Changed hard coded file path to dynamic value. Added possibility to set ACLs via pillar.

2025-04-15 17:20:21 +00:00 · 2016-03-03 10:01:56 +01:00 · 2016-03-03 10:01:56 +01:00 · bf6a0625e7
commit bf6a0625e7
parent 48ba120d45
2 changed files with 14 additions and 2 deletions
--- a/bind/files/debian/named.conf.local
+++ b/bind/files/debian/named.conf.local
@ -18,9 +18,9 @@ zone "{{ key }}" {
  };
  {% else -%}
  {% if args['dnssec'] is defined and args['dnssec'] -%}
-  file "zones/{{ file }}.signed";
+  file "{{ map.named_directory }}/{{ file }}.signed";
  {% else -%}
-  file "zones/{{ file }}";
+  file "{{ map.named_directory }}/{{ file }}";
  {%- endif %}

  {% if args['allow-update'] is defined -%}
@ -90,3 +90,11 @@ logging {
  };
  category queries { querylog; };
 };
+
+{%- for name, data in salt['pillar.get']('bind:configured_acls', {}).items() %}
+acl {{ name }} {
+  {%- for d in data %}
+  {{ d }};
+  {%- endfor %}
+};
+{%- endfor %}
--- a/pillar.example
+++ b/pillar.example
@ -54,6 +54,10 @@ bind:
          notify: False
          update_policy:
            - "grant core_dhcp name dns_entry_allowed_to_update. ANY"
+  configured_acls:
+    my_net:
+      - 127.0.0.0/8
+      - 10.20.0.0/16

 bind:
  available_zones: