aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2019-04-02 20:23:52 +0200
committerEmil Renner Berthing <esmil@labitat.dk>2019-04-03 10:31:02 +0200
commit806bfb26907e9bb3d41f0c9225800a7f8c77683a (patch)
treeb2cc4ab0b6ffff20f37c8b8bdc5d76a6746c5dd4 /roles/space_server
parent14d5cbd332a15a8438a458e8c4817d4458c2145b (diff)
downloadlabitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.tar.gz
labitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.tar.xz
labitat-ansible-806bfb26907e9bb3d41f0c9225800a7f8c77683a.zip
space_server: named: support dynamic updates
..of the dhcp zone and reverse dns for 10.42.0.0/16 This way the dhcp daemon can add entries when it handles out leases.
Diffstat (limited to 'roles/space_server')
-rw-r--r--roles/space_server/tasks/named.yml35
-rw-r--r--roles/space_server/templates/dhcp.zone.j22
-rw-r--r--roles/space_server/templates/named.conf.j2 (renamed from roles/space_server/files/named.conf)25
3 files changed, 53 insertions, 9 deletions
diff --git a/roles/space_server/tasks/named.yml b/roles/space_server/tasks/named.yml
index 243bf3e..519b5d4 100644
--- a/roles/space_server/tasks/named.yml
+++ b/roles/space_server/tasks/named.yml
@@ -1,21 +1,40 @@
---
-- name: Create local zones
+- name: Create s zone
template:
- dest: '/etc/named/{{ item }}'
- src: '{{ item }}.j2'
+ dest: '/etc/named/s.zone'
+ src: s.zone.j2
owner: root
group: named
mode: 0644
- with_items:
- - 's.zone'
- - 'ipv4.rev.zone'
+ notify:
+ - restart named
+
+- name: Create dhcp zone
+ template:
+ dest: '/var/named/dynamic/dhcp.zone'
+ src: dhcp.zone.j2
+ owner: named
+ group: named
+ mode: 0644
+ force: no
+ notify:
+ - restart named
+
+- name: Create ipv4 reverse dns zone
+ template:
+ dest: '/var/named/dynamic/ipv4.rev.zone'
+ src: ipv4.rev.zone.j2
+ owner: named
+ group: named
+ mode: 0644
+ force: no
notify:
- restart named
- name: Configure named
- copy:
+ template:
dest: '/etc/named.conf'
- src: named.conf
+ src: named.conf.j2
owner: root
group: named
mode: 0640
diff --git a/roles/space_server/templates/dhcp.zone.j2 b/roles/space_server/templates/dhcp.zone.j2
new file mode 100644
index 0000000..e6b2b40
--- /dev/null
+++ b/roles/space_server/templates/dhcp.zone.j2
@@ -0,0 +1,2 @@
+dhcp. 600 IN SOA space.labitat.dk. esmil.labitat.dk. 2019040101 7200 3600 604800 86400
+dhcp. 600 IN NS space.labitat.dk.
diff --git a/roles/space_server/files/named.conf b/roles/space_server/templates/named.conf.j2
index 0659a3b..0314545 100644
--- a/roles/space_server/files/named.conf
+++ b/roles/space_server/templates/named.conf.j2
@@ -86,6 +86,13 @@ acl local {
2a01:4262:1ab:c::/64; // member wireless
2a01:4262:1ab:f::/64; // member nat64
};
+{% if ddns_secret is defined %}
+
+key dhcpupdate {
+ algorithm {{ ddns_secret.algorithm }};
+ secret "{{ ddns_secret.key }}";
+};
+{% endif %}
zone "." IN {
type hint;
@@ -96,14 +103,30 @@ zone "s" IN {
type master;
file "/etc/named/s.zone";
allow-query { local; };
+ allow-update { none; };
+ allow-transfer { none; };
+};
+{% if ddns_secret is defined %}
+
+zone "dhcp" IN {
+ type master;
+ file "dynamic/dhcp.zone";
+ allow-query { local; };
+ allow-update { key dhcpupdate; };
allow-transfer { none; };
+ notify no;
};
+{% endif %}
zone "42.10.in-addr.arpa" IN {
type master;
- file "/etc/named/ipv4.rev.zone";
+ file "dynamic/ipv4.rev.zone";
allow-query { local; };
+{% if ddns_secret is defined %}
+ allow-update { key dhcpupdate; };
+{% endif %}
allow-transfer { none; };
+ notify no;
};
include "/etc/named.rfc1912.zones";