ansible-collection-nameserver/roles/master/templates/etc/knot/knot.d/10-master.conf.j2
2020-11-20 02:14:16 +01:00

46 lines
1.1 KiB
Django/Jinja

{{ ansible_managed | comment }}
#
# Master configuration for zones in group {{ name }}
#
acl:
- id: xfr-{{ name }}
action: transfer
{% for replica in replicas %}
address: "{{ replica }}"
{% endfor %}
remote:
{% for replica in replicas %}
- id: remote-{{ name }}-{{ loop.index0 }}
address: "{{ replica }}"
{% endfor %}
policy:
- id: dnssec-{{ name }}
algorithm: {{ knot_dnssec_policy_algorithm }}
nsec3: {{ knot_dnssec_policy_nsec3 }}
ksk-size: {{ knot_dnssec_policy_ksk_size }}
zsk-size: {{ knot_dnssec_policy_zsk_size }}
ksk-shared: {{ knot_dnssec_policy_ksk_shared }}
cds-cdnskey-publish: {{ knot_dnssec_policy_cds_publish }}
template:
- id: {{ name }}
storage: {{ knot_zone_storage_path }}
semantic-checks: {{ knot_zone_semantic_checks }}
serial-policy: unixtime
zonefile-load: difference
dnssec-signing: {{ knot_zone_dnssec_signing }}
dnssec-policy: dnssec-{{ name }}
acl: xfr-{{ name }}
{% for replica in replicas %}
notify: remote-{{ name }}-{{ loop.index0 }}
{% endfor %}
zone:
{% for zone in zones %}
- domain: {{ zone }}.
template: {{ name }}
{% endfor %}