s3lph/ansible-collection-nameserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

only use tsig keys mutually

Browse source
This commit is contained in:
s3lph 2021-02-06 00:16:19 +01:00
parent 0e587d61e4
commit e12a8f6981
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
roles/knot/templates/etc/knot/knot.conf.j2
View file

@ -38,7 +38,8 @@ remote:
{% for remote in ( (zones | map(attribute='replicas') ) + (zones | map(attribute='masters') ) ) | flatten | unique %} {% for remote in ( (zones | map(attribute='replicas') ) + (zones | map(attribute='masters') ) ) | flatten | unique %}
- id: remote-{{ remote }} - id: remote-{{ remote }}
{% if knot_tsig_key is defined %} {% if knot_tsig_key is defined and 'knot_tsig_key' in hostvars[remote %}
{# only use TSIG mutually, i.e. if both parties have a key #}
key: {{ knot_tsig_key.name }} key: {{ knot_tsig_key.name }}
{% endif %} {% endif %}
{% for address in hostvars[remote].knot_dns_addresses %} {% for address in hostvars[remote].knot_dns_addresses %}