diff options
| author | Aaron LI <aly@aaronly.me> | 2018-02-26 17:27:02 +0800 |
|---|---|---|
| committer | Aaron LI <aly@aaronly.me> | 2018-03-14 11:28:44 +0800 |
| commit | c10e1524e5b67fce4d8b17b0fa5ca39aac72c465 (patch) | |
| tree | 4d901258eaf250c17e3bf8022f59695bc5dd8afa | |
| parent | ee82cab09896865cf08326d8396c7275b21f8905 (diff) | |
| download | ansible-dfly-vps-c10e1524e5b67fce4d8b17b0fa5ca39aac72c465.tar.bz2 | |
dns: generate nsd.conf with domains and nameservers variables
| -rw-r--r-- | host_vars/vultr | 22 | ||||
| -rw-r--r-- | roles/dns/tasks/main.yml | 4 | ||||
| -rw-r--r-- | roles/dns/templates/nsd.conf.j2 | 17 |
3 files changed, 26 insertions, 17 deletions
diff --git a/host_vars/vultr b/host_vars/vultr index a0af249..63c82ab 100644 --- a/host_vars/vultr +++ b/host_vars/vultr @@ -13,15 +13,25 @@ network: address: 2001:19f0:5:3166::c0f:fee prefixlen: 64 +domains: + - 233233.xyz + - 1314233.xyz + +nameservers: + - name: afraid + xfr_ip: 174.37.196.55 + ns: + - ns2.afraid.org + - name: 1984hosting + xfr_ip: 93.95.224.6 + ns: + - ns0.1984.is + - ns1.1984.is + - ns2.1984.is + shadowsocks: server_port: 8989 password: "???" method: "chacha20-ietf-poly1305" -nsd: - # List of domains/zones - zones: - - 233233.xyz - - 1314233.xyz - # vim: set ft=yaml sw=2: # diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml index d6bfb2f..f414e59 100644 --- a/roles/dns/tasks/main.yml +++ b/roles/dns/tasks/main.yml @@ -68,11 +68,11 @@ path: /usr/local/etc/nsd/zones state: directory -- name: NSD - copy zone files +- name: NSD - generate zone files template: src: "zones/{{ item }}.zone.j2" dest: "/usr/local/etc/nsd/zones/{{ item }}.zone" - with_items: "{{ nsd.zones }}" + with_items: "{{ domains }}" notify: reload-nsd - name: NSD - enable and start service diff --git a/roles/dns/templates/nsd.conf.j2 b/roles/dns/templates/nsd.conf.j2 index f154796..0777bef 100644 --- a/roles/dns/templates/nsd.conf.j2 +++ b/roles/dns/templates/nsd.conf.j2 @@ -114,21 +114,20 @@ pattern: # nsd-control stats and stats_noreset. zonestats: "%s" - # Notify these slaves when the master zone changes - notify: 174.37.196.55 NOKEY # freedns.afraid.org - notify: 93.95.224.6 NOKEY # 1984hosting.com - - # Allow these IPs and TSIG to transfer zones. - provide-xfr: 174.37.196.55 NOKEY # freedns.afraid.org - provide-xfr: 93.95.224.6 NOKEY # 1984hosting.com + # Notify these slaves when the master zone changes, and allow them + # to transfer zones. +{% for server in nameservers %} + notify: {{ server.xfr_ip }} NOKEY # {{ server.name }} + provide-xfr: {{ server.xfr_ip }} NOKEY # {{ server.name }} +{% endfor %} # Fixed zone entries. Here you can config zones that cannot be deleted. # Zones that are dynamically added and deleted are put in the zonelist file. # -{% for zone in nsd.zones %} +{% for domain in domains %} zone: - name: "{{ zone }}" + name: "{{ domain }}" include-pattern: "stealth_zones" {% endfor %} |