nishiki/ansible-role-bind
1
0
Fork 0
Code Issues Pull requests Releases 2 Activity Actions

feat: add bind_options variable

Browse source
This commit is contained in:
Adrien Waksberg 2018-03-21 20:30:11 +01:00
parent 9217b4403f
commit a71fe9cb21
5 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -20,6 +20,7 @@ This role can work on Debian derived OS, but it's not our priority.
## Role variables ## Role variables
* `bind_role` - the role `master` or `slave`, don't generate dnssec key on `slave` * `bind_role` - the role `master` or `slave`, don't generate dnssec key on `slave`
* `bind_options` - hash general bind options
* `bind_zones` - the dns zones * `bind_zones` - the dns zones
* `bind_listen_ipv4` - enable or disable ip v4 support (default: true) * `bind_listen_ipv4` - enable or disable ip v4 support (default: true)
* `bind_listen_ipv6` - enable or disable ip v6 support (default: true) * `bind_listen_ipv6` - enable or disable ip v6 support (default: true)
@ -40,6 +41,8 @@ This role can work on Debian derived OS, but it's not our priority.
``` ```
bind_listen_ipv6: true bind_listen_ipv6: true
bind_listen_ipv4: true bind_listen_ipv4: true
bind_options:
server-id: '"1"'
bind_zones: bind_zones:
test.local: test.local:
@ -47,6 +50,10 @@ bind_zones:
mail: root@test.local mail: root@test.local
serial: 2017092202 serial: 2017092202
dnssec: yes dnssec: yes
options:
key-directory: '"/etc/bind/keys"'
auto-dnssec: maintain
inline-signing: yes
records: records:
- { name: '@', type: ns, value: localhost. } - { name: '@', type: ns, value: localhost. }
- { name: hello, type: a, ttl: 5m, value: 1.2.3.4 } - { name: hello, type: a, ttl: 5m, value: 1.2.3.4 }
@ -56,10 +63,6 @@ bind_zones:
mail: root@hello.local mail: root@hello.local
serial: 2017092201 serial: 2017092201
dnssec: no dnssec: no
options:
key-directory: '"/etc/bind/keys"'
auto-dnssec: maintain
inline-signing: yes
records: records:
- { name: '@', type: ns, value: localhost. } - { name: '@', type: ns, value: localhost. }
- { name: hello, type: a, value: 4.3.2.1 } - { name: hello, type: a, value: 4.3.2.1 }

2
defaults/main.yml
View file

@ -1,3 +1,5 @@
--- ---
bind_role: master
bind_listen_ipv4: true bind_listen_ipv4: true
bind_listen_ipv6: true bind_listen_ipv6: true
bind_options: {}

4
templates/named.conf.options.j2
View file

@ -11,5 +11,9 @@ options {
listen-on { {% if bind_listen_ipv4 %}any{% else %}none{% endif %}; }; listen-on { {% if bind_listen_ipv4 %}any{% else %}none{% endif %}; };
listen-on-v6 { {% if bind_listen_ipv6 %}any{% else %}none{% endif %}; }; listen-on-v6 { {% if bind_listen_ipv6 %}any{% else %}none{% endif %}; };
{% for option, value in bind_options.iteritems() %}
{{ option }} {% if value == True %}yes{% elif value == False %}no{% else %}{{ value }}{% endif %};
{% endfor %}
version none; version none;
}; };

2
test/integration/bind/default.yml
View file

@ -3,6 +3,8 @@
vars: vars:
bind_listen_ipv6: false bind_listen_ipv6: false
bind_role: master bind_role: master
bind_options:
server-id: '"1"'
bind_zones: bind_zones:
test.local: test.local:
allow_transfer: allow_transfer:

1
test/integration/bind/serverspec/bind_spec.rb
View file

@ -45,6 +45,7 @@ describe file('/etc/bind/named.conf.options') do
it { should be_grouped_into 'root' } it { should be_grouped_into 'root' }
it { should contain 'listen-on { any; };' } it { should contain 'listen-on { any; };' }
it { should contain 'listen-on-v6 { none; };' } it { should contain 'listen-on-v6 { none; };' }
it { should contain 'server-id "1";' }
end end
describe service('bind9') do describe service('bind9') do