wip
This commit is contained in:
mwiegand
parent
beae4f6c98
commit
a59c981238
3 changed files with 21 additions and 9 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
% for view_name, view_conf in views.items():
|
% for acl_name, acl_content in acls.items():
|
||||||
acl "${view_name}" {
|
acl "${acl_name}" {
|
||||||
% for ac in sorted(view_conf['acl'], key=lambda e: (not e.startswith('!'), not e.startswith('key'))):
|
% for ac in sorted(acl_content, key=lambda e: (not e.startswith('!'), not e.startswith('key'))):
|
||||||
${ac};
|
${ac};
|
||||||
% endfor
|
% endfor
|
||||||
};
|
};
|
||||||
|
|
@ -47,7 +47,7 @@ view "${view_name}" {
|
||||||
masters { ${master_ip}; };
|
masters { ${master_ip}; };
|
||||||
% endif
|
% endif
|
||||||
% if type == 'master' and zone_conf.get('key', False):
|
% if type == 'master' and zone_conf.get('key', False):
|
||||||
allow-update { key "${view_name}.${zone_name}"; };
|
allow-update { !{ !our-nets; any; }; key "${view_name}.${zone_name}"; };
|
||||||
% endif
|
% endif
|
||||||
file "/var/lib/bind/${view_name}/db.${zone_name}";
|
file "/var/lib/bind/${view_name}/db.${zone_name}";
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -74,6 +74,13 @@ files['/etc/bind/named.conf.local'] = {
|
||||||
'context': {
|
'context': {
|
||||||
'type': node.metadata.get('bind/type'),
|
'type': node.metadata.get('bind/type'),
|
||||||
'master_ip': master_ip,
|
'master_ip': master_ip,
|
||||||
|
'acls': {
|
||||||
|
**master_node.metadata.get('bind/acls'),
|
||||||
|
**{
|
||||||
|
view_name: view_conf['acl']
|
||||||
|
for view_name, view_conf in master_node.metadata.get('bind/views').items()
|
||||||
|
},
|
||||||
|
},
|
||||||
'views': dict(sorted(
|
'views': dict(sorted(
|
||||||
master_node.metadata.get('bind/views').items(),
|
master_node.metadata.get('bind/views').items(),
|
||||||
key=lambda e: (e[1].get('default', False), e[0]),
|
key=lambda e: (e[1].get('default', False), e[0]),
|
||||||
|
|
|
||||||
|
|
@ -11,15 +11,20 @@ defaults = {
|
||||||
},
|
},
|
||||||
'bind': {
|
'bind': {
|
||||||
'slaves': {},
|
'slaves': {},
|
||||||
|
'acls': {
|
||||||
|
'our-nets': {
|
||||||
|
'127.0.0.1',
|
||||||
|
'10.0.0.0/8',
|
||||||
|
'169.254.0.0/16',
|
||||||
|
'172.16.0.0/12',
|
||||||
|
'192.168.0.0/16',
|
||||||
|
}
|
||||||
|
},
|
||||||
'views': {
|
'views': {
|
||||||
'internal': {
|
'internal': {
|
||||||
'is_internal': True,
|
'is_internal': True,
|
||||||
'acl': {
|
'acl': {
|
||||||
'127.0.0.1',
|
'our-nets',
|
||||||
'10.0.0.0/8',
|
|
||||||
'169.254.0.0/16',
|
|
||||||
'172.16.0.0/12',
|
|
||||||
'192.168.0.0/16',
|
|
||||||
},
|
},
|
||||||
'zones': {},
|
'zones': {},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue