a2569707fe
We have three groups adns : the hidden primary bind server ns : the secondary public authoratitive servers dns : both of the above Only the primary server needs to clone the bind config repos and notify the secondary servers on updates. So the dns_repos and dns_notify arguments can go into adns.yaml so they're only available to the primary server. Only the secondary servers need to know the ip address of the master/primary server so it can allow itself to be notified by that IP, and do transfer requests. So dns_master_ipv<4|6> can live in ns.yaml This leaves in dns.yaml the one thing both have to agree on, which is the zones to transfer betwen each other. Change-Id: Ibd8063e92ad7ff9ee683dcc7dfcc115a0b19dcaa
18 lines
454 B
YAML
18 lines
454 B
YAML
dns_repos:
|
|
- name: zone-opendev.org
|
|
url: https://opendev.org/opendev/zone-opendev.org
|
|
- name: zone-zuul-ci.org
|
|
url: https://opendev.org/opendev/zone-zuul-ci.org
|
|
- name: zone-gating.dev
|
|
url: https://opendev.org/opendev/zone-gating.dev
|
|
dns_notify:
|
|
- 104.239.140.165
|
|
- 162.253.55.16
|
|
iptables_extra_allowed_hosts:
|
|
- protocol: tcp
|
|
port: 53
|
|
hostname: ns1.opendev.org
|
|
- protocol: tcp
|
|
port: 53
|
|
hostname: ns2.opendev.org
|