-
Notifications
You must be signed in to change notification settings - Fork 181
/
master_etc_named.conf.j2
131 lines (118 loc) · 3.71 KB
/
master_etc_named.conf.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
//
// named.conf
//
{{ ansible_managed | comment('c') }}
{% for acl in bind_acls %}
acl "{{ acl.name }}" {
{% for match in acl.match_list %}
{{ match }};
{% endfor %}
};
{% endfor %}
options {
listen-on port 53 { {{ bind_listen_ipv4|join(';') }}; };
listen-on-v6 port 53 { {{ bind_listen_ipv6|join(';') }}; };
directory "{{ bind_dir }}";
dump-file "{{ bind_dir }}/data/cache_dump.db";
statistics-file "{{ bind_dir }}/data/named_stats.txt";
memstatistics-file "{{ bind_dir }}/data/named_mem_stats.txt";
allow-query { {{ bind_allow_query|join(';') }}; };
{% if bind_acls|length != 0 %}
allow-transfer { {% for acl in bind_acls %}"{{ acl.name }}"; {% endfor %}};
{% endif %}
{% if bind_check_names is defined %}
check-names {{ bind_check_names }};
{% endif %}
recursion {% if bind_recursion %}yes{% else %}no{% endif %};
{% if bind_recursion %}allow-recursion { {{ bind_allow_recursion|join('; ') }}; };
{% endif %}
{% if bind_forwarders|length > 0 %}forwarders { {{ bind_forwarders|join('; ') }}; };{% endif %}
{% if bind_forward_only %}forward only;{% endif %}
rrset-order { order {{ bind_rrset_order }}; };
dnssec-enable {{ bind_dnssec_enable }};
dnssec-validation {{ bind_dnssec_validation }};
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "{{ bind_dir }}/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
{% if bind_query_log is defined %}
querylog yes;
{% endif %}
};
logging {
channel default_debug {
file "{{ bind_log }}";
severity dynamic;
print-time yes;
};
{% if bind_query_log is defined %}
channel querylog {
file "{{ bind_query_log }}" versions 600 size 20m;
severity dynamic;
print-time yes;
};
category queries { querylog; };
{% endif %}
};
{% for file in bind_default_zone_files %}
include "{{ file }}";
{% endfor %}
{% for file in bind_extra_include_files %}
include "{{ file }}";
{% endfor %}
{% if bind_zone_domains is defined %}
{% for bind_zone in bind_zone_domains %}
zone "{{ bind_zone.name }}" IN {
type master;
file "{{ bind_zone_dir }}/{{ bind_zone.name }}";
notify yes;
{% if bind_zone.also_notify is defined %}
also-notify { {{ bind_zone.also_notify|join(';') }}; };
{% endif %}
{% if bind_zone.allow_update is defined %}
allow-update { {{ bind_zone.allow_update|join(';') }}; };
{% else %}
allow-update { none; };
{% endif %}
{% if bind_zone.delegate is defined %}
forwarders {};
{% endif %}
};
{% if bind_zone.networks is defined %}
{% for network in bind_zone.networks %}
zone "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa" IN {
type master;
file "{{ bind_zone_dir }}/{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa";
notify yes;
{% if bind_zone.also_notify is defined %}
also-notify { {{ bind_zone.also_notify|join(';') }}; };
{% endif %}
{% if bind_zone.allow_update is defined %}
allow-update { {{ bind_zone.allow_update|join(';') }}; };
{% else %}
allow-update { none; };
{% endif %}
};
{% endfor %}
{% endif %}
{% if bind_zone.ipv6_networks is defined %}
{% for network in bind_zone.ipv6_networks %}
zone "{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):] }}" IN {
type master;
file "{{ bind_zone_dir }}/{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):-1] }}";
notify yes;
{% if bind_zone.also_notify is defined %}
also-notify { {{ bind_zone.also_notify|join(';') }}; };
{% endif %}
{% if bind_zone.allow_update is defined %}
allow-update { {{ bind_zone.allow_update|join(';') }}; };
{% else %}
allow-update { none; };
{% endif %}
};
{% endfor %}
{% endif %}
{% endfor %}
{% endif %}