From 14d5cbd332a15a8438a458e8c4817d4458c2145b Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Tue, 2 Apr 2019 17:53:01 +0200 Subject: space_server: named: create reverse ipv4 zone --- roles/space_server/files/named.conf | 35 ++++++++++++++++----------- roles/space_server/tasks/named.yml | 22 ++++++++++------- roles/space_server/templates/ipv4.rev.zone.j2 | 12 +++++++++ 3 files changed, 46 insertions(+), 23 deletions(-) create mode 100644 roles/space_server/templates/ipv4.rev.zone.j2 (limited to 'roles') diff --git a/roles/space_server/files/named.conf b/roles/space_server/files/named.conf index 81c4969..0659a3b 100644 --- a/roles/space_server/files/named.conf +++ b/roles/space_server/files/named.conf @@ -75,6 +75,18 @@ logging { }; }; +acl local { + 127.0.0.1; + 10.42.0.0/24; // infrastructure + 10.42.1.0/24; // member wired + 10.42.2.0/24; // member wireless + ::1; + 2a01:4262:1ab:a::/64; // infrastructure + 2a01:4262:1ab:b::/64; // member wired + 2a01:4262:1ab:c::/64; // member wireless + 2a01:4262:1ab:f::/64; // member nat64 +}; + zone "." IN { type hint; file "named.ca"; @@ -83,20 +95,15 @@ zone "." IN { zone "s" IN { type master; file "/etc/named/s.zone"; - allow-query { - 127.0.0.1; - 10.42.0.0/24; # infrastructure - 10.42.1.0/24; # member wired - 10.42.2.0/24; # member wireless - ::1; - 2a01:4262:1ab:a::/64; # infrastructure - 2a01:4262:1ab:b::/64; # member wired - 2a01:4262:1ab:c::/64; # member wireless - 2a01:4262:1ab:f::/64; # member nat64 - }; - allow-transfer { - none; - }; + allow-query { local; }; + allow-transfer { none; }; +}; + +zone "42.10.in-addr.arpa" IN { + type master; + file "/etc/named/ipv4.rev.zone"; + allow-query { local; }; + allow-transfer { none; }; }; include "/etc/named.rfc1912.zones"; diff --git a/roles/space_server/tasks/named.yml b/roles/space_server/tasks/named.yml index 143e8f0..243bf3e 100644 --- a/roles/space_server/tasks/named.yml +++ b/roles/space_server/tasks/named.yml @@ -1,4 +1,17 @@ --- +- name: Create local zones + template: + dest: '/etc/named/{{ item }}' + src: '{{ item }}.j2' + owner: root + group: named + mode: 0644 + with_items: + - 's.zone' + - 'ipv4.rev.zone' + notify: + - restart named + - name: Configure named copy: dest: '/etc/named.conf' @@ -8,15 +21,6 @@ mode: 0640 notify: - restart named -- name: Create s zone - template: - dest: '/etc/named/s.zone' - src: s.zone.j2 - owner: root - group: named - mode: 0644 - notify: - - restart named - name: Create service drop-in directory file: diff --git a/roles/space_server/templates/ipv4.rev.zone.j2 b/roles/space_server/templates/ipv4.rev.zone.j2 new file mode 100644 index 0000000..1736333 --- /dev/null +++ b/roles/space_server/templates/ipv4.rev.zone.j2 @@ -0,0 +1,12 @@ +42.10.in-addr.arpa. 600 IN SOA space.labitat.dk. esmil.labitat.dk. 2019040101 7200 3600 604800 86400 +42.10.in-addr.arpa. 600 IN NS space.labitat.dk. + +{% for host in local_hosts %} +{% if 'ipv4' in host %} +{% for ip in host.ipv4 %} +{% if ip.startswith('10.42.') %} +{{ ip.split('.')[3] }}.{{ ip.split('.')[2] }}.42.10.in-addr.arpa. 600 IN PTR {{ host.name }}.s. +{% endif %} +{% endfor %} +{% endif %} +{% endfor %} -- cgit v1.2.1