2017-10-02 23:34:53 +02:00
|
|
|
//
|
|
|
|
// {{ ansible_managed }}
|
|
|
|
//
|
|
|
|
|
|
|
|
// ACLs
|
2017-10-06 22:58:00 +02:00
|
|
|
masters "ns-master-{{ item.site_code }}" {
|
|
|
|
{{ item.dns.master }};
|
2017-10-02 23:34:53 +02:00
|
|
|
};
|
|
|
|
|
2017-10-06 22:58:00 +02:00
|
|
|
{% for zone in item.dns.forward_zones %}
|
|
|
|
{% if zone.master is defined %}
|
|
|
|
masters "ns-master-{{ zone.name }}" {
|
|
|
|
{{ zone.master }};
|
2017-10-02 23:34:53 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
{% endfor %}
|
|
|
|
|
2017-10-06 22:58:00 +02:00
|
|
|
acl "intern-{{ item.site_code }}" {
|
|
|
|
{{ item.ipv4_network | ipaddr('net') | ipaddr('network/prefix') }};
|
|
|
|
{% for prefix in item.ipv6_ula %}
|
2017-10-02 23:34:53 +02:00
|
|
|
{{ prefix | ipaddr('net') | ipaddr('network/prefix') }};
|
|
|
|
{% endfor %}
|
|
|
|
};
|
|
|
|
|
2017-10-06 22:58:00 +02:00
|
|
|
// DNS forward zones for {{ item.site_code }}
|
|
|
|
{% for zone in item.dns.forward_zones %}
|
|
|
|
zone "{{ zone.name }}." {
|
2017-10-02 23:34:53 +02:00
|
|
|
type slave;
|
2017-10-06 22:58:00 +02:00
|
|
|
file "{{ zone.name }}.db";
|
|
|
|
{% if zone.master is defined %}
|
|
|
|
masters { ns-master-{{ zone.name }}; };
|
2017-10-02 23:34:53 +02:00
|
|
|
{% else %}
|
2017-10-06 22:58:00 +02:00
|
|
|
masters { ns-master-{{ item.site_code }}; };
|
2017-10-02 23:34:53 +02:00
|
|
|
{% endif %}
|
|
|
|
};
|
|
|
|
{% if not loop.last %}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
{% endfor %}
|
|
|
|
|
2017-10-06 22:58:00 +02:00
|
|
|
// DNS reverse zones for {{ item.site_code }}
|
|
|
|
zone "{{ item.ipv4_network | ipaddr('net') | ipaddr('revdns') }}" {
|
2017-10-02 23:34:53 +02:00
|
|
|
type slave;
|
2017-10-06 22:58:00 +02:00
|
|
|
file "{{ item.ipv4_network | ipaddr('net') | ipaddr('revdns') }}";
|
|
|
|
masters { ns-master-{{ item.site_code }}; };
|
2017-10-02 23:34:53 +02:00
|
|
|
};
|
|
|
|
|
2017-10-06 22:58:00 +02:00
|
|
|
{% for prefix in item.ipv6_ula %}
|
2017-10-02 23:34:53 +02:00
|
|
|
zone "{{ prefix | ipaddr('net') | ipaddr('revdns') }}" {
|
|
|
|
type slave;
|
|
|
|
file "{{ prefix | ipaddr('net') | ipaddr('revdns') }}";
|
2017-10-06 22:58:00 +02:00
|
|
|
masters { ns-master-{{ item.site_code }}; };
|
2017-10-02 23:34:53 +02:00
|
|
|
};
|
|
|
|
{% if not loop.last %}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
{% endfor %}
|