Skip to content
Snippets Groups Projects
Commit 061f0ddf authored by Adrian Reyer's avatar Adrian Reyer
Browse files

role_dns: add ACLs

parent 6b53a662
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/dns/defaults/main.yml
+ 1
0
View file @ 061f0ddf
......@@ -4,3 +4,4 @@ dns_secondary_zonefile_dir: /var/lib/bind
dns_primary_zones: {}
dns_primary_zonefile_dir: /etc/bind/zones
dns_primary_ips: {}
dns_acls: {}
roles/dns/tasks/main.yml
+ 8
0
View file @ 061f0ddf
......@@ -56,6 +56,13 @@
notify:
- reload bind
- name: Create config file for ACLs
ansible.builtin.template:
src: named.conf.acl.j2
dest: "/etc/bind/named.conf.acl"
notify:
- reload bind
- name: Ensure ansible managed config files are included
ansible.builtin.blockinfile:
marker: "// {mark} ANSIBLE MANAGED"
......@@ -63,6 +70,7 @@
block: |
// Include TSIG first
include "/etc/bind/named.conf.tsig";
include "/etc/bind/named.conf.acl";
include "/etc/bind/named.conf.primary";
include "/etc/bind/named.conf.secondary";
notify:
......
roles/dns/templates/named.conf.acl.j2 0 → 100644
+ 9
0
View file @ 061f0ddf
// WARNING Ansible managed, changes will be overwritten!
{% for acl, aclline in dns_acls.items() %}
acl "{{ acl }}" {
{% for line in aclline | default([]) %}
{{ line }}
{% endfor %}
};
{% endfor %}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz