update..

2022-02-14 01:22:14 +01:00
parent 3ed4a6bf0c
commit e4bd49dd92
10 changed files with 579 additions and 5 deletions
--- a/host_vars/gw-ebs.oopen.de.yml
+++ b/host_vars/gw-ebs.oopen.de.yml
@ -29,6 +29,24 @@
 # vars used by roles/common/tasks/users.yml
 # ---

+insert_ssh_keypair_backup_server: false
+ssh_keypair_backup_server:
+  - name: backup
+    backup_user: back
+    priv_key_src: root/.ssh/id_rsa.backup.oopen.de
+    priv_key_dest: /root/.ssh/id_rsa
+    pub_key_src: root/.ssh/id_rsa.backup.oopen.de.pub
+    pub_key_dest: /root/.ssh/id_rsa.pub
+
+insert_keypair_backup_client: true
+ssh_keypair_backup_client:
+  - name: backup
+    priv_key_src: root/.ssh/id_ed25519.oopen-server
+    priv_key_dest: /root/.ssh/id_ed25519
+    pub_key_src: root/.ssh/id_ed25519.oopen-server.pub
+    pub_key_dest: /root/.ssh/id_ed25519.pub
+    target: backup.oopen.de
+
 default_user:

  - name: chris
@ -87,6 +105,50 @@ sudo_users:

 apt_install_bind9_packages: true

+
+bind9_gateway_acl:
+  - local-net:
+    name: local-net
+    entries:
+      - 127.0.0.0/8
+      - 172.16.0.0/12
+      - 192.168.0.0/16
+      - 10.0.0.0/8
+      - fc00::/7
+      - fe80::/10
+      - ::1/128
+  - internaldns:
+    name: internaldns
+    entries:
+      - '# Nameserver Kanzlei Kiel'
+      - 192.168.100.1
+
+bind9_gateway_listen_on_v6:
+   - none
+
+bind9_gateway_listen_on:
+  - any
+
+#bind9_gateway_allow_transfer: {}
+bind9_gateway_allow_transfer:
+   - internaldns
+
+bind9_transfer_source:  !!str "192.168.182.1"
+bind9_notify_source: !!str "192.168.182.1"
+
+#bind9_gateway_allow_query: {}
+bind9_gateway_allow_query:
+  - local-net
+
+#bind9_gateway_allow_query_cache: {}
+bind9_gateway_allow_query_cache:
+  - local-net
+
+bind9_gateway_recursion:  !!str "yes"
+#bind9_gateway_allow_recursion: {}
+bind9_gateway_allow_recursion:
+  - local-net
+
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---