add ip filter for transfers even if tsig key is present

This commit is contained in:
s3lph 2021-02-05 22:57:03 +01:00
parent 47bf844bf1
commit 9cbf45e958

View file

@ -50,11 +50,10 @@ acl:
action: transfer action: transfer
{% if 'knot_tsig_key' in hostvars[remote] %} {% if 'knot_tsig_key' in hostvars[remote] %}
key: {{ hostvars[remote].knot_tsig_key.name }} key: {{ hostvars[remote].knot_tsig_key.name }}
{% else %} {% endif %}
{% for address in hostvars[remote].knot_dns_addresses %} {% for address in hostvars[remote].knot_dns_addresses %}
address: "{{ address }}" address: "{{ address }}"
{% endfor %} {% endfor %}
{% endif %}
{% endfor %} {% endfor %}
{% for remote in zones | map(attribute='masters') | flatten | unique %} {% for remote in zones | map(attribute='masters') | flatten | unique %}
@ -63,11 +62,10 @@ acl:
action: notify action: notify
{% if 'knot_tsig_key' in hostvars[remote] %} {% if 'knot_tsig_key' in hostvars[remote] %}
key: {{ hostvars[remote].knot_tsig_key.name }} key: {{ hostvars[remote].knot_tsig_key.name }}
{% else %} {% endif %}
{% for address in hostvars[remote].knot_dns_addresses %} {% for address in hostvars[remote].knot_dns_addresses %}
address: "{{ address }}" address: "{{ address }}"
{% endfor %} {% endfor %}
{% endif %}
{% endfor %} {% endfor %}
{% for remote in zones | map(attribute='updaters') | select('defined') | flatten | unique %} {% for remote in zones | map(attribute='updaters') | select('defined') | flatten | unique %}