Add dnssec policy propagation-delay option

This commit is contained in:
s3lph 2021-09-30 21:38:04 +02:00
parent 837832be9b
commit bf5b1d50fb
3 changed files with 3 additions and 2 deletions

View file

@ -1,4 +1,3 @@
### REQUIRED
# The namespace of the collection. This can be a company/brand/organization or product namespace under which all
# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with
# underscores or numbers and cannot contain consecutive underscores
@ -8,7 +7,7 @@ namespace: s3lph
name: nameserver
# The version of the collection. Must be compatible with semantic versioning
version: "0.3.1"
version: "0.3.2"
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md

View file

@ -27,6 +27,7 @@ knot_dnssec_policy_zsk_size: 384
knot_dnssec_policy_zsk_lifetime: 30d
knot_dnssec_policy_ksk_lifetime: 0
knot_dnssec_policy_cds_publish: 'double-ds'
knot_dnssec_policy_propagation_delay: 1h
knot_dnssec_submission_check_interval: 1h
knot_dnssec_submission_timeout: 0

View file

@ -112,6 +112,7 @@ policy:
ksk-lifetime: {{ zone.ksk_lifetime | default(knot_dnssec_policy_ksk_lifetime) }}
ksk-submission: submission-{{ zone.name }}
ksk-shared: {{ knot_dnssec_policy_ksk_shared }}
propagation-delay: {{ zone.propagation_delay | default(knot_dnssec_policy_propagation_delay) }}
cds-cdnskey-publish: {{ knot_dnssec_policy_cds_publish }}
{% endif %}
{% endfor %}