104 lines
2.8 KiB
Django/Jinja
104 lines
2.8 KiB
Django/Jinja
//
|
||
// named.conf
|
||
//
|
||
{{ ansible_managed | comment('c') }}
|
||
//
|
||
{% for acl in bind_acls %}
|
||
acl "{{ acl.name }}" {
|
||
{% for match in acl.match_list %}
|
||
{{ match }};
|
||
{% endfor %}
|
||
};
|
||
|
||
{% endfor %}
|
||
options {
|
||
listen-on port 53 { {{ bind_listen_ipv4|join(';') }}; };
|
||
listen-on-v6 port 53 { {{ bind_listen_ipv6|join(';') }}; };
|
||
directory "{{ bind_dir }}";
|
||
dump-file "{{ bind_dir }}/data/cache_dump.db";
|
||
statistics-file "{{ bind_dir }}/data/named_stats.txt";
|
||
memstatistics-file "{{ bind_dir }}/data/named_mem_stats.txt";
|
||
allow-query { {{ bind_allow_query|join(';') }}; };
|
||
{% if bind_acls|length != 0 %}
|
||
allow-transfer { {% for acl in bind_acls %}"{{ acl.name }}"; {% endfor %}};
|
||
{% endif %}
|
||
|
||
recursion {% if bind_recursion %}yes{% else %}no{% endif %};
|
||
{% if bind_forwarders|length > 0 %}forwarders { {{ bind_forwarders|join('; ') }}; };{% endif %}
|
||
{% if bind_forward_only %}forward only;{% endif %}
|
||
|
||
rrset-order { order {{ bind_rrset_order }}; };
|
||
|
||
dnssec-enable {{ bind_dnssec_enable }};
|
||
dnssec-validation {{ bind_dnssec_validation }};
|
||
dnssec-lookaside auto;
|
||
|
||
/* Path to ISC DLV key */
|
||
bindkeys-file "/etc/named.iscdlv.key";
|
||
|
||
managed-keys-directory "{{ bind_dir }}/dynamic";
|
||
|
||
pid-file "/run/named/named.pid";
|
||
session-keyfile "/run/named/session.key";
|
||
{% if bind_query_log is defined %}
|
||
querylog yes;
|
||
{% endif %}
|
||
};
|
||
|
||
logging {
|
||
channel default_debug {
|
||
file "{{ bind_log }}";
|
||
severity dynamic;
|
||
print-time yes;
|
||
};
|
||
{% if bind_query_log is defined %}
|
||
channel querylog {
|
||
file "{{ bind_query_log }}" versions 600 size 20m;
|
||
severity dynamic;
|
||
print-time yes;
|
||
};
|
||
category queries { querylog; };
|
||
{% endif %}
|
||
};
|
||
|
||
{% for file in bind_default_zone_files %}
|
||
include "{{ file }}";
|
||
{% endfor %}
|
||
{% for file in bind_extra_include_files %}
|
||
include "{{ file }}";
|
||
{% endfor %}
|
||
|
||
{% if bind_zone_domains is defined %}
|
||
{% for bind_zone in bind_zone_domains %}
|
||
zone "{{ bind_zone.name }}" IN {
|
||
type slave;
|
||
masters { {{ bind_zone_master_server_ip }}; };
|
||
file "slaves/{{ bind_zone.name }}";
|
||
{% if bind_zone.delegate is defined %}
|
||
forwarders {};
|
||
{% endif %}
|
||
};
|
||
|
||
{% if bind_zone.networks is defined %}
|
||
{% for network in bind_zone.networks %}
|
||
zone "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa" IN {
|
||
type slave;
|
||
masters { {{ bind_zone_master_server_ip }}; };
|
||
file "slaves/{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa";
|
||
};
|
||
{% endfor %}
|
||
{% endif %}
|
||
|
||
{% if bind_zone.ipv6_networks is defined %}
|
||
{% for network in bind_zone.ipv6_networks %}
|
||
zone "{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):] }}" IN {
|
||
type slave;
|
||
masters { {{ bind_zone_master_server_ip }}; };
|
||
file "slaves/{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):-1] }}";
|
||
};
|
||
{% endfor %}
|
||
{% endif %}
|
||
{% endfor %}
|
||
{% endif %}
|
||
|