projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
rore on squeeze
[mirror/dsa-puppet.git]
/
modules
/
named
/
templates
/
named.conf.options.erb
diff --git
a/modules/named/templates/named.conf.options.erb
b/modules/named/templates/named.conf.options.erb
index
5dec7ba
..
aa9be9b
100644
(file)
--- a/
modules/named/templates/named.conf.options.erb
+++ b/
modules/named/templates/named.conf.options.erb
@@
-8,7
+8,7
@@
acl Nagios {
str = ''
localinfo.keys.sort.each do |node|
if localinfo[node]['nagiosmaster']
str = ''
localinfo.keys.sort.each do |node|
if localinfo[node]['nagiosmaster']
-
keyinfo[node][0
]['ipHostNumber'].each do |ip|
+
allnodeinfo[node
]['ipHostNumber'].each do |ip|
str += "\t" + ip + "/32;\n"
end
end
str += "\t" + ip + "/32;\n"
end
end
@@
-17,43
+17,48
@@
acl Nagios {
};
options {
};
options {
-
directory "/var/cache/bind";
+ directory "/var/cache/bind";
- auth-nxdomain no; # conform to RFC1035
- listen-on-v6 { any; };
+ auth-nxdomain no; # conform to RFC1035
+<% if classes.include?("named::geodns") or %w{diamond orff senfl}.include?(hostname) -%>
+ listen-on { ! 127.0.0.1; any; };
+ listen-on-v6 { ! ::1; any; };
+<% else -%>
+ listen-on-v6 { any; };
+<% end -%>
-
allow-transfer { none; };
-
allow-update { none; };
-<%
= if classes.include?('named::geodns'
) -%>
-
blackhole { 192.168.0.0/16; 10.0.0.0/8; 172.16.0.0/12; };
-<%
=
end -%>
+ allow-transfer { none; };
+ allow-update { none; };
+<%
if classes.include?("named::geodns"
) -%>
+ blackhole { 192.168.0.0/16; 10.0.0.0/8; 172.16.0.0/12; };
+<% end -%>
<%=
allowed='Nagios; '
<%=
allowed='Nagios; '
- if
classes.include?('named::secondary
')
+ if
(classes.include?('named::authoritative') and not %w{diamond orff senfl}.include?(hostname)) or classes.include?('named::recursor
')
allowed += 'localnets; '
end
allowed += 'localnets; '
end
- str = "allow-recursion { " + allowed + " };\n"
- str += "allow-query { " + allowed + " };\n"
+ str = "
\t
allow-recursion { " + allowed + " };\n"
+ str += "
\t
allow-query { " + allowed + " };\n"
str
-%>
str
-%>
-<%
= if classes.include?('named::secondary
') -%>
+<%
if classes.include?('named::authoritative') or classes.include?('named::geodns
') -%>
dnssec-enable yes;
dnssec-validation yes;
dnssec-enable yes;
dnssec-validation yes;
-<%
=
end -%>
+<% end -%>
};
logging {
channel queries {
};
logging {
channel queries {
-<%
=
if classes.include?('named::geodns') -%>
+<% if classes.include?('named::geodns') -%>
file "/var/log/bind9/geoip-query.log" versions 4 size 40m;
file "/var/log/bind9/geoip-query.log" versions 4 size 40m;
-<%
=
else -%>
+<% else -%>
file "/var/log/bind9/named-query.log" versions 4 size 40m;
file "/var/log/bind9/named-query.log" versions 4 size 40m;
-<%
=
end -%>
+<% end -%>
print-time yes;
print-category yes;
};
print-time yes;
print-category yes;
};
@@
-61,3
+66,4
@@
logging {
category lame-servers { null; };
};
category lame-servers { null; };
};
+