aboutsummaryrefslogtreecommitdiffstats
path: root/roles/dns/templates
diff options
context:
space:
mode:
authorAaron LI <aly@aaronly.me>2018-03-02 09:07:58 +0800
committerAaron LI <aly@aaronly.me>2018-03-14 11:35:07 +0800
commite9aa03b6dc0f32c98d3088e4bcac5e847de4b08d (patch)
tree2bb977f3c5e137ccd20a92698f8a447a06dad054 /roles/dns/templates
parent562731165ec849bf9644b9bff0f2d198ecc7f37c (diff)
downloadansible-dfly-vps-e9aa03b6dc0f32c98d3088e4bcac5e847de4b08d.tar.bz2
dns: update zones templates and add liwt.net zone
Diffstat (limited to 'roles/dns/templates')
-rw-r--r--roles/dns/templates/zones/1314233.xyz.zone.j223
-rw-r--r--roles/dns/templates/zones/233233.xyz.zone.j239
-rw-r--r--roles/dns/templates/zones/liwt.net.zone.j246
3 files changed, 75 insertions, 33 deletions
diff --git a/roles/dns/templates/zones/1314233.xyz.zone.j2 b/roles/dns/templates/zones/1314233.xyz.zone.j2
index ede92da..5511c6e 100644
--- a/roles/dns/templates/zones/1314233.xyz.zone.j2
+++ b/roles/dns/templates/zones/1314233.xyz.zone.j2
@@ -1,21 +1,26 @@
-$ORIGIN 1314233.xyz.
-$TTL 1h
+{% set domain = "1314233.xyz" %}
+{% set hostmaster = "hostmaster." + network.domain %}
+; {{ ansible_managed }}
+$ORIGIN {{ domain }}.
+$TTL 1h
-@ IN SOA ns.1314233.xyz. admin.1314233.xyz. (
- 2018022120 ; serial number
+@ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. (
+ {{ domain | next_serial }} ; serial number
1d ; refresh
2h ; retry
4w ; expire
1h ; minimum TTL
)
-@ IN NS ns2.afraid.org.
+{% for server in nameservers %}
+{% for ns in server.ns %}
+@ IN NS {{ ns }}. ; {{ server.name }}
+{% endfor %}
+{% endfor %}
@ IN A {{ network.ipv4.address }}
@ IN AAAA {{ network.ipv6.address }}
-www IN CNAME www.233233.xyz.
-g IN CNAME g.233233.xyz.
-zw IN CNAME zw.233233.xyz.
+* IN CNAME @
-; vim: set ft=bindzone :
+; vim: set ft=bindzone:
diff --git a/roles/dns/templates/zones/233233.xyz.zone.j2 b/roles/dns/templates/zones/233233.xyz.zone.j2
index 9a71750..4067cea 100644
--- a/roles/dns/templates/zones/233233.xyz.zone.j2
+++ b/roles/dns/templates/zones/233233.xyz.zone.j2
@@ -1,38 +1,29 @@
-$ORIGIN 233233.xyz.
-$TTL 1h
-
-; WARNING:
-; A CNAME record is NOT allowed to coexist with *any other* data!
-; Therefore one can't have a CNAME Record at the zone root, because
-; the zone root must have two mandatory records: SOA and NS.
-;
-; According to the specification: if a CNAME RR is present at a node,
-; no other data should be present; this ensures that the data for a
-; canonical name and its aliases cannot be different. This rule also
-; insures that a cached CNAME can be used without checking with an
-; authoritative server for other RR types.
-
-@ IN SOA ns.233233.xyz. admin.233233.xyz. (
- 2018022123 ; serial number
+{% set domain = "233233.xyz" %}
+{% set hostmaster = "hostmaster." + network.domain %}
+; {{ ansible_managed }}
+$ORIGIN {{ domain }}.
+$TTL 1h
+
+@ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. (
+ {{ domain | next_serial }} ; serial number
1d ; refresh
2h ; retry
4w ; expire
1h ; minimum TTL
)
-@ IN NS ns2.afraid.org.
-
-;@ IN MX 10 mail.233233.xyz.
+{% for server in nameservers %}
+{% for ns in server.ns %}
+@ IN NS {{ ns }}. ; {{ server.name }}
+{% endfor %}
+{% endfor %}
@ IN A {{ network.ipv4.address }}
@ IN AAAA {{ network.ipv6.address }}
-;mail IN A {{ network.ipv4.address }}
-;mail IN AAAA {{ network.ipv6.address }}
www IN CNAME @
g IN CNAME @
zw IN CNAME @
+* IN CNAME @
-;@ IN TXT "v=spf1 mx -all"
-
-; vim: set ft=bindzone :
+; vim: set ft=bindzone:
diff --git a/roles/dns/templates/zones/liwt.net.zone.j2 b/roles/dns/templates/zones/liwt.net.zone.j2
new file mode 100644
index 0000000..fc44279
--- /dev/null
+++ b/roles/dns/templates/zones/liwt.net.zone.j2
@@ -0,0 +1,46 @@
+{% set domain = "liwt.net" %}
+{% set hostmaster = "hostmaster." + network.domain %}
+; {{ ansible_managed }}
+$ORIGIN {{ domain }}.
+$TTL 1h
+
+; WARNING:
+;
+; The DNS CNAME ("canonical name") record exists to provide the canonical
+; name associated with an alias name. There may be only one such canonical
+; name for any one alias. That name should generally be a name that exists
+; elsewhere in the DNS, though there are some rare applications for aliases
+; with the accompanying canonical name undefined in the DNS. An alias name
+; (label of a CNAME record) may, if DNSSEC is in use, have SIG, NXT, and
+; KEY RRs, but may have no other data.
+;
+; Credit: https://serverfault.com/a/613830
+
+@ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. (
+ {{ domain | next_serial }} ; serial number
+ 1d ; refresh
+ 2h ; retry
+ 4w ; expire
+ 1h ; minimum
+ )
+
+{% for server in nameservers %}
+{% for ns in server.ns %}
+@ IN NS {{ ns }}. ; {{ server.name }}
+{% endfor %}
+{% endfor %}
+
+@ IN A {{ network.ipv4.address }}
+@ IN AAAA {{ network.ipv6.address }}
+mail IN A {{ network.ipv4.address }}
+mail IN AAAA {{ network.ipv6.address }}
+
+www IN CNAME @
+git IN CNAME @
+vultr IN CNAME @
+* IN CNAME @
+
+@ IN MX 10 mail
+@ IN TXT "v=spf1 mx -all"
+
+; vim: set ft=bindzone: