forked from stove/dataset
165 lines
3.8 KiB
YAML
165 lines
3.8 KiB
YAML
---
|
|
version: 1.1
|
|
|
|
network:
|
|
|
|
dns_client_address:
|
|
redefine: true
|
|
disabled: true
|
|
|
|
ip_dns:
|
|
redefine: true
|
|
default:
|
|
variable: _.interface_0.ip
|
|
|
|
dns_server: # Serveur DNS
|
|
|
|
nsd_allowed_client_cidr:
|
|
type: network_cidr
|
|
description: Clients autorisés à interroger le serveur DNS
|
|
multi: true
|
|
mode: basic
|
|
mandatory: false
|
|
|
|
nsd_resolver:
|
|
type: domainname
|
|
description: Nom de domaine du résolveur DNS associé
|
|
mode: basic
|
|
mandatory: false
|
|
|
|
nsd_allowed_all_client:
|
|
type: network_cidr
|
|
description: All autorised IP
|
|
multi: true
|
|
hidden: true
|
|
default:
|
|
jinja: |-
|
|
{%- if _.nsd_allowed_client_ip is defined -%}
|
|
{%- set nsd_allowed_client_ip = _.nsd_allowed_client_ip -%}
|
|
{%- set nsd_resolve_ip = _.nsd_resolve_ip -%}
|
|
{%- else -%}
|
|
{%- set nsd_allowed_client_ip = none -%}
|
|
{%- set nsd_resolve_ip = none -%}
|
|
{%- endif -%}
|
|
{%- for network in ip_eth | nsd_concat_lists(_.nsd_allowed_client_cidr,
|
|
nsd_allowed_client_ip,
|
|
ip=nsd_resolve_ip,
|
|
cidr=true)
|
|
%}
|
|
{{ network }}
|
|
{%- endfor -%}
|
|
params:
|
|
ip_eth:
|
|
variable: general.network.interface_{{ suffix }}.ip
|
|
|
|
dns_zone: # Zone DNS
|
|
|
|
nsd_zones:
|
|
type: domainname
|
|
description: Zones DNS
|
|
multi: true
|
|
examples:
|
|
- subdomain.example.net
|
|
mode: basic
|
|
|
|
dns_reverses:
|
|
description: Zone DNS reverse
|
|
type: leadership
|
|
|
|
nsd_reverse_network:
|
|
description: Réseau pour la résolution reverse
|
|
type: network_cidr
|
|
mode: basic
|
|
mandatory: false
|
|
|
|
nsd_reverse_name:
|
|
description: Nom de la zone
|
|
hidden: true
|
|
default:
|
|
jinja: >-
|
|
{{ _.nsd_reverse_network | get_reverse_name }}
|
|
|
|
nsd_reverse_networks:
|
|
description: Réseaux pour la résolution inverse
|
|
hidden: true
|
|
multi: true
|
|
mandatory: false
|
|
default:
|
|
jinja: |-
|
|
{%- for n in _.dns_reverses.nsd_reverse_network|calc_reverse_networks %}
|
|
{{ n }}
|
|
{%- endfor -%}
|
|
|
|
nsd_reverse_names:
|
|
description: Nom des zones
|
|
hidden: true
|
|
multi: true
|
|
mandatory: false
|
|
default:
|
|
jinja: |-
|
|
{%- for zone in _.dns_reverses.nsd_reverse_name | calc_reverse_names %}
|
|
{{ zone }}
|
|
{%- endfor -%}
|
|
|
|
nsd_zones_all:
|
|
type: domainname
|
|
multi: true
|
|
supplier: ExternalDNS:authority_zones
|
|
hidden: true
|
|
default:
|
|
jinja: |-
|
|
{%- for zone in _.dns_zone.nsd_zones |
|
|
nsd_concat_lists(_.dns_reverses.nsd_reverse_name) %}
|
|
{{ zone }}
|
|
{%- endfor -%}
|
|
|
|
nsd_zone_filenames:
|
|
type: unix_filename
|
|
description: Nom des fichiers de zone
|
|
multi: true
|
|
hidden: true
|
|
default:
|
|
jinja: |-
|
|
{%- for zone in _.dns_zone.nsd_zones %}
|
|
/etc/nsd/{{ zone }}.zone
|
|
{%- endfor -%}
|
|
|
|
nsd_zone_filenames_signed:
|
|
type: unix_filename
|
|
description: Nom des fichiers de zone signé
|
|
multi: true
|
|
hidden: true
|
|
default:
|
|
jinja: |-
|
|
{%- for filename in _.nsd_zone_filenames %}
|
|
{{ filename }}.signed
|
|
{%- endfor -%}
|
|
|
|
nsd_reverse_filenames:
|
|
type: unix_filename
|
|
description: Nom des fichiers de zone reverse
|
|
multi: true
|
|
hidden: true
|
|
mandatory: false
|
|
default:
|
|
jinja: |-
|
|
{% set filenames = [] %}
|
|
{%- for name in _.dns_reverses.nsd_reverse_name %}
|
|
{% set filename = "/etc/nsd/" + name + "reverse" %}
|
|
{%- if filename not in filenames -%}
|
|
{% set tmp = filenames.append(filename) %}
|
|
{{ filename }}
|
|
{%- endif -%}
|
|
{%- endfor -%}
|
|
|
|
nsd_reverse_filenames_signed:
|
|
type: unix_filename
|
|
description: Nom des fichiers de zone reverse signé
|
|
multi: true
|
|
hidden: true
|
|
mandatory: false
|
|
default:
|
|
jinja: |-
|
|
{%- for filename in _.nsd_reverse_filenames %}
|
|
{{ filename }}.signed
|
|
{%- endfor -%}
|