From 54ee906547012d47e0fa4c537716fa92705a5d09 Mon Sep 17 00:00:00 2001 From: Adrien Waksberg Date: Sun, 15 Oct 2017 01:11:49 +0200 Subject: [PATCH] feat: add option allow_tranfer for zones --- spec/bind.rb | 8 ++++++++ templates/named.conf.local.j2 | 8 +++++++- tests/bind.yml | 2 ++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/spec/bind.rb b/spec/bind.rb index abb2afa..21c069c 100644 --- a/spec/bind.rb +++ b/spec/bind.rb @@ -24,6 +24,14 @@ end end end +describe file('/etc/bind/named.conf.local') do + it { should be_file } + it { should be_mode 644 } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + it { should contain '4.2.2.4' } +end + describe command('host hello.test.local 127.0.0.1') do its(:exit_status) { should eq 0 } its(:stdout) { should contain('1.2.3.4') } diff --git a/templates/named.conf.local.j2 b/templates/named.conf.local.j2 index 7908ffc..ea57501 100644 --- a/templates/named.conf.local.j2 +++ b/templates/named.conf.local.j2 @@ -8,6 +8,12 @@ zone "{{ zone }}" IN { {% else %} file "/etc/bind/zones/db.{{ zone }}"; {% endif %} - allow-transfer { 217.70.177.40; }; +{% if 'allow_transfer' in value and value.dnssec %} + allow-transfer { +{% for ip in value.allow_transfer %} + {{ ip }}; +{% endfor %} + }; +{% endif %} }; {% endfor %} diff --git a/tests/bind.yml b/tests/bind.yml index e0c4ecd..35619d5 100644 --- a/tests/bind.yml +++ b/tests/bind.yml @@ -4,6 +4,8 @@ bind_role: master bind_zones: test.local: + allow_transfer: + - '4.2.2.4' ns_primary: ns1.test.local mail: root@test.local serial: 2017092202