aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2019-04-02 17:53:01 +0200
committerEmil Renner Berthing <esmil@labitat.dk>2019-04-02 18:07:25 +0200
commit14d5cbd332a15a8438a458e8c4817d4458c2145b (patch)
treec91b2692120bebd88273302ecb150284cde22874 /roles
parent0c19892158609d1eb64015f84e53eb5685c97441 (diff)
downloadlabitat-ansible-14d5cbd332a15a8438a458e8c4817d4458c2145b.tar.gz
labitat-ansible-14d5cbd332a15a8438a458e8c4817d4458c2145b.tar.xz
labitat-ansible-14d5cbd332a15a8438a458e8c4817d4458c2145b.zip
space_server: named: create reverse ipv4 zone
Diffstat (limited to 'roles')
-rw-r--r--roles/space_server/files/named.conf35
-rw-r--r--roles/space_server/tasks/named.yml22
-rw-r--r--roles/space_server/templates/ipv4.rev.zone.j212
3 files changed, 46 insertions, 23 deletions
diff --git a/roles/space_server/files/named.conf b/roles/space_server/files/named.conf
index 81c4969..0659a3b 100644
--- a/roles/space_server/files/named.conf
+++ b/roles/space_server/files/named.conf
@@ -75,6 +75,18 @@ logging {
};
};
+acl local {
+ 127.0.0.1;
+ 10.42.0.0/24; // infrastructure
+ 10.42.1.0/24; // member wired
+ 10.42.2.0/24; // member wireless
+ ::1;
+ 2a01:4262:1ab:a::/64; // infrastructure
+ 2a01:4262:1ab:b::/64; // member wired
+ 2a01:4262:1ab:c::/64; // member wireless
+ 2a01:4262:1ab:f::/64; // member nat64
+};
+
zone "." IN {
type hint;
file "named.ca";
@@ -83,20 +95,15 @@ zone "." IN {
zone "s" IN {
type master;
file "/etc/named/s.zone";
- allow-query {
- 127.0.0.1;
- 10.42.0.0/24; # infrastructure
- 10.42.1.0/24; # member wired
- 10.42.2.0/24; # member wireless
- ::1;
- 2a01:4262:1ab:a::/64; # infrastructure
- 2a01:4262:1ab:b::/64; # member wired
- 2a01:4262:1ab:c::/64; # member wireless
- 2a01:4262:1ab:f::/64; # member nat64
- };
- allow-transfer {
- none;
- };
+ allow-query { local; };
+ allow-transfer { none; };
+};
+
+zone "42.10.in-addr.arpa" IN {
+ type master;
+ file "/etc/named/ipv4.rev.zone";
+ allow-query { local; };
+ allow-transfer { none; };
};
include "/etc/named.rfc1912.zones";
diff --git a/roles/space_server/tasks/named.yml b/roles/space_server/tasks/named.yml
index 143e8f0..243bf3e 100644
--- a/roles/space_server/tasks/named.yml
+++ b/roles/space_server/tasks/named.yml
@@ -1,4 +1,17 @@
---
+- name: Create local zones
+ template:
+ dest: '/etc/named/{{ item }}'
+ src: '{{ item }}.j2'
+ owner: root
+ group: named
+ mode: 0644
+ with_items:
+ - 's.zone'
+ - 'ipv4.rev.zone'
+ notify:
+ - restart named
+
- name: Configure named
copy:
dest: '/etc/named.conf'
@@ -8,15 +21,6 @@
mode: 0640
notify:
- restart named
-- name: Create s zone
- template:
- dest: '/etc/named/s.zone'
- src: s.zone.j2
- owner: root
- group: named
- mode: 0644
- notify:
- - restart named
- name: Create service drop-in directory
file:
diff --git a/roles/space_server/templates/ipv4.rev.zone.j2 b/roles/space_server/templates/ipv4.rev.zone.j2
new file mode 100644
index 0000000..1736333
--- /dev/null
+++ b/roles/space_server/templates/ipv4.rev.zone.j2
@@ -0,0 +1,12 @@
+42.10.in-addr.arpa. 600 IN SOA space.labitat.dk. esmil.labitat.dk. 2019040101 7200 3600 604800 86400
+42.10.in-addr.arpa. 600 IN NS space.labitat.dk.
+
+{% for host in local_hosts %}
+{% if 'ipv4' in host %}
+{% for ip in host.ipv4 %}
+{% if ip.startswith('10.42.') %}
+{{ ip.split('.')[3] }}.{{ ip.split('.')[2] }}.42.10.in-addr.arpa. 600 IN PTR {{ host.name }}.s.
+{% endif %}
+{% endfor %}
+{% endif %}
+{% endfor %}