Commit graph

66 commits

Author SHA1 Message Date
4fc51962e1
feat: add knot_dnssec_policy_nsec3_salt_length with default 0
All checks were successful
Ansible Lint / build (push) Successful in 1m30s
2024-06-05 01:15:25 +02:00
2d034ea22d
fix: semantic erros in argument_specs
All checks were successful
Ansible Lint / build (push) Successful in 52s
Ansible Galaxy / deploy (push) Successful in 2m10s
2024-05-05 18:07:59 +02:00
f568b38831
fix: only start knot after rendering the configuration 2024-05-05 13:13:58 +02:00
2ae220b3eb
feat: the great ansible-lint and documentation update
Some checks failed
Ansible Galaxy / deploy (push) Failing after 1m18s
Ansible Lint / build (push) Successful in 1m27s
2024-04-14 22:41:41 +02:00
s3lph
4298c8b656 fix(knot): set journal-content: all for zonefile-serial: difference-no-serial to work 2023-12-03 09:29:56 +01:00
s3lph
c51253c28c feat(knot): use zonefile-load: difference-no-serial policy for idempotency 2023-12-03 09:25:54 +01:00
s3lph
da51d2fbf1 fix: kzonecheck is now part of knot-dnssecutils 2023-07-16 17:53:19 +02:00
s3lph
dc2bd7c570 Add support for on-secondary signing 2023-04-05 00:16:19 +02:00
s3lph
3809b6c2c3 Add support for on-secondary signing 2023-04-05 00:14:57 +02:00
s3lph
a3545b1646 Add support for secondary-to-secondary replication 2023-04-05 00:10:52 +02:00
s3lph
b3a8be8303 Add support for secondary-to-secondary replication 2023-04-05 00:00:55 +02:00
s3lph
c337831383 Add support for secondary-to-secondary replication 2023-04-04 23:53:22 +02:00
s3lph
2398e99d65 Add support for secondary-to-secondary replication 2023-04-04 23:52:13 +02:00
s3lph
55ad1892a9 Add support for secondary-to-secondary replication 2023-04-04 23:50:08 +02:00
s3lph
88996a3700 Add support for on-secondary signing 2023-04-04 20:54:24 +02:00
s3lph
b1795f2e76 Add support for on-secondary signing 2023-04-04 20:46:54 +02:00
s3lph
ce27010642 Change default cds-cdnskey-publish to always 2022-06-14 21:17:14 +02:00
s3lph
e4e9e21e8c Make cds_cndskey_publish configurable per zone 2022-06-14 12:58:45 +02:00
s3lph
b9bb083f76 Make DNSSEC algorithms configurable per zone 2022-06-13 21:40:58 +02:00
s3lph
4fe9da8a6d Add option to install knot from the upstream cz.nic repository 2022-06-13 21:21:46 +02:00
s3lph
2abd8ccf02 Change default KSK/ZSK to ed25519 2022-06-04 00:33:07 +02:00
s3lph
35ed3e09f2 Apparently reloading knot is not enough with some config changes (e.g. listen-address), restart instead 2021-11-05 12:58:53 +01:00
s3lph
7ce38e0edf Fix loop in install.yml 2021-11-05 12:52:30 +01:00
s3lph
fbd4f1c5e7 Remove duplicate line from dnssec policies 2021-10-01 01:57:04 +02:00
s3lph
bf5b1d50fb Add dnssec policy propagation-delay option 2021-09-30 21:38:04 +02:00
s3lph
837832be9b Fix submission config error 2021-09-30 00:39:52 +02:00
s3lph
4680285605 Fix config file whitespaces 2021-09-30 00:37:26 +02:00
s3lph
a339290de7 Fix config file whitespaces 2021-09-30 00:36:27 +02:00
s3lph
83fc2ba1e8 Fix config file whitespaces 2021-09-30 00:35:41 +02:00
s3lph
0482dd69e3 Bugfix 3 2021-09-30 00:08:25 +02:00
s3lph
8b86782842 Bugfix 2 2021-09-29 23:57:40 +02:00
s3lph
a35e66049d Bugfix 2021-09-29 23:56:40 +02:00
s3lph
a9be647f84 Add support for configuring ZSK and KSK rollovers, including submission checks 2021-09-29 23:17:38 +02:00
s3lph
9402eee1c1 Prevent zone file from being overwritten on DNSSEC resigns 2021-09-29 22:45:26 +02:00
s3lph
1e19b6efc9 knot: install knot-dnsutils 2021-03-21 03:39:37 +01:00
s3lph
11d07d7089 knot: install knot-dnsutils 2021-03-21 03:37:47 +01:00
s3lph
05eab6666c fix typo 2021-02-06 00:17:38 +01:00
s3lph
e12a8f6981 only use tsig keys mutually 2021-02-06 00:16:19 +01:00
s3lph
0e587d61e4 🤦 actually use tsig keys for notifies/xfrs 2021-02-06 00:09:43 +01:00
s3lph
2541e4254d updaters dont need to be a remote 2021-02-05 23:27:51 +01:00
s3lph
9cbf45e958 add ip filter for transfers even if tsig key is present 2021-02-05 22:57:03 +01:00
s3lph
47bf844bf1 Work around a jinja2 bug in the map filter regarding default values (https://github.com/pallets/jinja/issues/1331) 2021-02-05 22:28:20 +01:00
s3lph
3200fe522a Make updaters zone key optional 2021-02-05 21:50:05 +01:00
s3lph
eab820a60a Make updaters zone key optional 2021-02-05 21:47:34 +01:00
s3lph
7cdd070ad4 split knot zonefiles and config tasks 2021-02-05 21:43:12 +01:00
s3lph
69cfc2ef81 Add support for TSIG keys 2021-02-05 21:36:46 +01:00
s3lph
9c329c8897 Add option to configure knot server nsid 2021-01-16 05:40:04 +01:00
s3lph
3dd19606f5 Add option to configure knot server identity 2021-01-16 05:23:09 +01:00
s3lph
3660754332 Fix missing variable for master zone files 2021-01-16 04:30:34 +01:00
s3lph
db202e39fe Spacing for readability 2021-01-16 03:36:01 +01:00