add ip filter for transfers even if tsig key is present
This commit is contained in:
parent
47bf844bf1
commit
9cbf45e958
1 changed files with 2 additions and 4 deletions
|
@ -50,11 +50,10 @@ acl:
|
||||||
action: transfer
|
action: transfer
|
||||||
{% if 'knot_tsig_key' in hostvars[remote] %}
|
{% if 'knot_tsig_key' in hostvars[remote] %}
|
||||||
key: {{ hostvars[remote].knot_tsig_key.name }}
|
key: {{ hostvars[remote].knot_tsig_key.name }}
|
||||||
{% else %}
|
{% endif %}
|
||||||
{% for address in hostvars[remote].knot_dns_addresses %}
|
{% for address in hostvars[remote].knot_dns_addresses %}
|
||||||
address: "{{ address }}"
|
address: "{{ address }}"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% for remote in zones | map(attribute='masters') | flatten | unique %}
|
{% for remote in zones | map(attribute='masters') | flatten | unique %}
|
||||||
|
@ -63,11 +62,10 @@ acl:
|
||||||
action: notify
|
action: notify
|
||||||
{% if 'knot_tsig_key' in hostvars[remote] %}
|
{% if 'knot_tsig_key' in hostvars[remote] %}
|
||||||
key: {{ hostvars[remote].knot_tsig_key.name }}
|
key: {{ hostvars[remote].knot_tsig_key.name }}
|
||||||
{% else %}
|
{% endif %}
|
||||||
{% for address in hostvars[remote].knot_dns_addresses %}
|
{% for address in hostvars[remote].knot_dns_addresses %}
|
||||||
address: "{{ address }}"
|
address: "{{ address }}"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% for remote in zones | map(attribute='updaters') | select('defined') | flatten | unique %}
|
{% for remote in zones | map(attribute='updaters') | select('defined') | flatten | unique %}
|
||||||
|
|
Loading…
Reference in a new issue