From c10e1524e5b67fce4d8b17b0fa5ca39aac72c465 Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Mon, 26 Feb 2018 17:27:02 +0800 Subject: dns: generate nsd.conf with domains and nameservers variables --- roles/dns/tasks/main.yml | 4 ++-- roles/dns/templates/nsd.conf.j2 | 17 ++++++++--------- 2 files changed, 10 insertions(+), 11 deletions(-) (limited to 'roles') diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml index d6bfb2f..f414e59 100644 --- a/roles/dns/tasks/main.yml +++ b/roles/dns/tasks/main.yml @@ -68,11 +68,11 @@ path: /usr/local/etc/nsd/zones state: directory -- name: NSD - copy zone files +- name: NSD - generate zone files template: src: "zones/{{ item }}.zone.j2" dest: "/usr/local/etc/nsd/zones/{{ item }}.zone" - with_items: "{{ nsd.zones }}" + with_items: "{{ domains }}" notify: reload-nsd - name: NSD - enable and start service diff --git a/roles/dns/templates/nsd.conf.j2 b/roles/dns/templates/nsd.conf.j2 index f154796..0777bef 100644 --- a/roles/dns/templates/nsd.conf.j2 +++ b/roles/dns/templates/nsd.conf.j2 @@ -114,21 +114,20 @@ pattern: # nsd-control stats and stats_noreset. zonestats: "%s" - # Notify these slaves when the master zone changes - notify: 174.37.196.55 NOKEY # freedns.afraid.org - notify: 93.95.224.6 NOKEY # 1984hosting.com - - # Allow these IPs and TSIG to transfer zones. - provide-xfr: 174.37.196.55 NOKEY # freedns.afraid.org - provide-xfr: 93.95.224.6 NOKEY # 1984hosting.com + # Notify these slaves when the master zone changes, and allow them + # to transfer zones. +{% for server in nameservers %} + notify: {{ server.xfr_ip }} NOKEY # {{ server.name }} + provide-xfr: {{ server.xfr_ip }} NOKEY # {{ server.name }} +{% endfor %} # Fixed zone entries. Here you can config zones that cannot be deleted. # Zones that are dynamically added and deleted are put in the zonelist file. # -{% for zone in nsd.zones %} +{% for domain in domains %} zone: - name: "{{ zone }}" + name: "{{ domain }}" include-pattern: "stealth_zones" {% endfor %} -- cgit v1.2.2