pyrocufflink-dns: Split named_zones definition

In order to support adding a second DNS server, the BIND zone configuration needs to be partially modularized. While the forwarder definitions for *pyrocufflink.blue*, etc. will remain the same, the *pyrocufflink.red* zone will be different, as it will be a slave zone on the second server. This commit breaks up the definition of the `named_zones` variable into two parts: * `pyrocufflink_red_zones`: This is a list of zone objects for *pyrocufflink.red* and its corresponding reverse zone. On *dns1.pyrocufflink.blue*, these are master zones. On the new server, these will be slaves. * `pyrocufflink_common_zones`: This is a list of zone objects for the zones that are the same on both servers, since they are all forwarding zones. Similarly, the `named_keys` variable only needs to be defined on the master, since DHCP will only send updates there.
2018-08-12 17:19:40 -05:00 · 2018-08-12 17:19:40 -05:00 · d36e0d5a0a
parent 26f3637bfa
commit d36e0d5a0a
2 changed files with 26 additions and 23 deletions
--- a/group_vars/pyrocufflink-dns.yml
+++ b/group_vars/pyrocufflink-dns.yml
@ -8,25 +8,7 @@ named_allow_query:
 - any
 named_dnssec_validation: false

-named_zones:
- zone: pyrocufflink.red
-  type: master
-  default_records:
-  - name:
-    value: 172.30.0.4
-  - name:
-    type: AAAA
-    value: 2605:6000:3ccc:fb00::4:1
-  allow_update:
-  - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }'
-  - '{ !{ !localhost; any; }; key local-ddns; }'
-  ttl: 30
- zone: 1.31.172.in-addr.arpa
-  type: master
-  allow_update:
-  - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }'
-  - '{ !{ !localhost; any; }; key local-ddns; }'
-  ttl: 30
+pyrocufflink_common_zones:
 - zone: pyrocufflink.blue
  type: forward
  forward: only
@ -64,7 +46,4 @@ named_zones:
  - fd99:8cd7:6528:fe1e::10:1
  - fd99:8cd7:6528:fe1e::9:1

-named_keys:
- name: dhcp-ddns
-  algorithm: hmac-md5
-  secret: +0zVSpY8oFrxl2F1qB8tT2HMgbuD31JurL9w4zilNCg=
+named_zones: '{{ pyrocufflink_red_zones + pyrocufflink_common_zones }}'
--- a/host_vars/dns0.pyrocufflink.blue.yml
+++ b/host_vars/dns0.pyrocufflink.blue.yml
@ -0,0 +1,24 @@
+pyrocufflink_red_zones:
+- zone: pyrocufflink.red
+  type: master
+  default_records:
+  - name:
+    value: 172.30.0.4
+  - name:
+    type: AAAA
+    value: 2605:6000:3ccc:fb00::4:1
+  allow_update:
+  - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }'
+  - '{ !{ !localhost; any; }; key local-ddns; }'
+  ttl: 30
+- zone: 1.31.172.in-addr.arpa
+  type: master
+  allow_update:
+  - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }'
+  - '{ !{ !localhost; any; }; key local-ddns; }'
+  ttl: 30
+
+named_keys:
+- name: dhcp-ddns
+  algorithm: hmac-md5
+  secret: +0zVSpY8oFrxl2F1qB8tT2HMgbuD31JurL9w4zilNCg=