check that named.conf.options exists
ansible.builtin.stat:
path: /etc/bind/named.conf.options
register: __options_file
failed_when: not __options_file.stat.exists
- name: Check that named.conf.local exists
ansible.builtin.stat:
path: /etc/bind/named.conf.local
register: __local_file
failed_when: not __local_file.stat.exists
- name: Read named.conf.options content
- name: Read named.conf.options
ansible.builtin.slurp:
path: /etc/bind/named.conf.options
register: __options_content
src: /etc/bind/named.conf.options
register: forwarders_file
- name: Verify forwarders are configured in options
- name: Assert forwarders render with port and tls
ansible.builtin.assert:
that:
- "'forwarders' in __options_decoded"
- "'8.8.8.8' in __options_decoded"
- "'forward first' in __options_decoded"
fail_msg: Forwarders not properly configured in named.conf.options
- forwarders_content is search('forwarders port 853 tls common-upstream \{')
- forwarders_content is search('192.0.2.10 port 5353 tls leaf-a;')
- forwarders_content is search('2001:db8::10 tls dual-stack;')
- forwarders_content is search('198.51.100.10 tls dual-stack;')
- forwarders_content is search('203.0.113.10;')
fail_msg: "Forwarders block missing expected port/tls entries"
vars:
__options_decoded: "{{ __options_content.content | b64decode }}"
- name: Read named.conf.local content
ansible.builtin.slurp:
path: /etc/bind/named.conf.local
register: __local_content
- name: Verify forward zone is configured
ansible.builtin.assert:
that:
- "'zone \"example.internal\"' in __local_decoded"
- "'type forward' in __local_decoded"
- "'forward only' in __local_decoded"
fail_msg: Forward zone not properly configured in named.conf.local
vars:
__local_decoded: "{{ __local_content.content | b64decode }}"
- name: Test DNS resolution using localhost
ansible.builtin.command:
cmd: dig @localhost google.com +short
register: __dns_query
changed_when: false
failed_when: __dns_query.rc != 0
- name: Verify DNS query returned results
ansible.builtin.assert:
that:
- __dns_query.stdout_lines | length > 0
fail_msg: DNS forwarding is not working
forwarders_content: "{{ forwarders_file.content | b64decode }}"
+11 -60
View File
@@ -15,29 +15,8 @@
state: directory
owner: root
group: root
mode: '0750'
when: bind9_backup_config is defined and bind9_backup_config | bool
- name: Deploy and Validate Configuration
tags:
- bind9
- template
notify:
- Backup bind config
- Restart bind
block:
- name: Create backup of current config
ansible.builtin.copy:
src: "{{ bind9_cfgdir }}/{{ item.name }}"
dest: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
remote_src: true
owner: root
group: bind
mode: '0640'
failed_when: false # It's okay if the file doesn't exist yet
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
mode: 0750
when: bind9_backup_config is defined and bind9_backup_config
- name: Template named.conf.generator
ansible.builtin.template:
@@ -45,46 +24,18 @@
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
owner: root
group: bind
mode: '0640'
mode: 0640
backup: "{{ item.backup | default('false') | bool }}"
# validate: 'named-checkconf -z -j %s'
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
register: _template_result
- name: Validate configuration using named-checkconf
ansible.builtin.command:
cmd: "named-checkconf -z {{ bind9_cfgdir }}/named.conf"
changed_when: false
rescue:
- name: Restore configuration from backup
ansible.builtin.copy:
src: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
remote_src: true
owner: root
group: bind
mode: '0640'
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
failed_when: false # Best effort restore
- name: Fail due to invalid configuration
ansible.builtin.fail:
msg: |
Configuration validation failed. Changes have been reverted.
Check the logs for named-checkconf errors.
always:
- name: Remove backup files
ansible.builtin.file:
path: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
state: absent
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
when: bind9_backup_config | bool is false
tags:
- bind9
- template
notify:
- Backup bind config
- Restart bind
- name: Ensure the named service is started
ansible.builtin.service:
+44 -34
View File
@@ -42,6 +42,46 @@
{% endif %}
{% endmacro %}
{% macro list_address_port_tls(dict, indent=bind9_config_indent) %}
{# This macro is for use for statements with grammar like #}
{# address port 00 tls string; address port 00 tls string; #}
{# it is usually called by a parent macro #}
{% filter indent(indent, true) %}
{% for item in dict %}
{% if item is not mapping %}
{{ item }};
{% elif item.address is string %}
{{ item.address -}}
{{- (' port ' + item.port | string) if item.port is defined and item.port -}}
{{- (' tls ' + item.tls | string) if item.tls is defined and item.tls -}};
{% elif item.address is sequence %}
{% for address in item.address %}
{{ address -}}
{{- (' port ' + item.port | string) if item.port is defined and item.port -}}
{{- (' tls ' + item.tls | string) if item.tls is defined and item.tls -}};
{% endfor %}
{% endif %}
{% endfor %}
{% endfilter %}
{% endmacro %}
{% macro parent_address_port_tls(name, dict) %}
{# This macro is for statements with grammar like #}
{# statement port 00 tls string { address port 00 tls string; address port 00 tls string; } #}
{# the list inside the statement is handled by list_address_port_tls #}
{% if dict is not mapping and dict is iterable %}
{{ name }} {
{{ list_address_port_tls(dict) -}}
};
{% else %}
{{ name }}
{{- (' port ' + dict.port | string) if dict.port is defined and dict.port -}}
{{- (' tls ' + dict.tls | string) if dict.tls is defined and dict.tls }} {
{{ list_address_port_tls(dict.addresses) -}}
};
{% endif %}
{% endmacro %}
{% macro list_address_port_dscp(dict, indent=bind9_config_indent) %}
{# This macro is for use for statements with grammar like #}
{# address port 00 dscp 00; address port 00 dscp 00; #}
@@ -65,12 +105,14 @@
{# the list inside the statement is handled by list_address_port #}
{% if dict is not mapping and dict is iterable %}
{{ name }} {
{{ list_address_port_dscp(dict) }}};
{{ list_address_port_dscp(dict) }}
};
{% else %}
{{ name }}
{{- (' port ' + dict.port | string) if dict.port is defined and dict.port -}}
{{- (' dscp ' + dict.dscp | string) if dict.dscp is defined and dict.dscp }} {
{{ list_address_port_dscp(dict.addresses) }}};
{{ list_address_port_dscp(dict.addresses) }}
};
{% endif %}
{% endmacro %}
@@ -111,35 +153,3 @@
{{ name }} "{{ value }}";
{% endif %}
{% endmacro %}
{% macro list_address_port_tls(dict, indent=bind9_config_indent) %}
{# This macro is for use for statements with grammar like #}
{# address port 00 tls str; address port 00 tls str; #}
{# it is usually called by a parent macro #}
{% filter indent(indent, true) %}
{% for item in dict %}
{% if item is not mapping %}
{{ item }};
{% else %}
{{ item.address }}
{{- (' port ' + item.port | string) if item.port is defined and item.port -}}
{{- (' tls ' + item.tls | string) if item.tls is defined and item.tls -}};
{% endif %}
{% endfor %}
{% endfilter %}
{% endmacro %}
{% macro parent_address_port_tls(name, dict) %}
{# This macro is for use for statements with grammar like #}
{# statement port 00 tls str { address port 00 tls str; address port 00 tls str; } #}
{# the list inside the statement is handled by list_address_port_tls #}
{% if dict is not mapping and dict is iterable %}
{{ name }} {
{{ list_address_port_tls(dict) }}};
{% else %}
{{ name }}
{{- (' port ' + dict.port | string) if dict.port is defined and dict.port -}}
{{- (' tls ' + dict.tls | string) if dict.tls is defined and dict.tls }} {
{{ list_address_port_tls(dict.addresses) }}};
{% endif %}
{% endmacro %}
+1 -1
View File
@@ -101,7 +101,7 @@ listen-on
{{ functions.simple_item_list(item.options.listen_on.addresses) }}};
{% endfor %}
{% endif %}
{{ functions.parent_address_port_tls("forwarders", item.options.forwarders) if item.options.forwarders is defined and item.options.forwarders -}}
{{ functions.parent_address_port_tls('forwarders', item.options.forwarders) if item.options.forwarders is defined and item.options.forwarders -}}
{% if item.options.dual_stack_servers is defined and item.options.dual_stack_servers %}
dual-stack-servers
{{ (' port ' + item.options.dual_stack_servers.port | string) if item.options.dual_stack_servers.port is defined and item.options.dual_stack_servers }} {
+1 -1
View File
@@ -2,4 +2,4 @@
- hosts: localhost
remote_user: root
roles:
- bind9 # noqa: syntax-check[specific]
- bind9