Minor fixes
This commit is contained in:
s3lph
parent
034f06b6c4
commit
486b0d1bed
2 changed files with 25 additions and 8 deletions
|
|
@ -11,6 +11,23 @@
|
|||
- "{{ knot_zone_master_storage_path }}"
|
||||
- "{{ knot_zone_replica_storage_path }}"
|
||||
|
||||
- name: make sure all zones have a name
|
||||
assert:
|
||||
that:
|
||||
- "'name' in item.value"
|
||||
- "item.value.name | type_debug == 'str'"
|
||||
fail_msg: "{{ item.key }} does not have a name"
|
||||
loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}"
|
||||
|
||||
- name: make sure all zones have at least one master defined
|
||||
assert:
|
||||
that:
|
||||
- "'masters' in item.value"
|
||||
- "item.value.masters | type_debug == 'list'"
|
||||
- "item.value.masters | length > 0"
|
||||
fail_msg: "{{ item.key }} does not have a zone master"
|
||||
loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}"
|
||||
|
||||
- name: render knot zone files
|
||||
template:
|
||||
src: var/lib/knot/master/zone.j2
|
||||
|
|
|
|||
|
|
@ -41,10 +41,9 @@ acl:
|
|||
# MASTER ZONES
|
||||
#
|
||||
|
||||
policy:
|
||||
{% for zone in zones %}
|
||||
{% if inventory_hostname in zone.masters %}
|
||||
|
||||
policy:
|
||||
- id: dnssec-{{ zone.name }}
|
||||
algorithm: {{ knot_dnssec_policy_algorithm }}
|
||||
nsec3: {{ knot_dnssec_policy_nsec3 }}
|
||||
|
|
@ -52,9 +51,13 @@ policy:
|
|||
zsk-size: {{ knot_dnssec_policy_zsk_size }}
|
||||
ksk-shared: {{ knot_dnssec_policy_ksk_shared }}
|
||||
cds-cdnskey-publish: {{ knot_dnssec_policy_cds_publish }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
zone:
|
||||
- domain: {{ zone.name }}.
|
||||
{% for zone in zones %}
|
||||
{% if inventory_hostname in zone.masters %}
|
||||
- domain: {{ zone.name }}
|
||||
storage: {{ knot_zone_master_storage_path }}
|
||||
semantic-checks: {{ knot_zone_semantic_checks }}
|
||||
serial-policy: unixtime
|
||||
|
|
@ -67,7 +70,6 @@ zone:
|
|||
{% for replica in zone.replicas %}
|
||||
notify: remote-{{ replica }}
|
||||
{% endfor %}
|
||||
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
|
|
@ -76,11 +78,10 @@ zone:
|
|||
# REPLICA ZONES
|
||||
#
|
||||
|
||||
zone:
|
||||
{% for zone in zones %}
|
||||
{% if inventory_hostname in zone.replicas %}
|
||||
|
||||
zone:
|
||||
- domain: {{ zone.name }}.
|
||||
- domain: {{ zone.name }}
|
||||
storage: {{ knot_zone_replica_storage_path }}
|
||||
serial-policy: unixtime
|
||||
{% for master in zone.masters %}
|
||||
|
|
@ -89,7 +90,6 @@ zone:
|
|||
{% for master in zone.masters %}
|
||||
master: remote-{{ master }}
|
||||
{% endfor %}
|
||||
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue