saltstack-formulas/bind-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/bind-formula.git synced 2025-04-16 09:40:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Create pillar-with-views.example

Browse source 
An example of the bind pillar that defines multiple views for internal and external record sets.

This doesn't include the other portion of the pillar the defines the bind config - this is zones, views and ACLs only. The config portion is not affected by this.
This commit is contained in:
crux-capacitor 2018-11-15 08:39:07 -05:00 committed by GitHub
parent d8eac23c5d
commit d67e9f8660
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 89 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

89
pillar-with-views.example Normal file
View file

@ -0,0 +1,89 @@
bind:
configured_acls: # We have an internal ACL restricted to our
internal: # private IP ranges.
- 127.0.0.0/8 # In this case, an ACL for external isn't needed
- 10.0.0.0/8 # as that view will be matched by 'any'.
# Notice that there is no 'configured_zones' at this indentation level.
# That is because the bind service forces all zones to be served via a view when you are using
# views.
configured_views:
external:
match_clients:
- any # This will match anything, including the public internet.
configured_zones:
mydomain.com: # Notice that this value matches on both views.
type: master
file: external.mydomain.com.txt # Specify the file to be used, which must match the file
recursion: yes # name of the zone below under available_zones.
notify: False
dnssec: False
internal:
match_clients:
- internal # This will match only our ACL named 'internal'.
configured_zones:
mydomain.com: # Same as above - both views will serve the same zone.
type: master
file: internal.mydomain.com.txt # Different file - matches the internal zone below.
recursion: yes
notify: False
dnssec: False
available_zones:
external.mydomain.com: # Beginning of the external zone definition.
file: external.mydomain.com.txt # The file in which to save this zone's record set - matches the file
# specified in the 'external' view.
soa: # Declare the SOA RRs for the zone
ns: ns1.external.mydomain.com # Required
contact: hostmaster@mydomain.com # Required
serial: auto # Alternatively, autoupdate serial on each change
class: IN # Optional. Default: IN
refresh: 8600 # Optional. Default: 12h
retry: 900 # Optional. Default: 15m
expiry: 86000 # Optional. Default: 2w
nxdomain: 500 # Optional. Default: 1m
ttl: 8600 # Optional. Not set by default
records: # Records for the zone, grouped by type
A:
portal: 50.60.70.80
gateway: 50.60.70.81
directory: 50.60.70.82
ns1: 50.60.70.83
www: 50.60.70.84
NS:
'@':
- ns1
CNAME:
login: portal.mydomain.com.
dashboard: www.mydomain.com.
internal.mydomain.com: # Beginning of the internal zone definition.
file: internal.mydomain.com.txt # The file in which to save this zone's record set - matches the file
# specified in the 'internal' view.
soa: # Declare the SOA RRs for the zone
ns: ns1.mydomain.com # Required
contact: hostmaster@mydomain.com # Required
serial: auto # Alternatively, autoupdate serial on each change
class: IN # Optional. Default: IN
refresh: 8600 # Optional. Default: 12h
retry: 900 # Optional. Default: 15m
expiry: 86000 # Optional. Default: 2w
nxdomain: 500 # Optional. Default: 1m
ttl: 8600 # Optional. Not set by default
records: # Records for the zone, grouped by type
A:
portal: 10.0.0.10
gateway: 10.0.0.11
directory: 10.0.0.12
ns1: 10.0.0.13
www: 10.0.0.14
NS:
'@':
- ns1
CNAME:
login: portal.mydomain.com.
dashboard: www.mydomain.com.