daniel/ansible-bind9-role
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
f0cd205c205a920a7871767092770d5660332551
ansible-bind9-role/templates/named.conf.zone.j2
Daniel Akulenok 20a43d06bd Move all of the role here
2022-08-04 12:41:40 +02:00

162 lines
13 KiB
Django/Jinja
Raw Blame History

# Zones Macro
{% macro zones(zones) -%}
{% for zone in zones %}
zone "{{ zone.name }}" {
{% filter indent(2, true) %}
# Zone {{ zone.name }} type {{ zone.type }}
{# Most critical/defining statements first #}
{{ ('type ' + zone.type | string+';\n') if zone.type is defined and zone.type -}}
{{ ('file "' + zone.file | string+'";\n') if zone.file is defined and zone.file -}}
{{ ('forward ' + zone.forward | string+';\n') if zone.forward is defined and zone.forward -}}
{{ ('journal "' + zone.journal | string+'";\n') if zone.journal is defined and zone.journal -}}
{{ ('key-directory "' + zone.key_directory | string+'";\n') if zone.key_directory is defined and zone.key_directory -}}
{# boolean_or_string options #}
{{ ('dialup ' + functions.boolean_or_string(zone.dialup) + ';\n') if zone.dialup is defined -}}
{{ ('notify ' + functions.boolean_or_string(zone.notify) + ';\n') if zone.notify is defined -}}
{{ ('zone-statistics ' + functions.boolean_or_string(zone.zone_statistics) + ';\n') if zone.zone_statistics is defined -}}
{# upstream_servers options #}
{{ functions.parent_address_key_tls('also-notify', zone.also_notify) if zone.also_notify is defined and zone.also_notify -}}
{{ functions.parent_address_key_tls('primaries', zone.primaries) if zone.primaries is defined and zone.primaries -}}
{{ functions.parent_address_key_tls('parental-agents', zone.parental_agents) if zone.parental_agents is defined and zone.parental_agents -}}
{# Unicorn Options#}
{% if zone.update_policy is defined and zone.update_policy %}
{% if zone.update_policy == 'local' %}
update-policy local;
{% else %}
update-policy {
{% filter indent(2, true) %}
{% for policy in zone.update_policy %}
{{ policy.permission -}}
{{ ' ' + policy.identity -}}
{{ ' ' + policy.ruletype -}}
{{ ' ' + policy.name -}}
{{ ' ' + policy.types -}};
{% endfor %}
{% endfilter %}};
{% endif %}
{% endif %}
{% if zone.sig_validity_interval is defined and zone.sig_validity_interval %}
sig-validity-interval
{{- (' ' + zone.sig_validity_interval.upper | string) }}
{{- (' ' + zone.sig_validity_interval.lower | string) if zone.sig_validity_interval.lower is defined and zone.sig_validity_interval.lower -}};
{% endif %}
{% if zone.server_names is defined and zone.server_names %}
server-names {
{{ functions.simple_item_list(zone.server_names) }}};
{% endif %}
{% if zone.server_addresses is defined and zone.server_addresses %}
server-addresses {
{{ functions.simple_item_list(zone.server_addresses) }}};
{% endif %}
{{ functions.parent_address_port_dscp('forwarders', zone.forwarders) if zone.forwarders is defined and zone.forwarders -}}
{% if zone.allow_transfer is defined and zone.allow_transfer is not string %}
allow-transfer
{{- (' port ' + zone.allow_transfer.port | string) if zone.allow_transfer.port is defined and zone.allow_transfer.port -}}
{{- (' transport ' + zone.allow_transfer.transport) if zone.allow_transfer.transport is defined and zone.allow_transfer.transport }} {
{{ functions.simple_item_list(zone.allow_transfer.addresses) }}};
{% endif %}
{# simple_list options #}
{{ ('allow-notify {\n' + functions.simple_item_list(zone.allow_notify) + '};\n') if zone.allow_notify is defined and zone.allow_notify -}}
{{ ('allow-query {\n' + functions.simple_item_list(zone.allow_query) + '};\n') if zone.allow_query is defined and zone.allow_query -}}
{{ ('allow-query-on {\n' + functions.simple_item_list(zone.allow_query_on) + '};\n') if zone.allow_query_on is defined and zone.allow_query_on -}}
{{ ('allow-update {\n' + functions.simple_item_list(zone.allow_update) + '};\n') if zone.allow_update is defined and zone.allow_update -}}
{{ ('allow-update-forwarding {\n' + functions.simple_item_list(zone.allow_update_forwarding) + '};\n') if zone.allow_update_forwarding is defined and zone.allow_update_forwarding -}}
{# ip_port_dscp options#}
{% if zone.transfer_source is defined and zone.transfer_source is mapping %}
transfer-source {{ zone.transfer_source.address -}}
{{- (' port ' + zone.transfer_source.port | string) if zone.transfer_source.port is defined and zone.transfer_source.port -}}
{{- (' dscp ' + zone.transfer_source.dscp | string) if zone.transfer_source.dscp is defined and zone.transfer_source.dscp }};
{% endif %}
{% if zone.transfer_source_v6 is defined and zone.transfer_source_v6 is mapping %}
transfer-source-v6 {{ zone.transfer_source_v6.address -}}
{{- (' port ' + zone.transfer_source_v6.port | string) if zone.transfer_source_v6.port is defined and zone.transfer_source_v6.port -}}
{{- (' dscp ' + zone.transfer_source_v6.dscp | string) if zone.transfer_source_v6.dscp is defined and zone.transfer_source_v6.dscp }};
{% endif %}
{% if zone.alt_transfer_source is defined and zone.alt_transfer_source is mapping %}
alt-transfer-source {{ zone.alt_transfer_source.address -}}
{{- (' port ' + zone.alt_transfer_source.port | string) if zone.alt_transfer_source.port is defined and zone.alt_transfer_source.port -}}
{{- (' dscp ' + zone.alt_transfer_source.dscp | string) if zone.alt_transfer_source.dscp is defined and zone.alt_transfer_source.dscp }};
{% endif %}
{% if zone.alt_transfer_source_v6 is defined and zone.alt_transfer_source_v6 is mapping %}
alt-transfer-source-v6 {{ zone.alt_transfer_source_v6.address -}}
{{- (' port ' + zone.alt_transfer_source_v6.port | string) if zone.alt_transfer_source_v6.port is defined and zone.alt_transfer_source_v6.port -}}
{{- (' dscp ' + zone.alt_transfer_source_v6.dscp | string) if zone.alt_transfer_source_v6.dscp is defined and zone.alt_transfer_source_v6.dscp }};
{% endif %}
{% if zone.notify_source is defined and zone.notify_source is mapping %}
notify-source {{ zone.notify_source.address -}}
{{- (' port ' + zone.notify_source.port | string) if zone.notify_source.port is defined and zone.notify_source.port -}}
{{- (' dscp ' + zone.notify_source.dscp | string) if zone.notify_source.dscp is defined and zone.notify_source.dscp }};
{% endif %}
{% if zone.notify_source_v6 is defined and zone.notify_source_v6 is mapping %}
notify-source-v6 {{ zone.notify_source_v6.address -}}
{{- (' port ' + zone.notify_source_v6.port | string) if zone.notify_source_v6.port is defined and zone.notify_source_v6.port -}}
{{- (' dscp ' + zone.notify_source_v6.dscp | string) if zone.notify_source_v6.dscp is defined and zone.notify_source_v6.dscp }};
{% endif %}
{% if zone.parental_source is defined and zone.parental_source is mapping %}
parental-source {{ zone.parental_source.address -}}
{{- (' port ' + zone.parental_source.port | string) if zone.parental_source.port is defined and zone.parental_source.port -}}
{{- (' dscp ' + zone.parental_source.dscp | string) if zone.parental_source.dscp is defined and zone.parental_source.dscp }};
{% endif %}
{% if zone.parental_source_v6 is defined and zone.parental_source_v6 is mapping %}
parental-source-v6 {{ zone.parental_source_v6.address -}}
{{- (' port ' + zone.parental_source_v6.port | string) if zone.parental_source_v6.port is defined and zone.parental_source_v6.port -}}
{{- (' dscp ' + zone.parental_source_v6.dscp | string) if zone.parental_source_v6.dscp is defined and zone.parental_source_v6.dscp }};
{% endif %}
{# integer options #}
{{ ('dnskey-sig-validity ' + zone.dnskey_sig_validity | string+';\n') if zone.dnskey_sig_validity is defined and zone.dnskey_sig_validity -}}
{{ ('dnssec-loadkeys-interval ' + zone.dnssec_loadkeys_interval | string+';\n') if zone.dnssec_loadkeys_interval is defined and zone.dnssec_loadkeys_interval -}}
{{ ('max-records ' + zone.max_records | string+';\n') if zone.max_records is defined and zone.max_records -}}
{{ ('max-refresh-time ' + zone.max_refresh_time | string+';\n') if zone.max_refresh_time is defined and zone.max_refresh_time -}}
{{ ('max-retry-time ' + zone.max_retry_time | string+';\n') if zone.max_retry_time is defined and zone.max_retry_time -}}
{{ ('max-transfer-idle-in ' + zone.max_transfer_idle_in | string+';\n') if zone.max_transfer_idle_in is defined and zone.max_transfer_idle_in -}}
{{ ('max-transfer-idle-out ' + zone.max_transfer_idle_out | string+';\n') if zone.max_transfer_idle_out is defined and zone.max_transfer_idle_out -}}
{{ ('max-transfer-time-in ' + zone.max_transfer_time_in | string+';\n') if zone.max_transfer_time_in is defined and zone.max_transfer_time_in -}}
{{ ('max-transfer-time-out ' + zone.max_transfer_time_out | string+';\n') if zone.max_transfer_time_out is defined and zone.max_transfer_time_out -}}
{{ ('min-refresh-time ' + zone.min_refresh_time | string+';\n') if zone.min_refresh_time is defined and zone.min_refresh_time -}}
{{ ('min-retry-time ' + zone.min_retry_time | string+';\n') if zone.min_retry_time is defined and zone.min_retry_time -}}
{{ ('notify-delay ' + zone.notify_delay | string+';\n') if zone.notify_delay is defined and zone.notify_delay -}}
{{ ('sig-signing-nodes ' + zone.sig_signing_nodes | string+';\n') if zone.sig_signing_nodes is defined and zone.sig_signing_nodes -}}
{{ ('sig-signing-signatures ' + zone.sig_signing_signatures | string+';\n') if zone.sig_signing_signatures is defined and zone.sig_signing_signatures -}}
{{ ('sig-signing-type ' + zone.sig_signing_type | string+';\n') if zone.sig_signing_type is defined and zone.sig_signing_type -}}
{# boolean options #}
{{ (functions.boolean_option('check-integrity', zone.check_integrity) + '\n') if zone.check_integrity is defined -}}
{{ (functions.boolean_option('check-sibling', zone.check_sibling) + '\n') if zone.check_sibling is defined -}}
{{ (functions.boolean_option('check-wildcard', zone.check_wildcard) + '\n') if zone.check_wildcard is defined -}}
{{ (functions.boolean_option('delegation-only', zone.delegation_only) + '\n') if zone.delegation_only is defined -}}
{{ (functions.boolean_option('dnssec-dnskey-kskonly', zone.dnssec_dnskey_kskonly) + '\n') if zone.dnssec_dnskey_kskonly is defined -}}
{{ (functions.boolean_option('dnssec-secure-to-insecure', zone.dnssec_secure_to_insecure) + '\n') if zone.dnssec_secure_to_insecure is defined -}}
{{ (functions.boolean_option('inline-signing', zone.inline_signing) + '\n') if zone.inline_signing is defined -}}
{{ (functions.boolean_option('ixfr-from-differences', zone.ixfr_from_differences) + '\n') if zone.ixfr_from_differences is defined -}}
{{ (functions.boolean_option('multi-master', zone.multi_master) + '\n') if zone.multi_master is defined -}}
{{ (functions.boolean_option('notify-to-soa', zone.notify_to_soa) + '\n') if zone.notify_to_soa is defined -}}
{{ (functions.boolean_option('request-expire', zone.request_expire) + '\n') if zone.request_expire is defined -}}
{{ (functions.boolean_option('request-ixfr', zone.request_ixfr) + '\n') if zone.request_ixfr is defined -}}
{{ (functions.boolean_option('try-tcp-refresh', zone.try_tcp_refresh) + '\n') if zone.try_tcp_refresh is defined -}}
{{ (functions.boolean_option('update-check-ksk', zone.update_check_ksk) + '\n') if zone.update_check_ksk is defined -}}
{{ (functions.boolean_option('use-alt-transfer-source', zone.use_alt_transfer_source) + '\n') if zone.use_alt_transfer_source is defined -}}
{{ (functions.boolean_option('zero-no-soa-ttl', zone.zero_no_soa_ttl) + '\n') if zone.zero_no_soa_ttl is defined -}}
{# multiple_choice options #}
{{ ('auto-dnssec ' + zone.auto_dnssec | string+';\n') if zone.auto_dnssec is defined and zone.auto_dnssec -}}
{{ ('check-dup-records ' + zone.check_dup_records | string+';\n') if zone.check_dup_records is defined and zone.check_dup_records -}}
{{ ('check-mx-cname ' + zone.check_mx_cname | string+';\n') if zone.check_mx_cname is defined and zone.check_mx_cname -}}
{{ ('check-mx ' + zone.check_mx | string+';\n') if zone.check_mx is defined and zone.check_mx -}}
{{ ('check-names ' + zone.check_names | string+';\n') if zone.check_names is defined and zone.check_names -}}
{{ ('check-spf ' + zone.check_spf | string+';\n') if zone.check_spf is defined and zone.check_spf -}}
{{ ('check-srv-cname ' + zone.check_srv_cname | string+';\n') if zone.check_srv_cname is defined and zone.check_srv_cname -}}
{{ ('dnssec-update-mode ' + zone.dnssec_update_mode | string+';\n') if zone.dnssec_update_mode is defined and zone.dnssec_update_mode -}}
{{ ('masterfile-format ' + zone.masterfile_format | string+';\n') if zone.masterfile_format is defined and zone.masterfile_format -}}
{{ ('masterfile-style ' + zone.masterfile_style | string+';\n') if zone.masterfile_style is defined and zone.masterfile_style -}}
{{ ('max-ixfr-ratio ' + zone.max_ixfr_ratio | string+';\n') if zone.max_ixfr_ratio is defined and zone.max_ixfr_ratio -}}
{{ ('max-journal-size ' + zone.max_journal_size | string+';\n') if zone.max_journal_size is defined and zone.max_journal_size -}}
{{ ('max-zone-ttl ' + zone.max_zone_ttl | string+';\n') if zone.max_zone_ttl is defined and zone.max_zone_ttl -}}
{{ ('serial-update-method ' + zone.serial_update_method | string+';\n') if zone.serial_update_method is defined and zone.serial_update_method -}}
{# string options #}
{{ ('database ' + zone.database | string+';\n') if zone.database is defined and zone.database -}}
{{ ('dlz ' + zone.dlz | string+';\n') if zone.dlz is defined and zone.dlz -}}
{{ ('dnssec-policy ' + zone.dnssec_policy | string+';\n') if zone.dnssec_policy is defined and zone.dnssec_policy -}}
{{ ('in-view ' + zone.in_view | string+';\n') if zone.in_view is defined and zone.in_view -}}
{% endfilter %}
};
{% endfor %}
{% endmacro %}
Reference in New Issue View Git Blame Copy Permalink