Add support for on-secondary signing
This commit is contained in:
parent
b1795f2e76
commit
88996a3700
1 changed files with 2 additions and 2 deletions
|
@ -68,7 +68,7 @@ acl:
|
||||||
key: {{ hostvars[remote].knot_tsig_key.name }}
|
key: {{ hostvars[remote].knot_tsig_key.name }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% for address in hostvars[remote].knot_dns_addresses %}
|
{% for address in hostvars[remote].knot_dns_addresses %}
|
||||||
address: "{{ address }}"
|
address: "{{ address.split('@')[0] }}"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
@ -86,7 +86,7 @@ acl:
|
||||||
|
|
||||||
submission:
|
submission:
|
||||||
{% for zone in zones %}
|
{% for zone in zones %}
|
||||||
{% if inventory_hostname in zone.masters %}
|
{% if inventory_hostname in zone.masters or (inventory_hostname in zone.replicas and zone.sign_on_secondary | default(false)) %}
|
||||||
|
|
||||||
- id: submission-{{ zone.name }}
|
- id: submission-{{ zone.name }}
|
||||||
check-interval: {{ knot_dnssec_submission_check_interval }}
|
check-interval: {{ knot_dnssec_submission_check_interval }}
|
||||||
|
|
Loading…
Reference in a new issue