68 lines
1.3 KiB
Text
68 lines
1.3 KiB
Text
# KEYS
|
|
|
|
% for view_name, view_conf in views.items():
|
|
% for key_name, key_conf in sorted(view_conf['keys'].items()):
|
|
key "${key_name}" {
|
|
algorithm hmac-sha512;
|
|
secret "${key_conf['token']}";
|
|
};
|
|
% endfor
|
|
% endfor
|
|
|
|
# ACLS
|
|
|
|
% for acl_name, acl_content in acls.items():
|
|
acl "${acl_name}" {
|
|
% for ac in sorted(acl_content, key=lambda e: (not e.startswith('!'), not e.startswith('key'), e)):
|
|
${ac};
|
|
% endfor
|
|
};
|
|
% endfor
|
|
|
|
# VIEWS
|
|
|
|
% for view_name, view_conf in views.items():
|
|
view "${view_name}" {
|
|
match-clients {
|
|
${view_name};
|
|
};
|
|
|
|
% if view_conf['is_internal']:
|
|
recursion yes;
|
|
% else:
|
|
recursion no;
|
|
rate-limit {
|
|
responses-per-second 2;
|
|
window 25;
|
|
};
|
|
% endif
|
|
|
|
forward only;
|
|
forwarders {
|
|
1.1.1.1;
|
|
9.9.9.9;
|
|
8.8.8.8;
|
|
};
|
|
|
|
% for zone_name, zone_conf in sorted(view_conf['zones'].items()):
|
|
zone "${zone_name}" {
|
|
type ${type};
|
|
% if type == 'slave':
|
|
masters { ${master_ip}; };
|
|
% endif
|
|
% if type == 'master' and zone_conf.get('allow_update', False):
|
|
allow-update {
|
|
% for allow_update in zone_conf['allow_update']:
|
|
${allow_update};
|
|
% endfor
|
|
};
|
|
% endif
|
|
file "/var/lib/bind/${view_name}/db.${zone_name}";
|
|
};
|
|
% endfor
|
|
|
|
include "/etc/bind/named.conf.default-zones";
|
|
include "/etc/bind/zones.rfc1918";
|
|
};
|
|
|
|
% endfor
|