diff options
| author | Emil Renner Berthing <esmil@labitat.dk> | 2019-04-02 20:23:52 +0200 |
|---|---|---|
| committer | Emil Renner Berthing <esmil@labitat.dk> | 2019-04-03 10:31:02 +0200 |
| commit | 806bfb26907e9bb3d41f0c9225800a7f8c77683a (patch) | |
| tree | b2cc4ab0b6ffff20f37c8b8bdc5d76a6746c5dd4 | |
| parent | 14d5cbd332a15a8438a458e8c4817d4458c2145b (diff) | |
| download | labitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.tar.gz labitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.tar.xz labitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.zip | |
space_server: named: support dynamic updates
..of the dhcp zone and reverse dns for 10.42.0.0/16
This way the dhcp daemon can add entries when it
handles out leases.
| -rw-r--r-- | roles/space_server/tasks/named.yml | 35 | ||||
| -rw-r--r-- | roles/space_server/templates/dhcp.zone.j2 | 2 | ||||
| -rw-r--r-- | roles/space_server/templates/named.conf.j2 (renamed from roles/space_server/files/named.conf) | 25 |
3 files changed, 53 insertions, 9 deletions
diff --git a/roles/space_server/tasks/named.yml b/roles/space_server/tasks/named.yml index 243bf3e..519b5d4 100644 --- a/roles/space_server/tasks/named.yml +++ b/roles/space_server/tasks/named.yml @@ -1,21 +1,40 @@ --- -- name: Create local zones +- name: Create s zone template: - dest: '/etc/named/{{ item }}' - src: '{{ item }}.j2' + dest: '/etc/named/s.zone' + src: s.zone.j2 owner: root group: named mode: 0644 - with_items: - - 's.zone' - - 'ipv4.rev.zone' + notify: + - restart named + +- name: Create dhcp zone + template: + dest: '/var/named/dynamic/dhcp.zone' + src: dhcp.zone.j2 + owner: named + group: named + mode: 0644 + force: no + notify: + - restart named + +- name: Create ipv4 reverse dns zone + template: + dest: '/var/named/dynamic/ipv4.rev.zone' + src: ipv4.rev.zone.j2 + owner: named + group: named + mode: 0644 + force: no notify: - restart named - name: Configure named - copy: + template: dest: '/etc/named.conf' - src: named.conf + src: named.conf.j2 owner: root group: named mode: 0640 diff --git a/roles/space_server/templates/dhcp.zone.j2 b/roles/space_server/templates/dhcp.zone.j2 new file mode 100644 index 0000000..e6b2b40 --- /dev/null +++ b/roles/space_server/templates/dhcp.zone.j2 @@ -0,0 +1,2 @@ +dhcp. 600 IN SOA space.labitat.dk. esmil.labitat.dk. 2019040101 7200 3600 604800 86400 +dhcp. 600 IN NS space.labitat.dk. diff --git a/roles/space_server/files/named.conf b/roles/space_server/templates/named.conf.j2 index 0659a3b..0314545 100644 --- a/roles/space_server/files/named.conf +++ b/roles/space_server/templates/named.conf.j2 @@ -86,6 +86,13 @@ acl local { 2a01:4262:1ab:c::/64; // member wireless 2a01:4262:1ab:f::/64; // member nat64 }; +{% if ddns_secret is defined %} + +key dhcpupdate { + algorithm {{ ddns_secret.algorithm }}; + secret "{{ ddns_secret.key }}"; +}; +{% endif %} zone "." IN { type hint; @@ -96,14 +103,30 @@ zone "s" IN { type master; file "/etc/named/s.zone"; allow-query { local; }; + allow-update { none; }; + allow-transfer { none; }; +}; +{% if ddns_secret is defined %} + +zone "dhcp" IN { + type master; + file "dynamic/dhcp.zone"; + allow-query { local; }; + allow-update { key dhcpupdate; }; allow-transfer { none; }; + notify no; }; +{% endif %} zone "42.10.in-addr.arpa" IN { type master; - file "/etc/named/ipv4.rev.zone"; + file "dynamic/ipv4.rev.zone"; allow-query { local; }; +{% if ddns_secret is defined %} + allow-update { key dhcpupdate; }; +{% endif %} allow-transfer { none; }; + notify no; }; include "/etc/named.rfc1912.zones"; |