Minor fixes
This commit is contained in:
parent
034f06b6c4
commit
486b0d1bed
2 changed files with 25 additions and 8 deletions
|
@ -11,6 +11,23 @@
|
||||||
- "{{ knot_zone_master_storage_path }}"
|
- "{{ knot_zone_master_storage_path }}"
|
||||||
- "{{ knot_zone_replica_storage_path }}"
|
- "{{ knot_zone_replica_storage_path }}"
|
||||||
|
|
||||||
|
- name: make sure all zones have a name
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "'name' in item.value"
|
||||||
|
- "item.value.name | type_debug == 'str'"
|
||||||
|
fail_msg: "{{ item.key }} does not have a name"
|
||||||
|
loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}"
|
||||||
|
|
||||||
|
- name: make sure all zones have at least one master defined
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "'masters' in item.value"
|
||||||
|
- "item.value.masters | type_debug == 'list'"
|
||||||
|
- "item.value.masters | length > 0"
|
||||||
|
fail_msg: "{{ item.key }} does not have a zone master"
|
||||||
|
loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}"
|
||||||
|
|
||||||
- name: render knot zone files
|
- name: render knot zone files
|
||||||
template:
|
template:
|
||||||
src: var/lib/knot/master/zone.j2
|
src: var/lib/knot/master/zone.j2
|
||||||
|
|
|
@ -41,10 +41,9 @@ acl:
|
||||||
# MASTER ZONES
|
# MASTER ZONES
|
||||||
#
|
#
|
||||||
|
|
||||||
|
policy:
|
||||||
{% for zone in zones %}
|
{% for zone in zones %}
|
||||||
{% if inventory_hostname in zone.masters %}
|
{% if inventory_hostname in zone.masters %}
|
||||||
|
|
||||||
policy:
|
|
||||||
- id: dnssec-{{ zone.name }}
|
- id: dnssec-{{ zone.name }}
|
||||||
algorithm: {{ knot_dnssec_policy_algorithm }}
|
algorithm: {{ knot_dnssec_policy_algorithm }}
|
||||||
nsec3: {{ knot_dnssec_policy_nsec3 }}
|
nsec3: {{ knot_dnssec_policy_nsec3 }}
|
||||||
|
@ -52,9 +51,13 @@ policy:
|
||||||
zsk-size: {{ knot_dnssec_policy_zsk_size }}
|
zsk-size: {{ knot_dnssec_policy_zsk_size }}
|
||||||
ksk-shared: {{ knot_dnssec_policy_ksk_shared }}
|
ksk-shared: {{ knot_dnssec_policy_ksk_shared }}
|
||||||
cds-cdnskey-publish: {{ knot_dnssec_policy_cds_publish }}
|
cds-cdnskey-publish: {{ knot_dnssec_policy_cds_publish }}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
zone:
|
zone:
|
||||||
- domain: {{ zone.name }}.
|
{% for zone in zones %}
|
||||||
|
{% if inventory_hostname in zone.masters %}
|
||||||
|
- domain: {{ zone.name }}
|
||||||
storage: {{ knot_zone_master_storage_path }}
|
storage: {{ knot_zone_master_storage_path }}
|
||||||
semantic-checks: {{ knot_zone_semantic_checks }}
|
semantic-checks: {{ knot_zone_semantic_checks }}
|
||||||
serial-policy: unixtime
|
serial-policy: unixtime
|
||||||
|
@ -67,7 +70,6 @@ zone:
|
||||||
{% for replica in zone.replicas %}
|
{% for replica in zone.replicas %}
|
||||||
notify: remote-{{ replica }}
|
notify: remote-{{ replica }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
@ -76,11 +78,10 @@ zone:
|
||||||
# REPLICA ZONES
|
# REPLICA ZONES
|
||||||
#
|
#
|
||||||
|
|
||||||
|
zone:
|
||||||
{% for zone in zones %}
|
{% for zone in zones %}
|
||||||
{% if inventory_hostname in zone.replicas %}
|
{% if inventory_hostname in zone.replicas %}
|
||||||
|
- domain: {{ zone.name }}
|
||||||
zone:
|
|
||||||
- domain: {{ zone.name }}.
|
|
||||||
storage: {{ knot_zone_replica_storage_path }}
|
storage: {{ knot_zone_replica_storage_path }}
|
||||||
serial-policy: unixtime
|
serial-policy: unixtime
|
||||||
{% for master in zone.masters %}
|
{% for master in zone.masters %}
|
||||||
|
@ -89,7 +90,6 @@ zone:
|
||||||
{% for master in zone.masters %}
|
{% for master in zone.masters %}
|
||||||
master: remote-{{ master }}
|
master: remote-{{ master }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue