[mirror/dsa-puppet.git] / modules / roles / manifests / dns_primary.pp

# the primary (hidden master) nameserver does bind zone file stuff and letsencrypt cert handling
class roles::dns_primary {
  include named::primary

  ssh::authorized_key_collect { 'dns_primary-dnsadm':
    target_user => 'dnsadm',
    collect_tag => 'dns_primary',
  }
  ssh::authorized_key_collect { 'dns_primary-letsencrypt':
    target_user => 'letsencrypt',
    collect_tag => 'dns_primary',
  }
}