saltstack-formulas/bind-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/bind-formula.git synced 2025-04-17 02:00:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #51 from saw-leipzig/master

Browse source 
Improvements for Debian based systems
This commit is contained in:
Forrest 2016-03-03 11:46:39 -08:00
commit 7a075d1ac6
3 changed files with 29 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
bind/files/debian/named.conf
View file

@ -1,13 +1,17 @@
// This is the primary configuration file for the BIND DNS server named. // This is the primary configuration file for the BIND DNS server named.
// //
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the // Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize // structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file. // this configuration file.
// //
// If you are just adding zones, please do that in /etc/bind/named.conf.local // If you are just adding zones, please do that in /etc/bind/named.conf.local
include "{{ map.options_config }}"; include "{{ map.options_config }}";
include "{{ map.local_config }}"; include "{{ map.local_config }}";
{%- if salt['pillar.get']('bind:keys', {}) is defined %} {%- if 'keys' in salt['pillar.get']('bind') %}
include "{{ map.key_config }}"; include "{{ map.key_config }}";
{% endif %} {% endif %}
{%- if salt['pillar.get']('bind:config:default_zones', False) %}
include "{{ map.default_zones_config }}";
{% endif %}

12
bind/files/debian/named.conf.local
View file

@ -18,9 +18,9 @@ zone "{{ key }}" {
}; };
{% else -%} {% else -%}
{% if args['dnssec'] is defined and args['dnssec'] -%} {% if args['dnssec'] is defined and args['dnssec'] -%}
file "zones/{{ file }}.signed"; file "{{ map.named_directory }}/{{ file }}.signed";
{% else -%} {% else -%}
file "zones/{{ file }}"; file "{{ map.named_directory }}/{{ file }}";
{%- endif %} {%- endif %}
{% if args['allow-update'] is defined -%} {% if args['allow-update'] is defined -%}
@ -90,3 +90,11 @@ logging {
}; };
category queries { querylog; }; category queries { querylog; };
}; };
{%- for name, data in salt['pillar.get']('bind:configured_acls', {}).items() %}
acl {{ name }} {
{%- for d in data %}
{{ d }};
{%- endfor %}
};
{%- endfor %}

16
pillar.example
View file

@ -13,8 +13,12 @@ bind:
options: options:
allow-recursion: '{ any; };' # Never include this on a public resolver allow-recursion: '{ any; };' # Never include this on a public resolver
# force bind to serve only one IP protocol (ipv4: 4, ipv6: 6). omitting this reverts to binds default of both. # force bind to serve only one IP protocol (ipv4: 4, ipv6: 6). omitting this reverts to binds default of both.
protocol: 4 protocol: 4
# For Debian based systems:
# If set to True, the default-zones configuration will be enabled. Defaults to False.
default_zones: True
bind: bind:
keys: keys:
@ -29,7 +33,7 @@ bind:
notify: False notify: False
allow-transfer: allow-transfer:
- 1.1.1.1 - 1.1.1.1
- 2.2.2.2 - 2.2.2.2
dynamic.domain.com: dynamic.domain.com:
type: master type: master
allow-update: "key core_dhcp" allow-update: "key core_dhcp"
@ -38,7 +42,7 @@ bind:
type: forward type: forward
forwarders: forwarders:
- 10.9.8.7 - 10.9.8.7
- 10.9.8.5 - 10.9.8.5
configured_views: configured_views:
myview1: myview1:
match_clients: match_clients:
@ -50,6 +54,10 @@ bind:
notify: False notify: False
update_policy: update_policy:
- "grant core_dhcp name dns_entry_allowed_to_update. ANY" - "grant core_dhcp name dns_entry_allowed_to_update. ANY"
configured_acls:
my_net:
- 127.0.0.0/8
- 10.20.0.0/16
bind: bind:
available_zones: available_zones: