projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Make rsyncd.log 644 root:root instead of 640 root:archvsync
[mirror/dsa-puppet.git]
/
modules
/
named
/
templates
/
named.conf.options.erb
diff --git
a/modules/named/templates/named.conf.options.erb
b/modules/named/templates/named.conf.options.erb
index
457dcda
..
e093aa4
100644
(file)
--- a/
modules/named/templates/named.conf.options.erb
+++ b/
modules/named/templates/named.conf.options.erb
@@
-8,7
+8,7
@@
acl Nagios {
str = ''
localinfo.keys.sort.each do |node|
if localinfo[node]['nagiosmaster']
str = ''
localinfo.keys.sort.each do |node|
if localinfo[node]['nagiosmaster']
-
keyinfo[node][0
]['ipHostNumber'].each do |ip|
+
allnodeinfo[node
]['ipHostNumber'].each do |ip|
str += "\t" + ip + "/32;\n"
end
end
str += "\t" + ip + "/32;\n"
end
end
@@
-20,7
+20,12
@@
options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
+<% if classes.include?("named::recursor") -%>
listen-on-v6 { any; };
listen-on-v6 { any; };
+<% else -%>
+ listen-on { ! 127.0.0.1; any; };
+ listen-on-v6 { ! ::1; any; };
+<% end -%>
allow-transfer { none; };
allow-update { none; };
allow-transfer { none; };
allow-update { none; };
@@
-30,7
+35,7
@@
options {
<%=
allowed='Nagios; '
<%=
allowed='Nagios; '
- if classes.include?('named::
secondary
')
+ if classes.include?('named::
recursor
')
allowed += 'localnets; '
end
allowed += 'localnets; '
end
@@
-40,7
+45,7
@@
options {
str
-%>
str
-%>
-<% if classes.include?('named::
secondary
') -%>
+<% if classes.include?('named::
authoritative') or classes.include?('named::geodns
') -%>
dnssec-enable yes;
dnssec-validation yes;
<% end -%>
dnssec-enable yes;
dnssec-validation yes;
<% end -%>