mirror of
https://github.com/saltstack-formulas/bind-formula.git
synced 2025-04-16 09:40:22 +00:00
182 lines
5.1 KiB
Django/Jinja
182 lines
5.1 KiB
Django/Jinja
# vim: sts=2 ts=2 sw=2 et ai
|
|
//
|
|
// Do any local configuration here
|
|
//
|
|
|
|
// Consider adding the 1918 zones here, if they are not used in your
|
|
// organization
|
|
//include "/etc/bind/zones.rfc1918";
|
|
|
|
{%- macro zone(key, args, file, masters) %}
|
|
zone "{{ key }}" {
|
|
type {{ args['type'] }};
|
|
{% if args['type'] == 'forward' -%}
|
|
{% if args['forward'] is defined -%}
|
|
forward {{ args['forward'] }};
|
|
{%- endif %}
|
|
forwarders {
|
|
{% for forwarder in args.forwarders -%}
|
|
{{ forwarder }};
|
|
{%- endfor %}
|
|
};
|
|
{% else -%}
|
|
{% if args['dnssec'] is defined and args['dnssec'] -%}
|
|
file "{{ zones_directory }}/{{ file }}.signed";
|
|
{% else -%}
|
|
file "{{ zones_directory }}/{{ file }}";
|
|
{%- endif %}
|
|
{% if args['auto-dnssec'] is defined -%}
|
|
auto-dnssec {{ args['auto-dnssec'] }};
|
|
inline-signing yes;
|
|
{%- endif %}
|
|
{%- if args['allow-update'] is defined %}
|
|
allow-update { {{args['allow-update']}}; };
|
|
{%- endif %}
|
|
{%- if args.update_policy is defined %}
|
|
update-policy {
|
|
{%- for policy in args.update_policy %}
|
|
{{ policy }};
|
|
{%- endfor %}
|
|
};
|
|
{%- endif %}
|
|
{%- if args['allow-transfer'] is defined %}
|
|
allow-transfer { {{ args.get('allow-transfer', []) | join('; ') }}; };
|
|
{%- endif %}
|
|
{%- if args['also-notify'] is defined %}
|
|
also-notify { {{ args.get('also-notify', []) | join('; ') }}; };
|
|
{%- endif %}
|
|
{%- if args['allow-query'] is defined %}
|
|
allow-query { {{ args.get('allow-query', []) | join('; ') }}; };
|
|
{%- endif %}
|
|
{%- if args['zone-statistics'] is defined %}
|
|
zone-statistics yes;
|
|
{%- endif %}
|
|
{%- if args['type'] == "master" -%}
|
|
{% if args['notify'] %}
|
|
notify yes;
|
|
{% else %}
|
|
notify no;
|
|
{%- endif -%}
|
|
{% else %}
|
|
notify no;
|
|
{%- if masters is iterable and masters is not string %}
|
|
masters {
|
|
{%- for item in masters %}
|
|
{{ item }};
|
|
{%- endfor %}
|
|
};
|
|
{%- else %}
|
|
masters { {{ masters }} };
|
|
{%- endif %}
|
|
{%- endif %}
|
|
{%- endif %}
|
|
};
|
|
{%- endmacro %}
|
|
|
|
{%- if salt['pillar.get']('bind:configured_views', {}) is not defined %}
|
|
include "{{ map.default_zones_config }}";
|
|
{%- endif %}
|
|
|
|
{% for key, args in salt['pillar.get']('bind:configured_zones', {})|dictsort -%}
|
|
{%- if salt['pillar.get']("bind:configured_zones:" + key + ":file") -%}
|
|
{%- set file = salt['pillar.get']("bind:configured_zones:" + key + ":file") %}
|
|
{% else %}
|
|
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
|
|
{%- endif -%}
|
|
|
|
{%- if salt['pillar.get']("bind:configured_zones:" + key + ":masters") -%}
|
|
{%- set masters = salt['pillar.get']("bind:configured_zones:" + key + ":masters") %}
|
|
{% else %}
|
|
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
|
|
{%- endif -%}
|
|
{{ zone(key, args, file, masters) }}
|
|
{% endfor %}
|
|
|
|
{% for view, view_data in salt['pillar.get']('bind:configured_views', {})|dictsort %}
|
|
|
|
view {{ view }} {
|
|
{%- if view == 'default' %}
|
|
include "{{ map.default_zones_config }}";
|
|
{%- endif %}
|
|
|
|
match-clients {
|
|
{%- for acl in view_data.get('match_clients', {}) %}
|
|
{{ acl }};
|
|
{%- endfor %}
|
|
};
|
|
|
|
{% for key, args in view_data.get('configured_zones', {})|dictsort -%}
|
|
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
|
|
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
|
|
{{ zone(key, args, file, masters) }}
|
|
{%- endfor %}
|
|
};
|
|
{%- endfor %}
|
|
|
|
{%- if salt['pillar.get']('bind:config:enable_logging', True) %}
|
|
{%- if salt['pillar.get']('bind:config:use_extensive_logging', False) %}
|
|
include "{{ map.logging_config }}";
|
|
{% else %}
|
|
logging {
|
|
channel "querylog" {
|
|
file "{{ map.log_dir }}/query.log";
|
|
print-time yes;
|
|
};
|
|
category queries { querylog; };
|
|
};
|
|
{%- endif %}
|
|
{%- endif %}
|
|
|
|
{%- if salt['pillar.get']('bind:controls', False) %}
|
|
controls {
|
|
{%- for name, control in salt['pillar.get']('bind:controls')|dictsort if control.get('enabled', True) %}
|
|
inet {{ control.get('bind', {}).get('address', '127.0.0.1') }} port {{ control.get('bind', {}).get('port', 953) }}
|
|
{%- if control.get('allow') %}
|
|
allow {
|
|
{%- for allow in control.allow %}
|
|
{{ allow }};
|
|
{%- endfor %}
|
|
}
|
|
{%- endif %}
|
|
{%- if control.get('keys') %}
|
|
keys {
|
|
{%- for key in control.get('keys') %}
|
|
{{ key }};
|
|
{%- endfor %}
|
|
}
|
|
{%- endif %};
|
|
{%- endfor %}
|
|
};
|
|
{%- endif %}
|
|
|
|
{%- if salt['pillar.get']('bind:statistics', False) %}
|
|
statistics-channels {
|
|
{%- for name, channel in salt['pillar.get']('bind:statistics')|dictsort if channel.get('enabled', True) %}
|
|
inet {{ channel.get('bind', {}).get('address', '127.0.0.1') }} port {{ channel.get('bind', {}).get('port', 953) }}
|
|
{%- if channel.get('allow') %}
|
|
allow {
|
|
{%- for allow in channel.allow %}
|
|
{{ allow }};
|
|
{%- endfor %}
|
|
}
|
|
{%- endif %};
|
|
{%- endfor %}
|
|
};
|
|
{%- endif %}
|
|
|
|
|
|
{%- for name, data in salt['pillar.get']('bind:configured_acls', {})|dictsort %}
|
|
acl {{ name }} {
|
|
{%- for d in data %}
|
|
{{ d }};
|
|
{%- endfor %}
|
|
};
|
|
{%- endfor %}
|
|
|
|
{%- for name, data in salt['pillar.get']('bind:configured_masters', {})|dictsort %}
|
|
masters {{ name }} {
|
|
{%- for d in data %}
|
|
{{ d }};
|
|
{%- endfor %}
|
|
};
|
|
{%- endfor %}
|