Compare commits
35 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| da0f4d9189 | |||
| 3c595f4879 | |||
| 9ad0225582 | |||
| 84d140d40e | |||
| 6b9ac5ff8f | |||
| bed2af617f | |||
| b1e68c2225 | |||
| 2870e14941 | |||
| 28310f7755 | |||
| 8f16eb8573 | |||
| 571d8faf47 | |||
| 04e5e7db06 | |||
| de1fd88f69 | |||
| ba17ed2716 | |||
| 9818c24b26 | |||
| f2d8972ace | |||
| 3fffee6392 | |||
| 365e68c2dd | |||
| 7e87da9428 | |||
| 723357ecc0 | |||
| 4ebe932d27 | |||
| 59bfbbe698 | |||
| 87b8c6856c | |||
| 06fe995574 | |||
| af3a9c7f33 | |||
| 5ddcbbec5c | |||
| 97200d5004 | |||
| 251a78d825 | |||
| 51bb7979db | |||
| 8e12a4388f | |||
| f0cd205c20 | |||
| 5e28987ab5 | |||
| 3643dd4628 | |||
| 8c8dc93463 | |||
| 20a43d06bd |
@@ -1,63 +0,0 @@
|
|||||||
---
|
|
||||||
name: Test
|
|
||||||
|
|
||||||
on: # noqa: yaml[truthy]
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- feature/**
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
lint:
|
|
||||||
name: Lint
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v6
|
|
||||||
|
|
||||||
- name: Set up Python
|
|
||||||
uses: actions/setup-python@v4
|
|
||||||
with:
|
|
||||||
python-version: '3.11'
|
|
||||||
|
|
||||||
- name: Install tools
|
|
||||||
run: |
|
|
||||||
pip install --no-cache-dir yamllint ansible-lint
|
|
||||||
|
|
||||||
- name: Run yamllint
|
|
||||||
run: yamllint -d relaxed .
|
|
||||||
|
|
||||||
- name: Run ansible-lint
|
|
||||||
run: ansible-lint --strict --profile=production
|
|
||||||
|
|
||||||
test:
|
|
||||||
name: Test
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: lint
|
|
||||||
if: github.event_name == 'pull_request'
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v6
|
|
||||||
|
|
||||||
- name: Set up Python
|
|
||||||
uses: actions/setup-python@v4
|
|
||||||
with:
|
|
||||||
python-version: '3.11'
|
|
||||||
|
|
||||||
- name: Install podman
|
|
||||||
run: |
|
|
||||||
sudo apt-get update
|
|
||||||
sudo apt-get install -y podman
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
run: |
|
|
||||||
pip install --no-cache-dir \
|
|
||||||
ansible \
|
|
||||||
molecule[podman] \
|
|
||||||
podman-compose \
|
|
||||||
pyyaml \
|
|
||||||
jinja2
|
|
||||||
|
|
||||||
- name: Run Molecule tests
|
|
||||||
run: molecule test
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
<!--# cspell: ignore SSOT CMDB -->
|
|
||||||
# AGENTS.md
|
|
||||||
|
|
||||||
Ensure that all practices and instructions described by
|
|
||||||
https://raw.githubusercontent.com/ansible/ansible-creator/refs/heads/main/docs/agents.md
|
|
||||||
are followed.
|
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -38,7 +38,7 @@ named.conf
|
|||||||
bind configuration is set through the various bind9_*_config parameters. These are, in order of precedence:
|
bind configuration is set through the various bind9_*_config parameters. These are, in order of precedence:
|
||||||
1. bind9_default_config
|
1. bind9_default_config
|
||||||
2. bind9_group_config
|
2. bind9_group_config
|
||||||
3. bind9_site_config
|
3. bind9_leaf_config
|
||||||
4. bind9_host_config
|
4. bind9_host_config
|
||||||
|
|
||||||
All these configuration parameters are merged in a way where each successing config supercedes the previous one at a config-file level. To illustrate:
|
All these configuration parameters are merged in a way where each successing config supercedes the previous one at a config-file level. To illustrate:
|
||||||
@@ -59,7 +59,7 @@ bind9_group_config:
|
|||||||
- name: "."
|
- name: "."
|
||||||
type: mirror
|
type: mirror
|
||||||
|
|
||||||
bind9_site_config:
|
bind9_leaf_config:
|
||||||
- name: named.conf.local
|
- name: named.conf.local
|
||||||
zone:
|
zone:
|
||||||
- name: "."
|
- name: "."
|
||||||
@@ -81,7 +81,7 @@ bind9_config:
|
|||||||
file: /etc/share/dns/root.hints
|
file: /etc/share/dns/root.hints
|
||||||
```
|
```
|
||||||
|
|
||||||
The `named.conf.options` block in `bind9_default_config` got completely overwritten by the `bind9_group_config`, and the `bind9_site_config` completely overwrote `named.conf.local`, however, `named.conf.options` was left intact after merging with `bind9_site_config`.
|
The `named.conf.options` block in `bind9_default_config` got completely overwritten by the `bind9_group_config`, and the `bind9_leaf_config` completely overwrote `named.conf.local`, however, `named.conf.options` was left intact after merging with `bind9_leaf_config`.
|
||||||
|
|
||||||
Configuration Grammar
|
Configuration Grammar
|
||||||
---------------------
|
---------------------
|
||||||
@@ -126,43 +126,38 @@ Simple options are defined just as that.
|
|||||||
```
|
```
|
||||||
|
|
||||||
Some options have several optional parameters. For those, a somewhat flexible
|
Some options have several optional parameters. For those, a somewhat flexible
|
||||||
configuration format has been created. Common patterns include:
|
configuration format has been created
|
||||||
|
|
||||||
- **Address with Port/DSCP**: Used by options like `primaries`, `parental_agents` (e.g., `address [ port <port> ] [ dscp <dscp> ]`)
|
|
||||||
- **Address with Port/TLS**: Used by options like `forwarders` (e.g., `address [ port <port> ] [ tls <tls> ]`)
|
|
||||||
|
|
||||||
```
|
```
|
||||||
ADDRESS_PORT_TLS_OPTION: # Example: forwarders option
|
IP_PORT_DSCP_OPTION: # Any option that is defined as one of:
|
||||||
# <option> [ port <port> ] [ tls <tls> ] { <address> [ port <port> ] [ tls <tls> ]; ... }
|
# <option> [ port <port> ] [ dscp <dscp> ] { <address> [ port <port> ] [ dscp <dscp> ]; ... }
|
||||||
|
# <option> [ port <port> ] [ dscp <dscp> ] { <address> [ port <port> ] [ key <key> ] [ tls <tls> ]; ... }
|
||||||
# has a few optional syntaxes
|
# has a few optional syntaxes
|
||||||
# Example 1: Simple address list
|
# Example 1: Simple address list
|
||||||
- ADDRESS1
|
- ADDRESS1
|
||||||
- ADDRESS2
|
- ADDRESS2
|
||||||
# Example 2: To define global port/tls, use 'addresses' sub-element
|
# Example 2: To define source port/dscp, use 'addresses' sub-element
|
||||||
[ port: PORT ]
|
[ port: PORT ]
|
||||||
[ tls: TLS_NAME ]
|
[ dscp: DSCP ]
|
||||||
addresses:
|
addresses:
|
||||||
- ADDRESS1
|
- ADDRESS1
|
||||||
- ADDRESS2
|
- ADDRESS2
|
||||||
- 127.0.0.1
|
- 127.0.0.1
|
||||||
# Example 3: To define per-address port/tls, use 'addresses' as a list of dicts
|
# Example 3: To define target port/dscp, use 'addresses' as a list of dicts
|
||||||
addresses:
|
addresses:
|
||||||
- address: ADDRESS
|
- address: ADDRESS
|
||||||
[ port: PORT ]
|
[ port: PORT ]
|
||||||
[ tls: TLS_NAME ]
|
[ dscp: DSCP ]
|
||||||
- address: 127.0.0.1
|
- address: 127.0.0.1
|
||||||
port: 53
|
port: 53
|
||||||
- address: 127.0.0.1
|
- address: 127.0.0.1
|
||||||
port: 853
|
dscp: 42
|
||||||
tls: dot-tls
|
- address: 127.0.0.1
|
||||||
- address: 8.8.8.8
|
port: 5353
|
||||||
port: 853
|
dscp: 42
|
||||||
tls: google-tls
|
|
||||||
# Example 4: The various formats can be mixed and matched within the main element
|
# Example 4: The various formats can be mixed and matched within the main element
|
||||||
- ADDRESS1
|
- ADDRESS1
|
||||||
- address: ADDRESS2
|
- address: ADDRESS2
|
||||||
port: PORT
|
port: PORT
|
||||||
tls: TLS_NAME
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
@@ -203,5 +198,5 @@ BSD
|
|||||||
Author Information
|
Author Information
|
||||||
------------------
|
------------------
|
||||||
|
|
||||||
Daniel Akulenok <daniel@valid.dk>
|
Daniel Akulenok <dak@keepit.com>
|
||||||
Valid.dk
|
Keepit A/S - keepit.com
|
||||||
|
|||||||
@@ -1,19 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "forward"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,19 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "hint"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,10 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"in-view": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,171 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "mirror"
|
|
||||||
},
|
|
||||||
"allow-notify": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-transfer": {
|
|
||||||
"_grammar": "[ port <integer> ] [ transport <string> ] { <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-update-forwarding": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"also-notify": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"database": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"ixfr-from-differences": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"journal": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-ixfr-ratio": {
|
|
||||||
"_grammar": "( unlimited | <percentage> )"
|
|
||||||
},
|
|
||||||
"max-journal-size": {
|
|
||||||
"_grammar": "( default | unlimited | <sizeval> )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-transfer-rate-in": {
|
|
||||||
"_grammar": "<integer> <integer>"
|
|
||||||
},
|
|
||||||
"multi-master": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "( explicit | master-only | primary-only | <boolean> )"
|
|
||||||
},
|
|
||||||
"notify-cfg": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_id": "<string>",
|
|
||||||
"_mapbody": {
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"plugin": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_grammar": "( query ) <string> [ { <unspecified-text> } ]"
|
|
||||||
},
|
|
||||||
"primaries": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"provide-zoneversion": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-expire": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-ixfr": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-ixfr-max-diffs": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"transfer-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"transfer-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"try-tcp-refresh": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"zero-no-soa-ttl": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -1,258 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "primary"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-transfer": {
|
|
||||||
"_grammar": "[ port <integer> ] [ transport <string> ] { <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-update": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"also-notify": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"check-dup-records": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-integrity": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"check-mx": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-mx-cname": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-sibling": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"check-spf": {
|
|
||||||
"_grammar": "( warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-srv-cname": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"check-svcb": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"check-wildcard": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"checkds": {
|
|
||||||
"_grammar": "( explicit | <boolean> )"
|
|
||||||
},
|
|
||||||
"database": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dlz": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dnskey-sig-validity": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"dnssec-dnskey-kskonly": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"dnssec-loadkeys-interval": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"dnssec-policy": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dnssec-secure-to-insecure": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"dnssec-update-mode": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "( maintain | no-resign )"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"initial-file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"inline-signing": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"ixfr-from-differences": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"journal": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"key-directory": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"log-report-channel": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-ixfr-ratio": {
|
|
||||||
"_grammar": "( unlimited | <percentage> )"
|
|
||||||
},
|
|
||||||
"max-journal-size": {
|
|
||||||
"_grammar": "( default | unlimited | <sizeval> )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-zone-ttl": {
|
|
||||||
"_flags": [
|
|
||||||
"deprecated"
|
|
||||||
],
|
|
||||||
"_grammar": "( unlimited | <duration> )"
|
|
||||||
},
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "( explicit | master-only | primary-only | <boolean> )"
|
|
||||||
},
|
|
||||||
"notify-cfg": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_id": "<string>",
|
|
||||||
"_mapbody": {
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-to-soa": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"nsec3-test-zone": {
|
|
||||||
"_flags": [
|
|
||||||
"test only"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"parental-agents": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"parental-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"parental-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"plugin": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_grammar": "( query ) <string> [ { <unspecified-text> } ]"
|
|
||||||
},
|
|
||||||
"provide-zoneversion": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"send-report-channel": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"serial-update-method": {
|
|
||||||
"_grammar": "( date | increment | unixtime )"
|
|
||||||
},
|
|
||||||
"sig-signing-nodes": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-signing-signatures": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-signing-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-validity-interval": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<integer> [ <integer> ]"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"update-check-ksk": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"update-policy": {
|
|
||||||
"_grammar": "( local | { ( deny | grant ) <string> ( 6to4-self | external | krb5-self | krb5-selfsub | krb5-subdomain | krb5-subdomain-self-rhs | ms-self | ms-selfsub | ms-subdomain | ms-subdomain-self-rhs | name | self | selfsub | selfwild | subdomain | tcp-self | wildcard | zonesub ) [ <string> ] <rrtypelist>; ... } )"
|
|
||||||
},
|
|
||||||
"zero-no-soa-ttl": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,58 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "redirect"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"dlz": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-zone-ttl": {
|
|
||||||
"_flags": [
|
|
||||||
"deprecated"
|
|
||||||
],
|
|
||||||
"_grammar": "( unlimited | <duration> )"
|
|
||||||
},
|
|
||||||
"plugin": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_grammar": "( query ) <string> [ { <unspecified-text> } ]"
|
|
||||||
},
|
|
||||||
"primaries": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,258 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "secondary"
|
|
||||||
},
|
|
||||||
"allow-notify": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-transfer": {
|
|
||||||
"_grammar": "[ port <integer> ] [ transport <string> ] { <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-update-forwarding": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"also-notify": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"checkds": {
|
|
||||||
"_grammar": "( explicit | <boolean> )"
|
|
||||||
},
|
|
||||||
"database": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dlz": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dnskey-sig-validity": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"dnssec-dnskey-kskonly": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"dnssec-loadkeys-interval": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"dnssec-policy": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"dnssec-update-mode": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "( maintain | no-resign )"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"inline-signing": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"ixfr-from-differences": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"journal": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"key-directory": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"log-report-channel": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-ixfr-ratio": {
|
|
||||||
"_grammar": "( unlimited | <percentage> )"
|
|
||||||
},
|
|
||||||
"max-journal-size": {
|
|
||||||
"_grammar": "( default | unlimited | <sizeval> )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-out": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-transfer-rate-in": {
|
|
||||||
"_grammar": "<integer> <integer>"
|
|
||||||
},
|
|
||||||
"multi-master": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "( explicit | master-only | primary-only | <boolean> )"
|
|
||||||
},
|
|
||||||
"notify-cfg": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_id": "<string>",
|
|
||||||
"_mapbody": {
|
|
||||||
"notify": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notify-defer": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-delay": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"notify-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"notify-to-soa": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"nsec3-test-zone": {
|
|
||||||
"_flags": [
|
|
||||||
"test only"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"parental-agents": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"parental-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"parental-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"plugin": {
|
|
||||||
"_flags": [
|
|
||||||
"may occur multiple times"
|
|
||||||
],
|
|
||||||
"_grammar": "( query ) <string> [ { <unspecified-text> } ]"
|
|
||||||
},
|
|
||||||
"primaries": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"provide-zoneversion": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-expire": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-ixfr": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"request-ixfr-max-diffs": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"send-report-channel": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"sig-signing-nodes": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-signing-signatures": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-signing-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"sig-validity-interval": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<integer> [ <integer> ]"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"transfer-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"transfer-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"try-tcp-refresh": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"update-check-ksk": {
|
|
||||||
"_flags": [
|
|
||||||
"obsolete"
|
|
||||||
],
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"zero-no-soa-ttl": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,43 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "static-stub"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"server-addresses": {
|
|
||||||
"_grammar": "{ ( <ipv4_address> | <ipv6_address> ); ... }"
|
|
||||||
},
|
|
||||||
"server-names": {
|
|
||||||
"_grammar": "{ <string>; ... }"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,85 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "stub"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"database": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-transfer-rate-in": {
|
|
||||||
"_grammar": "<integer> <integer>"
|
|
||||||
},
|
|
||||||
"multi-master": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"primaries": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"transfer-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"transfer-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,85 +0,0 @@
|
|||||||
{
|
|
||||||
"zone": {
|
|
||||||
"_id": "<string> [ <class> ]",
|
|
||||||
"_mapbody": {
|
|
||||||
"type": {
|
|
||||||
"_grammar": "stub"
|
|
||||||
},
|
|
||||||
"allow-query": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"allow-query-on": {
|
|
||||||
"_grammar": "{ <address_match_element>; ... }"
|
|
||||||
},
|
|
||||||
"check-names": {
|
|
||||||
"_grammar": "( fail | warn | ignore )"
|
|
||||||
},
|
|
||||||
"database": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"file": {
|
|
||||||
"_grammar": "<quoted_string>"
|
|
||||||
},
|
|
||||||
"forward": {
|
|
||||||
"_grammar": "( first | only )"
|
|
||||||
},
|
|
||||||
"forwarders": {
|
|
||||||
"_grammar": "[ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"masterfile-format": {
|
|
||||||
"_grammar": "( raw | text )"
|
|
||||||
},
|
|
||||||
"masterfile-style": {
|
|
||||||
"_grammar": "( full | relative )"
|
|
||||||
},
|
|
||||||
"max-records": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-records-per-type": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-idle-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-transfer-time-in": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"max-types-per-name": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-refresh-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-retry-time": {
|
|
||||||
"_grammar": "<integer>"
|
|
||||||
},
|
|
||||||
"min-transfer-rate-in": {
|
|
||||||
"_grammar": "<integer> <integer>"
|
|
||||||
},
|
|
||||||
"multi-master": {
|
|
||||||
"_grammar": "<boolean>"
|
|
||||||
},
|
|
||||||
"primaries": {
|
|
||||||
"_grammar": "[ port <integer> ] [ source ( <ipv4_address> | * ) ] [ source-v6 ( <ipv6_address> | * ) ] { ( <server-list> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }"
|
|
||||||
},
|
|
||||||
"template": {
|
|
||||||
"_grammar": "<string>"
|
|
||||||
},
|
|
||||||
"transfer-source": {
|
|
||||||
"_grammar": "( <ipv4_address> | * )"
|
|
||||||
},
|
|
||||||
"transfer-source-v6": {
|
|
||||||
"_grammar": "( <ipv6_address> | * )"
|
|
||||||
},
|
|
||||||
"zone-statistics": {
|
|
||||||
"_grammar": "( full | terse | none | <boolean> )"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+7
-7
@@ -14,8 +14,9 @@ bind9_debug_config: false
|
|||||||
bind9_config_indent: 4
|
bind9_config_indent: 4
|
||||||
|
|
||||||
bind9_group_config: []
|
bind9_group_config: []
|
||||||
bind9_site_config: []
|
bind9_leaf_config: []
|
||||||
bind9_host_config: []
|
bind9_host_config: []
|
||||||
|
|
||||||
bind9_default_config:
|
bind9_default_config:
|
||||||
- name: named.conf
|
- name: named.conf
|
||||||
backup: false
|
backup: false
|
||||||
@@ -27,11 +28,10 @@ bind9_default_config:
|
|||||||
options:
|
options:
|
||||||
directory: "{{ bind9_working_directory }}"
|
directory: "{{ bind9_working_directory }}"
|
||||||
|
|
||||||
bind9_config: >-
|
bind9_config: "{{ [bind9_default_config,
|
||||||
{{
|
|
||||||
[bind9_default_config,
|
|
||||||
bind9_group_config,
|
bind9_group_config,
|
||||||
bind9_site_config,
|
bind9_leaf_config,
|
||||||
bind9_host_config] |
|
bind9_host_config] |
|
||||||
community.general.lists_mergeby('name', recursive=true, list_merge='append_rp')
|
community.general.lists_mergeby('name',
|
||||||
}}
|
recursive=true,
|
||||||
|
list_merge='append_rp') }}"
|
||||||
|
|||||||
+4
-2
@@ -16,8 +16,10 @@
|
|||||||
- "{{ bind9_cfgdir }}"
|
- "{{ bind9_cfgdir }}"
|
||||||
- "{{ bind9_working_directory }}"
|
- "{{ bind9_working_directory }}"
|
||||||
- "{{ bind9_libdir }}"
|
- "{{ bind9_libdir }}"
|
||||||
dest: "{{ bind9_backup_dir + '/bind9-config-' + ansible_facts.date_time.iso8601_basic_short + '.tar.gz' }}"
|
dest: "{{
|
||||||
|
bind9_backup_dir + '/bind9-config-' +
|
||||||
|
ansible_date_time.iso8601_basic_short + '.tar.gz' }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0640"
|
mode: 0640
|
||||||
when: bind9_backup_config is defined and bind9_backup_config
|
when: bind9_backup_config is defined and bind9_backup_config
|
||||||
|
|||||||
@@ -1,55 +0,0 @@
|
|||||||
---
|
|
||||||
argument_specs:
|
|
||||||
main:
|
|
||||||
short_description: The main entry point for the bind9 role.
|
|
||||||
options:
|
|
||||||
bind9_config:
|
|
||||||
type: list
|
|
||||||
elements: dict
|
|
||||||
description:
|
|
||||||
- A list of configuration dictionaries that are merged to produce the final configuration.
|
|
||||||
- Each element must have a 'name' key (filename).
|
|
||||||
bind9_default_config:
|
|
||||||
type: list
|
|
||||||
elements: dict
|
|
||||||
description: Default configuration.
|
|
||||||
bind9_group_config:
|
|
||||||
type: list
|
|
||||||
elements: dict
|
|
||||||
description: Group-level configuration.
|
|
||||||
bind9_site_config:
|
|
||||||
type: list
|
|
||||||
elements: dict
|
|
||||||
description: Site/Leaf-level configuration.
|
|
||||||
bind9_host_config:
|
|
||||||
type: list
|
|
||||||
elements: dict
|
|
||||||
description: Host-level configuration.
|
|
||||||
bind9_backup_config:
|
|
||||||
type: bool
|
|
||||||
default: true
|
|
||||||
description: Whether to backup configuration files before overwriting.
|
|
||||||
bind9_debug_config:
|
|
||||||
type: bool
|
|
||||||
default: false
|
|
||||||
description: Whether to print the merged configuration during execution.
|
|
||||||
bind9_config_indent:
|
|
||||||
type: int
|
|
||||||
default: 4
|
|
||||||
description: Indentation level for generated configuration files.
|
|
||||||
bind9_packages:
|
|
||||||
type: list
|
|
||||||
elements: str
|
|
||||||
description: List of packages to install.
|
|
||||||
bind9_cfgdir:
|
|
||||||
type: str
|
|
||||||
description: Directory for configuration files.
|
|
||||||
bind9_working_directory:
|
|
||||||
type: str
|
|
||||||
description: Working directory for BIND.
|
|
||||||
bind9_libdir:
|
|
||||||
type: str
|
|
||||||
description: Library directory for BIND.
|
|
||||||
bind9_backup_dir:
|
|
||||||
type: str
|
|
||||||
description: Directory for backups.
|
|
||||||
+3
-3
@@ -1,13 +1,13 @@
|
|||||||
---
|
---
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
role_name: bind9
|
role_name: bind9
|
||||||
namespace: valid
|
namespace: keepit
|
||||||
|
|
||||||
author: Daniel Akulenok
|
author: Daniel Akulenok
|
||||||
description: Configure Bind9
|
description: Configure Bind9
|
||||||
company: Valid.dk
|
company: Keepit
|
||||||
|
|
||||||
issue_tracker_url: https://git.valid.dk/daniel/ansible-bind9-role
|
issue_tracker_url: https://gitlab.off.keepit.com/operations/ansible-bind9-role
|
||||||
|
|
||||||
license: GPL-3.0-or-later
|
license: GPL-3.0-or-later
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
collections:
|
|
||||||
- name: ansible.utils
|
|
||||||
- name: ansible.posix
|
|
||||||
- name: community.crypto
|
|
||||||
- name: community.general
|
|
||||||
@@ -1,115 +1,5 @@
|
|||||||
---
|
---
|
||||||
- name: Converge
|
- name: Converge
|
||||||
hosts: all
|
hosts: all
|
||||||
tasks:
|
roles:
|
||||||
- name: Create log directory for BIND
|
- keepit.bind9
|
||||||
ansible.builtin.file:
|
|
||||||
path: /var/log/named
|
|
||||||
state: directory
|
|
||||||
mode: '0755'
|
|
||||||
owner: bind
|
|
||||||
group: bind
|
|
||||||
|
|
||||||
- name: Include bind9 role
|
|
||||||
ansible.builtin.include_role:
|
|
||||||
name: ../../../ansible-bind9-role # noqa: role-name[path]
|
|
||||||
vars:
|
|
||||||
bind9_backup_config: false
|
|
||||||
bind9_host_config:
|
|
||||||
- name: named.conf.options
|
|
||||||
options:
|
|
||||||
directory: "{{ bind9_working_directory }}"
|
|
||||||
recursion: true
|
|
||||||
allow_query:
|
|
||||||
- any
|
|
||||||
allow_recursion:
|
|
||||||
- 10.0.0.0/8
|
|
||||||
- 192.168.0.0/16
|
|
||||||
- 172.16.0.0/12
|
|
||||||
- localhost
|
|
||||||
- localnets
|
|
||||||
forwarders:
|
|
||||||
- address: 91.239.100.100
|
|
||||||
tls: censurfridns-anycast
|
|
||||||
- address: 89.233.43.71
|
|
||||||
tls: censurfridns-unicast
|
|
||||||
forward: first
|
|
||||||
dnssec_validation: auto
|
|
||||||
dnstap:
|
|
||||||
- type: auth
|
|
||||||
- type: resolver
|
|
||||||
log: query
|
|
||||||
- type: client
|
|
||||||
log: response
|
|
||||||
dnstap_output:
|
|
||||||
output_type: file
|
|
||||||
output_file: /var/log/named/dnstap.log
|
|
||||||
size: 20m
|
|
||||||
versions: 3
|
|
||||||
suffix: increment
|
|
||||||
dnstap_identity: dns-server-01
|
|
||||||
dnstap_version: 9.18
|
|
||||||
logging:
|
|
||||||
channels:
|
|
||||||
- name: default_log
|
|
||||||
file:
|
|
||||||
name: /var/log/named/default.log
|
|
||||||
severity: info
|
|
||||||
print_time: true
|
|
||||||
print_severity: true
|
|
||||||
print_category: true
|
|
||||||
- name: security_log
|
|
||||||
file:
|
|
||||||
name: /var/log/named/security.log
|
|
||||||
severity: dynamic
|
|
||||||
print_time: true
|
|
||||||
print_severity: true
|
|
||||||
print_category: true
|
|
||||||
- name: query_log
|
|
||||||
file:
|
|
||||||
name: /var/log/named/queries.log
|
|
||||||
versions: 5
|
|
||||||
size: 10m
|
|
||||||
severity: info
|
|
||||||
print_time: true
|
|
||||||
- name: dnssec_log
|
|
||||||
file:
|
|
||||||
name: /var/log/named/dnssec.log
|
|
||||||
severity: debug
|
|
||||||
print_time: true
|
|
||||||
print_severity: true
|
|
||||||
- name: rate_limit_log
|
|
||||||
syslog: daemon
|
|
||||||
severity: warning
|
|
||||||
categories:
|
|
||||||
- name: default
|
|
||||||
channels:
|
|
||||||
- default_log
|
|
||||||
- name: general
|
|
||||||
channels:
|
|
||||||
- default_log
|
|
||||||
- name: security
|
|
||||||
channels:
|
|
||||||
- security_log
|
|
||||||
- name: queries
|
|
||||||
channels:
|
|
||||||
- query_log
|
|
||||||
- name: dnssec
|
|
||||||
channels:
|
|
||||||
- dnssec_log
|
|
||||||
- name: rate-limit
|
|
||||||
channels:
|
|
||||||
- rate_limit_log
|
|
||||||
- name: named.conf.local
|
|
||||||
tls:
|
|
||||||
- name: censurfridns-anycast
|
|
||||||
remote_hostname: anycast.uncensoreddns.org
|
|
||||||
- name: censurfridns-unicast
|
|
||||||
remote_hostname: unicast.uncensoreddns.org
|
|
||||||
zones:
|
|
||||||
- name: example.internal
|
|
||||||
type: forward
|
|
||||||
forward: only
|
|
||||||
forwarders:
|
|
||||||
- 10.0.0.53
|
|
||||||
- 10.0.0.54
|
|
||||||
|
|||||||
@@ -1,18 +1,22 @@
|
|||||||
---
|
---
|
||||||
|
dependency:
|
||||||
|
name: galaxy
|
||||||
driver:
|
driver:
|
||||||
name: podman
|
name: docker
|
||||||
platforms:
|
platforms:
|
||||||
- name: debian-trixie
|
- name: ubuntu-jammy
|
||||||
image: docker.io/jrei/systemd-debian:13
|
image: ubuntu:jammy
|
||||||
command: /lib/systemd/systemd
|
- name: ubuntu-focal
|
||||||
privileged: true
|
image: ubuntu:focal
|
||||||
volumes:
|
- name: debian-bullseye
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
image: debian:bullseye
|
||||||
cgroupns_mode: host
|
|
||||||
provisioner:
|
provisioner:
|
||||||
name: ansible
|
name: ansible
|
||||||
config_options:
|
lint:
|
||||||
defaults:
|
name: ansible-lint
|
||||||
ALLOW_BROKEN_CONDITIONALS: true
|
|
||||||
verifier:
|
verifier:
|
||||||
name: ansible
|
name: ansible
|
||||||
|
lint: |
|
||||||
|
set -e
|
||||||
|
ansible-lint .
|
||||||
|
yamllint .
|
||||||
|
|||||||
@@ -1,11 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Prepare
|
|
||||||
hosts: all
|
|
||||||
tasks:
|
|
||||||
- name: Update apt
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: true
|
|
||||||
- name: Install bind9-dnsutils package
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name: bind9-dnsutils
|
|
||||||
state: present
|
|
||||||
@@ -1,76 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Verify
|
|
||||||
hosts: all
|
|
||||||
gather_facts: true
|
|
||||||
tasks:
|
|
||||||
- name: Check that BIND9 is installed
|
|
||||||
ansible.builtin.package:
|
|
||||||
name: bind9
|
|
||||||
state: present
|
|
||||||
check_mode: true
|
|
||||||
register: __bind9_package_check
|
|
||||||
failed_when: __bind9_package_check is changed
|
|
||||||
|
|
||||||
- name: Check that BIND9 service is running
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: named
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
check_mode: true
|
|
||||||
register: __bind9_service_check
|
|
||||||
failed_when: __bind9_service_check is changed
|
|
||||||
|
|
||||||
- name: Check that named.conf.options exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/bind/named.conf.options
|
|
||||||
register: __options_file
|
|
||||||
failed_when: not __options_file.stat.exists
|
|
||||||
|
|
||||||
- name: Check that named.conf.local exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/bind/named.conf.local
|
|
||||||
register: __local_file
|
|
||||||
failed_when: not __local_file.stat.exists
|
|
||||||
|
|
||||||
- name: Read named.conf.options content
|
|
||||||
ansible.builtin.slurp:
|
|
||||||
path: /etc/bind/named.conf.options
|
|
||||||
register: __options_content
|
|
||||||
|
|
||||||
- name: Verify forwarders are configured in options
|
|
||||||
ansible.builtin.assert:
|
|
||||||
that:
|
|
||||||
- "'forwarders' in __options_decoded"
|
|
||||||
- "'8.8.8.8' in __options_decoded"
|
|
||||||
- "'forward first' in __options_decoded"
|
|
||||||
fail_msg: Forwarders not properly configured in named.conf.options
|
|
||||||
vars:
|
|
||||||
__options_decoded: "{{ __options_content.content | b64decode }}"
|
|
||||||
|
|
||||||
- name: Read named.conf.local content
|
|
||||||
ansible.builtin.slurp:
|
|
||||||
path: /etc/bind/named.conf.local
|
|
||||||
register: __local_content
|
|
||||||
|
|
||||||
- name: Verify forward zone is configured
|
|
||||||
ansible.builtin.assert:
|
|
||||||
that:
|
|
||||||
- "'zone \"example.internal\"' in __local_decoded"
|
|
||||||
- "'type forward' in __local_decoded"
|
|
||||||
- "'forward only' in __local_decoded"
|
|
||||||
fail_msg: Forward zone not properly configured in named.conf.local
|
|
||||||
vars:
|
|
||||||
__local_decoded: "{{ __local_content.content | b64decode }}"
|
|
||||||
|
|
||||||
- name: Test DNS resolution using localhost
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: dig @localhost google.com +short
|
|
||||||
register: __dns_query
|
|
||||||
changed_when: false
|
|
||||||
failed_when: __dns_query.rc != 0
|
|
||||||
|
|
||||||
- name: Verify DNS query returned results
|
|
||||||
ansible.builtin.assert:
|
|
||||||
that:
|
|
||||||
- __dns_query.stdout_lines | length > 0
|
|
||||||
fail_msg: DNS forwarding is not working
|
|
||||||
+11
-61
@@ -15,30 +15,8 @@
|
|||||||
state: directory
|
state: directory
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0750"
|
mode: 0750
|
||||||
when: bind9_backup_config is defined and bind9_backup_config | bool
|
when: bind9_backup_config is defined and bind9_backup_config
|
||||||
|
|
||||||
- name: Deploy and Validate Configuration
|
|
||||||
tags:
|
|
||||||
- bind9
|
|
||||||
- template
|
|
||||||
notify:
|
|
||||||
- Backup bind config
|
|
||||||
- Restart bind
|
|
||||||
block:
|
|
||||||
- name: Create backup of current config
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "{{ bind9_cfgdir }}/{{ item.name }}"
|
|
||||||
dest: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
|
|
||||||
remote_src: true
|
|
||||||
owner: root
|
|
||||||
group: bind
|
|
||||||
mode: "0640"
|
|
||||||
changed_when: false
|
|
||||||
failed_when: false # It's okay if the file doesn't exist yet
|
|
||||||
loop: "{{ bind9_config }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ item.name }}"
|
|
||||||
|
|
||||||
- name: Template named.conf.generator
|
- name: Template named.conf.generator
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
@@ -46,46 +24,18 @@
|
|||||||
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
|
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: bind
|
group: bind
|
||||||
mode: "0640"
|
mode: 0640
|
||||||
|
backup: "{{ item.backup | default('false') | bool }}"
|
||||||
|
# validate: 'named-checkconf -z -j %s'
|
||||||
loop: "{{ bind9_config }}"
|
loop: "{{ bind9_config }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.name }}"
|
label: "{{ item.name }}"
|
||||||
register: bind9_template_result
|
tags:
|
||||||
|
- bind9
|
||||||
- name: Validate configuration using named-checkconf
|
- template
|
||||||
ansible.builtin.command:
|
notify:
|
||||||
cmd: "named-checkconf -z {{ bind9_cfgdir }}/named.conf"
|
- Backup bind config
|
||||||
changed_when: false
|
- Restart bind
|
||||||
|
|
||||||
rescue:
|
|
||||||
- name: Restore configuration from backup
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
|
|
||||||
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
|
|
||||||
remote_src: true
|
|
||||||
owner: root
|
|
||||||
group: bind
|
|
||||||
mode: "0640"
|
|
||||||
loop: "{{ bind9_config }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ item.name }}"
|
|
||||||
failed_when: false # Best effort restore
|
|
||||||
|
|
||||||
- name: Fail due to invalid configuration
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: |
|
|
||||||
Configuration validation failed. Changes have been reverted.
|
|
||||||
Check the logs for named-checkconf errors.
|
|
||||||
|
|
||||||
always:
|
|
||||||
- name: Remove backup files
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
|
|
||||||
state: absent
|
|
||||||
loop: "{{ bind9_config }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ item.name }}"
|
|
||||||
when: bind9_backup_config | bool is false
|
|
||||||
|
|
||||||
- name: Ensure the named service is started
|
- name: Ensure the named service is started
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
{# ACL Macro. Very easy statement. It's just a list of address match elements. #}
|
{# ACL Macro. Very easy statement. It's just a list of address match elements. #}
|
||||||
{% for acl in item.acl %}
|
{% for acl in item.acl %}
|
||||||
|
|
||||||
acl {{ acl.name }} {
|
acl {{ acl.name }} {
|
||||||
{{ functions.simple_item_list(acl.addresses) -}}
|
{{ functions.simple_item_list(acl.addresses) -}}
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
|
{% macro controls(controls) %}
|
||||||
controls {
|
controls {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% for control in item.controls %}
|
{% for control in controls %}
|
||||||
{% if control.type == "inet" %}
|
{% if control.type == "inet" %}
|
||||||
{{ ('inet ' + control.address) -}}
|
{{ ('inet ' + control.address) -}}
|
||||||
{{ (' port ' + control.port | string) if control.port is defined and control.port -}}
|
{{ (' port ' + control.port | string) if control.port is defined and control.port -}}
|
||||||
@@ -16,3 +16,4 @@ controls {
|
|||||||
{{ (' read-only ' + control.read_only | string) if control.read_only is defined -}};
|
{{ (' read-only ' + control.read_only | string) if control.read_only is defined -}};
|
||||||
{% endfor %}};
|
{% endfor %}};
|
||||||
{% endfilter %}
|
{% endfilter %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for dlz in item.dlz if item.dlz is iterable %}
|
{% macro dlz(dlzs) %}
|
||||||
|
{% for dlz in dlzs if dlzs is iterable %}
|
||||||
dlz "{{ dlz.name }}" {
|
dlz "{{ dlz.name }}" {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{{ ('database "' + simple_item_list(dlz.database) + '";') }}
|
{{ ('database "' + simple_item_list(dlz.database) + '";') }}
|
||||||
@@ -7,3 +7,4 @@ dlz "{{ dlz.name }}" {
|
|||||||
{% endfilter %}
|
{% endfilter %}
|
||||||
};
|
};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for policy in item.dnssec_policy if item.dnssec_policy is iterable %}
|
{% macro dnssec_policy(policies) %}
|
||||||
|
{% for policy in policies if policies is iterable %}
|
||||||
dnssec-policy "{{ policy.name }}" {
|
dnssec-policy "{{ policy.name }}" {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% if policy.keys is defined and policy.keys %}
|
{% if policy.keys is defined and policy.keys %}
|
||||||
@@ -36,3 +36,4 @@ nsec3param
|
|||||||
{% endfilter %}
|
{% endfilter %}
|
||||||
};
|
};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,7 +1,8 @@
|
|||||||
{% for dyndb in item.dyndb if item.dyndb is iterable %}
|
{% macro dyndb(dyndbs) %}
|
||||||
|
{% for dyndb in dyndbs if dyndbs is iterable %}
|
||||||
dyndb {{ dyndb.name }} "{{ dyndb.driver }}" {
|
dyndb {{ dyndb.name }} "{{ dyndb.driver }}" {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{{ functions.simple_item_list(dyndb.parameters) -}}
|
{{ functions.simple_item_list(dyndb.parameters) -}}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -111,35 +111,3 @@
|
|||||||
{{ name }} "{{ value }}";
|
{{ name }} "{{ value }}";
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endmacro %}
|
{% endmacro %}
|
||||||
|
|
||||||
{% macro list_address_port_tls(dict, indent=bind9_config_indent) %}
|
|
||||||
{# This macro is for use for statements with grammar like #}
|
|
||||||
{# address port 00 tls str; address port 00 tls str; #}
|
|
||||||
{# it is usually called by a parent macro #}
|
|
||||||
{% filter indent(indent, true) %}
|
|
||||||
{% for item in dict %}
|
|
||||||
{% if item is not mapping %}
|
|
||||||
{{ item }};
|
|
||||||
{% else %}
|
|
||||||
{{ item.address }}
|
|
||||||
{{- (' port ' + item.port | string) if item.port is defined and item.port -}}
|
|
||||||
{{- (' tls ' + item.tls | string) if item.tls is defined and item.tls -}};
|
|
||||||
{% endif %}
|
|
||||||
{% endfor %}
|
|
||||||
{% endfilter %}
|
|
||||||
{% endmacro %}
|
|
||||||
|
|
||||||
{% macro parent_address_port_tls(name, dict) %}
|
|
||||||
{# This macro is for use for statements with grammar like #}
|
|
||||||
{# statement port 00 tls str { address port 00 tls str; address port 00 tls str; } #}
|
|
||||||
{# the list inside the statement is handled by list_address_port_tls #}
|
|
||||||
{% if dict is not mapping and dict is iterable %}
|
|
||||||
{{ name }} {
|
|
||||||
{{ list_address_port_tls(dict) }}};
|
|
||||||
{% else %}
|
|
||||||
{{ name }}
|
|
||||||
{{- (' port ' + dict.port | string) if dict.port is defined and dict.port -}}
|
|
||||||
{{- (' tls ' + dict.tls | string) if dict.tls is defined and dict.tls }} {
|
|
||||||
{{ list_address_port_tls(dict.addresses) }}};
|
|
||||||
{% endif %}
|
|
||||||
{% endmacro %}
|
|
||||||
@@ -1,56 +1,76 @@
|
|||||||
{% import 'named.conf.functions.j2' as functions with context %}
|
{% import 'named.conf.functions.j2' as functions with context %}
|
||||||
{{ ansible_managed | comment }}
|
{{ ansible_managed | comment }}
|
||||||
{% if item.options is defined and item.options %}
|
{% if item.options is defined and item.options %}
|
||||||
|
options {
|
||||||
|
{% filter indent(bind9_config_indent,true)%}
|
||||||
{% include 'named.conf.options.j2' %}
|
{% include 'named.conf.options.j2' %}
|
||||||
|
{% endfilter %}
|
||||||
|
};
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.acl is defined and item.acl %}
|
{% if item.acl is defined and item.acl %}
|
||||||
{% include 'named.conf.acl.j2' %}
|
{% include 'named.conf.acl.j2' %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.primaries is defined and item.primaries %}
|
{% if item.primaries is defined and item.primaries %}
|
||||||
{% include 'named.conf.primaries.j2' %}
|
{% include 'named.conf.primaries' %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.controls is defined and item.controls %}
|
{% if item.controls is defined and item.controls %}
|
||||||
{% include 'named.conf.controls.j2' %}
|
{% from 'named.conf.controls.j2' import controls with context %}
|
||||||
|
{{ controls(item.controls) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.include is defined and item.include %}
|
{% if item.include is defined and item.include %}
|
||||||
{% include 'named.conf.include.j2' %}
|
{% from 'named.conf.include.j2' import include with context %}
|
||||||
|
{{ include(item.include) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.dlz is defined and item.dlz %}
|
{% if item.dlz is defined and item.dlz %}
|
||||||
{% include 'named.conf.dlz.j2' %}
|
{% from 'named.conf.dlz.j2' import dlz with context %}
|
||||||
|
{{ dlz(item.dlz) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.dnssec_policy is defined and item.dnssec_policy %}
|
{% if item.dnssec_policy is defined and item.dnssec_policy %}
|
||||||
{% include 'named.conf.dnssec-policy.j2' %}
|
{% from 'named.conf.dnssec-policy.j2' import dnssec_policy with context %}
|
||||||
|
{{ dnssec_policy(item.dnssec_policy) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.dyndb is defined and item.dyndb %}
|
{% if item.dyndb is defined and item.dyndb %}
|
||||||
{% include 'named.conf.dyndb.j2' %}
|
{% from 'named.conf.dyndb.j2' import dyndb with context %}
|
||||||
|
{{ dyndb(item.dyndb) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.http is defined and item.http %}
|
{% if item.http is defined and item.http %}
|
||||||
{% include 'named.conf.http.j2' %}
|
{% from 'named.conf.http.j2' import http with context %}
|
||||||
|
{{ http(item.http) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.keylist is defined and item.keylist %}
|
{% if item.keylist is defined and item.keylist %}
|
||||||
{% include 'named.conf.key.j2' %}
|
{% from 'named.conf.key.j2' import keylist with context %}
|
||||||
|
{{ keylist(item.keylist) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.logging is defined and item.logging %}
|
{% if item.logging is defined and item.logging %}
|
||||||
{% include 'named.conf.logging.j2' %}
|
{% from 'named.conf.logging.j2' import logging with context %}
|
||||||
|
{{ logging(item.logging) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.parental_agents is defined and item.parental_agents %}
|
{% if item.parental_agents is defined and item.parental_agents %}
|
||||||
{% include 'named.conf.parental-agents.j2' %}
|
{% from 'named.conf.parental-agents.j2' import parental_agents with context %}
|
||||||
|
{{ parental_agents(item.parental_agents) -}}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.server is defined and item.server %}
|
{% if item.server is defined and item.server %}
|
||||||
{% include 'named.conf.server.j2' %}
|
{% from 'named.conf.server.j2' import server with context %}
|
||||||
|
{{ server(item.server) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.statistics_channels is defined and item.statistics_channels %}
|
{% if item.statistics_channels is defined and item.statistics_channels %}
|
||||||
{% include 'named.conf.statistics-channels.j2' %}
|
{% from 'named.conf.statistics-channels.j2' import statistics_channels with context %}
|
||||||
|
{{ statistics_channels(item.statistics_channels) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.tls is defined and item.tls %}
|
{% if item.tls is defined and item.tls %}
|
||||||
{% include 'named.conf.tls.j2' %}
|
{% from 'named.conf.tls.j2' import tls with context %}
|
||||||
|
{{ tls(item.tls) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.trust_anchors is defined and item.trust_anchors %}
|
{% if item.trust_anchors is defined and item.trust_anchors %}
|
||||||
{% include 'named.conf.trust-anchors.j2' %}
|
{% from 'named.conf.trust-anchors.j2' import trust_anchors with context %}
|
||||||
|
{{ trust_anchors(item.trust_anchors) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.zones is defined and item.zones %}
|
{% if item.zones is defined and item.zones %}
|
||||||
{% include 'named.conf.zone.j2' %}
|
{% from 'named.conf.zone.j2' import zones with context %}
|
||||||
|
{{ zones(item.zones) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if item.view is defined and item.view %}
|
{% if item.view is defined and item.view %}
|
||||||
{% include 'named.conf.view.j2' %}
|
{% from 'named.conf.view.j2' import view with context %}
|
||||||
|
{{ view(item.view) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for http in item.http if item.http is iterable %}
|
{% macro http(seq) %}
|
||||||
|
{% for http in seq if seq is iterable %}
|
||||||
http {{ http.name }} {
|
http {{ http.name }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% if http.endpoints is defined and http.endpoints %}
|
{% if http.endpoints is defined and http.endpoints %}
|
||||||
@@ -14,3 +14,4 @@ endpoints {
|
|||||||
{{ ('streams-per-connection ' + http.streams_per_connection | string + ';\n') if http.streams_per_connection is defined and http.streams_per_connection -}}
|
{{ ('streams-per-connection ' + http.streams_per_connection | string + ';\n') if http.streams_per_connection is defined and http.streams_per_connection -}}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,4 +1,5 @@
|
|||||||
|
{% macro include(files) %}
|
||||||
{% for file in item.include %}
|
{% for file in files %}
|
||||||
include "{{ file }}";
|
include "{{ file }}";
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,8 +1,9 @@
|
|||||||
{% for keyname in item.keylist if item.keylist is iterable %}
|
{% macro keylist(keylists) %}
|
||||||
|
{% for keyname in keylists if keylists is iterable %}
|
||||||
key {{ keyname.name }} {
|
key {{ keyname.name }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{{ ('algorithm ' + keyname.algorithm + ';\n') if keyname.algorithm is defined and keyname.algorithm -}}
|
{{ ('algorithm ' + keyname.algorithm + ';\n') if keyname.algorithm is defined and keyname.algorithm -}}
|
||||||
{{ ('secret "' + keyname.secret + '";\n') if keyname.secret is defined and keyname.secret -}}
|
{{ ('secret "' + keyname.secret + '";\n') if keyname.secret is defined and keyname.secret -}}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,11 +1,11 @@
|
|||||||
|
{% macro logging(logging) %}
|
||||||
logging {
|
logging {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% for category in item.logging.categories if item.logging.categories is defined and item.logging.categories %}
|
{% for category in logging.categories if logging.categories is defined and logging.categories %}
|
||||||
category {{ category.name }} {
|
category {{ category.name }} {
|
||||||
{{ functions.simple_item_list(category.channels) }}};
|
{{ functions.simple_item_list(category.channels) }}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% for channel in item.logging.channels if item.logging.channels is defined and item.logging.channels %}
|
{% for channel in logging.channels if logging.channels is defined and logging.channels %}
|
||||||
channel {{ channel.name }} {
|
channel {{ channel.name }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% if channel.file is defined and channel.file %}
|
{% if channel.file is defined and channel.file %}
|
||||||
@@ -26,3 +26,4 @@ file "{{ channel.file.name }}"
|
|||||||
};
|
};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,6 +1,3 @@
|
|||||||
|
|
||||||
options {
|
|
||||||
{% filter indent(bind9_config_indent,true)%}
|
|
||||||
{# Unicorn Options#}
|
{# Unicorn Options#}
|
||||||
{% if item.options.rrset_order is defined and item.options.rrset_order %}
|
{% if item.options.rrset_order is defined and item.options.rrset_order %}
|
||||||
rrset-order {
|
rrset-order {
|
||||||
@@ -101,7 +98,7 @@ listen-on
|
|||||||
{{ functions.simple_item_list(item.options.listen_on.addresses) }}};
|
{{ functions.simple_item_list(item.options.listen_on.addresses) }}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{{ functions.parent_address_port_tls("forwarders", item.options.forwarders) if item.options.forwarders is defined and item.options.forwarders -}}
|
{{ functions.parent_address_port_dscp("forwarders", item.options.forwarders) if item.options.forwarders is defined and item.options.forwarders -}}
|
||||||
{% if item.options.dual_stack_servers is defined and item.options.dual_stack_servers %}
|
{% if item.options.dual_stack_servers is defined and item.options.dual_stack_servers %}
|
||||||
dual-stack-servers
|
dual-stack-servers
|
||||||
{{ (' port ' + item.options.dual_stack_servers.port | string) if item.options.dual_stack_servers.port is defined and item.options.dual_stack_servers }} {
|
{{ (' port ' + item.options.dual_stack_servers.port | string) if item.options.dual_stack_servers.port is defined and item.options.dual_stack_servers }} {
|
||||||
@@ -463,6 +460,3 @@ tkey-dhkey "{{ item.options.tkey_dhkey.key_name }}" {{ item.options.tkey_dhkey.k
|
|||||||
{{ (functions.boolean_option('use-alt-transfer-source', item.options.use_alt_transfer_source) + '\n') if item.options.use_alt_transfer_source is defined -}}
|
{{ (functions.boolean_option('use-alt-transfer-source', item.options.use_alt_transfer_source) + '\n') if item.options.use_alt_transfer_source is defined -}}
|
||||||
{{ (functions.boolean_option('zero-no-soa-ttl', item.options.zero_no_soa_ttl) + '\n') if item.options.zero_no_soa_ttl is defined -}}
|
{{ (functions.boolean_option('zero-no-soa-ttl', item.options.zero_no_soa_ttl) + '\n') if item.options.zero_no_soa_ttl is defined -}}
|
||||||
{{ (functions.boolean_option('zero-no-soa-ttl-cache', item.options.zero_no_soa_ttl_cache) + '\n') if item.options.zero_no_soa_ttl_cache is defined -}}
|
{{ (functions.boolean_option('zero-no-soa-ttl-cache', item.options.zero_no_soa_ttl_cache) + '\n') if item.options.zero_no_soa_ttl_cache is defined -}}
|
||||||
{% endfilter %}
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|||||||
@@ -1,8 +1,9 @@
|
|||||||
{% for agent in item.parental_agents if item.parental_agents is iterable %}
|
{% macro parental_agents(parental_agents) %}
|
||||||
|
{% for agent in parental_agents if parental_agents is iterable %}
|
||||||
parental-agents {{ agent.name -}}
|
parental-agents {{ agent.name -}}
|
||||||
{{ (' port ' + agent.port | string) if agent.port is defined and agent.port -}}
|
{{ (' port ' + agent.port | string) if agent.port is defined and agent.port -}}
|
||||||
{{ (' dscp ' + agent.dscp | string) if agent.dscp is defined and agent.dscp }} {
|
{{ (' dscp ' + agent.dscp | string) if agent.dscp is defined and agent.dscp }} {
|
||||||
{{ functions.list_address_port_key_tls(agent.addresses) -}}};
|
{{ functions.list_address_port_key_tls(agent.addresses) -}}};
|
||||||
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,5 +1,4 @@
|
|||||||
{% for primary in item.primaries if item.primaries is iterable %}
|
{% for primary in item.primaries if primaries is iterable %}
|
||||||
|
|
||||||
primaries {{ primary.name -}}
|
primaries {{ primary.name -}}
|
||||||
{{ (' port ' + primary.port | string) if primary.port is defined and primary.port -}}
|
{{ (' port ' + primary.port | string) if primary.port is defined and primary.port -}}
|
||||||
{{ (' dscp ' + primary.dscp | string) if primary.dscp is defined and primary.dscp }} {
|
{{ (' dscp ' + primary.dscp | string) if primary.dscp is defined and primary.dscp }} {
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for server in item.server if item.server is iterable %}
|
{% macro server(servers) %}
|
||||||
|
{% for server in servers if servers is iterable %}
|
||||||
server {{ server.prefix }} {
|
server {{ server.prefix }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% if server.transfer_source is defined and server.transfer_source is mapping %}
|
{% if server.transfer_source is defined and server.transfer_source is mapping %}
|
||||||
@@ -54,3 +54,4 @@ query-source
|
|||||||
{{ (functions.boolean_option('send-cookie', server.send_cookie) + '\n') if server.send_cookie is defined -}}
|
{{ (functions.boolean_option('send-cookie', server.send_cookie) + '\n') if server.send_cookie is defined -}}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,9 +1,10 @@
|
|||||||
|
{% macro statistics_channels(statistics_channels) %}
|
||||||
statistics-channels {
|
statistics-channels {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% for channel in item.statistics_channels if item.statistics_channels is iterable %}
|
{% for channel in statistics_channels if statistics_channels is iterable %}
|
||||||
inet {{ channel.address | string }}
|
inet {{ channel.address | string }}
|
||||||
{{- (' port ' + channel.port | string) if channel.port is defined and channel.port -}}
|
{{- (' port ' + channel.port | string) if channel.port is defined and channel.port -}}
|
||||||
{{- (' allow {\n' + functions.simple_item_list(channel.allow) + '};\n') if channel.allow is defined and channel.allow -}}
|
{{- (' allow {\n' + functions.simple_item_list(channel.allow) + '};\n') if channel.allow is defined and channel.allow -}}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for tls in item.tls if item.tls is iterable %}
|
{% macro tls(tlss) %}
|
||||||
|
{% for tls in tlss if tlss is iterable %}
|
||||||
tls {{ tls.name }} {
|
tls {{ tls.name }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{{ ('cert-file "' + tls.cert_file + '";\n') if tls.cert_file is defined and tls.cert_file -}}
|
{{ ('cert-file "' + tls.cert_file + '";\n') if tls.cert_file is defined and tls.cert_file -}}
|
||||||
@@ -13,3 +13,4 @@ tls {{ tls.name }} {
|
|||||||
{{ (functions.boolean_option('session-tickets', tls.session_tickets) + '\n') if tls.session_tickets is defined -}}
|
{{ (functions.boolean_option('session-tickets', tls.session_tickets) + '\n') if tls.session_tickets is defined -}}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
|
{% macro trust_anchors(trust_anchors) %}
|
||||||
trust-anchors {
|
trust-anchors {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{% for anchor in item.trust_anchors if item.trust_anchors is iterable %}
|
{% for anchor in trust_anchors if trust_anchors is iterable %}
|
||||||
{{ (anchor.name | string) -}}
|
{{ (anchor.name | string) -}}
|
||||||
{{ (' ' + anchor.type) -}}
|
{{ (' ' + anchor.type) -}}
|
||||||
{{ (' ' + anchor.flags | string) -}}
|
{{ (' ' + anchor.flags | string) -}}
|
||||||
@@ -10,3 +10,4 @@ trust-anchors {
|
|||||||
{{ (' "' + anchor.key + '"') -}};
|
{{ (' "' + anchor.key + '"') -}};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfilter %}};
|
{% endfilter %}};
|
||||||
|
{% endmacro %}
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
{% for view in item.view if item.view is iterable %}
|
{% macro view(views) %}
|
||||||
|
{% for view in views if views is iterable %}
|
||||||
view {{ view.name }} {
|
view {{ view.name }} {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
{{ ('match-recursive-only ' + functions.named_boolean(view.match_recursive_only) + ';\n') if view.match_recursive_only is defined -}}
|
{{ ('match-recursive-only ' + functions.named_boolean(view.match_recursive_only) + ';\n') if view.match_recursive_only is defined -}}
|
||||||
@@ -75,4 +75,4 @@ view {{ view.name }} {
|
|||||||
{{ trust_anchors(view.trust_anchors) -}}
|
{{ trust_anchors(view.trust_anchors) -}}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfilter %}
|
{% endfilter %}
|
||||||
};{% endfor %}
|
};{% endfor %}{% endmacro %}
|
||||||
@@ -1,5 +1,6 @@
|
|||||||
{% for zone in item.zones %}
|
# Zones Macro
|
||||||
|
{% macro zones(zones) -%}
|
||||||
|
{% for zone in zones %}
|
||||||
zone "{{ zone.name }}" {
|
zone "{{ zone.name }}" {
|
||||||
{% filter indent(bind9_config_indent, true) %}
|
{% filter indent(bind9_config_indent, true) %}
|
||||||
# Zone {{ zone.name }} type {{ zone.type }}
|
# Zone {{ zone.name }} type {{ zone.type }}
|
||||||
@@ -47,7 +48,7 @@ server-names {
|
|||||||
server-addresses {
|
server-addresses {
|
||||||
{{ functions.simple_item_list(zone.server_addresses) }}};
|
{{ functions.simple_item_list(zone.server_addresses) }}};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{{ functions.parent_address_port_tls('forwarders', zone.forwarders) if zone.forwarders is defined and zone.forwarders -}}
|
{{ functions.parent_address_port_dscp('forwarders', zone.forwarders) if zone.forwarders is defined and zone.forwarders -}}
|
||||||
{% if zone.allow_transfer is defined and zone.allow_transfer is not string %}
|
{% if zone.allow_transfer is defined and zone.allow_transfer is not string %}
|
||||||
allow-transfer
|
allow-transfer
|
||||||
{{- (' port ' + zone.allow_transfer.port | string) if zone.allow_transfer.port is defined and zone.allow_transfer.port -}}
|
{{- (' port ' + zone.allow_transfer.port | string) if zone.allow_transfer.port is defined and zone.allow_transfer.port -}}
|
||||||
@@ -156,4 +157,6 @@ parental-source-v6 {{ zone.parental_source_v6.address -}}
|
|||||||
{{ ('in-view ' + zone.in_view | string+';\n') if zone.in_view is defined and zone.in_view -}}
|
{{ ('in-view ' + zone.in_view | string+';\n') if zone.in_view is defined and zone.in_view -}}
|
||||||
{% endfilter %}
|
{% endfilter %}
|
||||||
};
|
};
|
||||||
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% endmacro %}
|
||||||
+1
-1
@@ -2,4 +2,4 @@
|
|||||||
- hosts: localhost
|
- hosts: localhost
|
||||||
remote_user: root
|
remote_user: root
|
||||||
roles:
|
roles:
|
||||||
- bind9 # noqa: syntax-check[specific]
|
- bind9
|
||||||
|
|||||||
Reference in New Issue
Block a user