summaryrefslogtreecommitdiffstats
path: root/pillar
diff options
context:
space:
mode:
authorPratyush Desai2023-02-19 20:19:18 +0530
committerPratyush Desai2023-02-19 20:46:39 +0530
commiteab80e0573422ab598983e47639e4e96f80ba083 (patch)
treef93ef2adfa7baab388dce0639b18bc9ccb18b683 /pillar
parent18d28c3b7fed42e29eb9ff7b11b4dd1a54f8a510 (diff)
downloadsalt-eab80e0573422ab598983e47639e4e96f80ba083.tar.gz
salt-eab80e0573422ab598983e47639e4e96f80ba083.tar.bz2
salt-eab80e0573422ab598983e47639e4e96f80ba083.zip
add nsd pillar
Diffstat (limited to 'pillar')
-rw-r--r--pillar/formulas.yaml1
-rw-r--r--pillar/role/dns/nsd.sls35
2 files changed, 36 insertions, 0 deletions
diff --git a/pillar/formulas.yaml b/pillar/formulas.yaml
index 191a8e1..0683900 100644
--- a/pillar/formulas.yaml
+++ b/pillar/formulas.yaml
@@ -2,6 +2,7 @@
- firewalld
- keepalived
- nginx
+- nsd
- openssh
- postfix
- prometheus
diff --git a/pillar/role/dns/nsd.sls b/pillar/role/dns/nsd.sls
new file mode 100644
index 0000000..4b89a0a
--- /dev/null
+++ b/pillar/role/dns/nsd.sls
@@ -0,0 +1,35 @@
+nsd:
+ config_data:
+ server:
+ hide-version: 'yes'
+ verbosity: 2
+ ip4-only: 'yes'
+ remote-control:
+ control-enable: 'yes'
+ control-interface: '/run/nsd/nsd.sock'
+ zones:
+ lysergic.dev:
+ zone_source: salt://zones/lysergic.dev.zone
+ allow-notify: 192.168.0.115 tsig.lysergic.dev.
+ request-xfr: 10.0.10.2@5353 tsig.lysergic.dev.
+ outgoing-interface: 192.168.0.160
+ psyched.dev:
+ zone_source: salt://zones/psyched.dev.zone
+ allow-notify: 192.168.0.115 tsig.psyched.dev.
+ request-xfr: 10.0.10.2@5353 tsig.psyched.dev.
+ outgoing-interface: 192.168.0.160
+ syscid.com:
+ zone_source: salt://zones/syscid.com.zone
+ allow-notify: 192.168.0.115 tsig.syscid.com.
+ request-xfr: 10.0.10.2@5353 tsig.syscid.com.
+ outgoing-interface: 192.168.0.160
+ keys:
+ tsig.lysergic.dev.:
+ algorithm: hmac-sha512
+ secret: ${'secret_nsd:tsig_key:lysergic_dev'}
+ tsig.syscid.com.:
+ algorithm: hmac-sha512
+ secret: ${'secret_nsd:tsig_key:syscid_com'}
+ tsig.psyched.dev.:
+ algorithm: hmac-sha512
+ secret: ${'secret_nsd:tsig_key:psyched_dev'}