wip
This commit is contained in:
mwiegand
parent
beae4f6c98
commit
a59c981238
3 changed files with 21 additions and 9 deletions
|
|
@ -1,6 +1,6 @@
|
|||
% for view_name, view_conf in views.items():
|
||||
acl "${view_name}" {
|
||||
% for ac in sorted(view_conf['acl'], key=lambda e: (not e.startswith('!'), not e.startswith('key'))):
|
||||
% for acl_name, acl_content in acls.items():
|
||||
acl "${acl_name}" {
|
||||
% for ac in sorted(acl_content, key=lambda e: (not e.startswith('!'), not e.startswith('key'))):
|
||||
${ac};
|
||||
% endfor
|
||||
};
|
||||
|
|
@ -47,7 +47,7 @@ view "${view_name}" {
|
|||
masters { ${master_ip}; };
|
||||
% endif
|
||||
% if type == 'master' and zone_conf.get('key', False):
|
||||
allow-update { key "${view_name}.${zone_name}"; };
|
||||
allow-update { !{ !our-nets; any; }; key "${view_name}.${zone_name}"; };
|
||||
% endif
|
||||
file "/var/lib/bind/${view_name}/db.${zone_name}";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -74,6 +74,13 @@ files['/etc/bind/named.conf.local'] = {
|
|||
'context': {
|
||||
'type': node.metadata.get('bind/type'),
|
||||
'master_ip': master_ip,
|
||||
'acls': {
|
||||
**master_node.metadata.get('bind/acls'),
|
||||
**{
|
||||
view_name: view_conf['acl']
|
||||
for view_name, view_conf in master_node.metadata.get('bind/views').items()
|
||||
},
|
||||
},
|
||||
'views': dict(sorted(
|
||||
master_node.metadata.get('bind/views').items(),
|
||||
key=lambda e: (e[1].get('default', False), e[0]),
|
||||
|
|
|
|||
|
|
@ -11,15 +11,20 @@ defaults = {
|
|||
},
|
||||
'bind': {
|
||||
'slaves': {},
|
||||
'acls': {
|
||||
'our-nets': {
|
||||
'127.0.0.1',
|
||||
'10.0.0.0/8',
|
||||
'169.254.0.0/16',
|
||||
'172.16.0.0/12',
|
||||
'192.168.0.0/16',
|
||||
}
|
||||
},
|
||||
'views': {
|
||||
'internal': {
|
||||
'is_internal': True,
|
||||
'acl': {
|
||||
'127.0.0.1',
|
||||
'10.0.0.0/8',
|
||||
'169.254.0.0/16',
|
||||
'172.16.0.0/12',
|
||||
'192.168.0.0/16',
|
||||
'our-nets',
|
||||
},
|
||||
'zones': {},
|
||||
},
|
||||
|
|
|
|||
Loading…
Reference in a new issue