system-config/playbooks/roles/master-nameserver/README.rst
James E. Blair 90e6088881 Configure adns1.opendev.org server via ansible
Change-Id: Ib4d3cd7501a276bff62e3bc0998d93c41f3ab185
2018-11-02 13:49:38 -07:00

78 lines
1.8 KiB
ReStructuredText

Configure a hidden master nameserver
This role installs and configures bind9 to be a hidden master
nameserver.
**Role Variables**
.. zuul:rolevar:: tsig_key
:type: dict
The TSIG key used to control named.
.. zuul:rolevar:: algorithm
The algorithm used by the key.
.. zuul:rolevar:: secret
The secret portion of the key.
.. zuul:rolevar:: dnssec_keys
:type: dict
This is a dictionary of DNSSEC keys. Each entry is a dnssec key,
where the dictionary key is the dnssec key id and the value is the
a dictionary with the following contents:
.. zuul:rolevar:: zone
The name of the zone for this key.
.. zuul:rolevar:: public
The public portion of this key.
.. zuul:rolevar:: private
The private portion of this key.
.. zuul:rolevar:: dns_repos
:type: list
A list of zone file repos to check out on the server. Each item in
the list is a dictionary with the following keys:
.. zuul:rolevar:: name
The name of the repo.
.. zuul:rolevar:: url
The URL of the git repository.
.. zuul:rolevar:: dns_zones
:type: list
A list of zones that should be served by named. Each item in the
list is a dictionary with the following keys:
.. zuul:rolevar:: name
The name of the zone.
.. zuul:rolevar:: source
The repo name and path of the directory containing the zone
file. For example if a repo was provided to
:zuul:rolevar:`master-nameserver.dns_repos.name` with the name
``example.com``, and within that repo, the ``zone.db`` file was
located at ``zones/example_com/zone.db``, then the value here
should be ``example.com/zones/example_com``.
.. zuul:rolevar:: dns_notify
:type: list
A list of IP addresses of nameservers which named should notify on
updates.