2019-10-14 18:34:43 +02:00
|
|
|
# {{ ansible_managed }}
|
|
|
|
|
2021-05-16 18:35:29 +02:00
|
|
|
{% if ansible_default_ipv4.address == dns_primary %}
|
2017-01-07 15:41:21 +01:00
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# allow-dnsupdate-from A global setting to allow DNS updates from these IP ranges.
|
|
|
|
#
|
|
|
|
# allow-dnsupdate-from=127.0.0.0/8,::1
|
2021-07-30 23:44:00 +02:00
|
|
|
allow-dnsupdate-from=127.0.0.0/8,::1,{{ dhcpd_primary }}{% if dhcpd_secondary is defined %},{{ dhcpd_secondary }}{% endif %}
|
2021-05-16 18:35:29 +02:00
|
|
|
|
|
|
|
#################################
|
|
|
|
# dnsupdate Enable/Disable DNS update (RFC2136) support. Default is no.
|
|
|
|
#
|
|
|
|
# dnsupdate=no
|
|
|
|
dnsupdate=yes
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
#################################
|
|
|
|
# launch Which backends to launch and order to query them in
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
2019-10-14 18:34:43 +02:00
|
|
|
# launch=
|
2021-05-16 18:35:29 +02:00
|
|
|
launch=bind,gsqlite3
|
2017-01-07 15:41:21 +01:00
|
|
|
|
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# local-address Local IP addresses to which we bind
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
2019-10-14 18:34:43 +02:00
|
|
|
# local-address=0.0.0.0
|
|
|
|
local-address=127.0.0.1
|
2017-01-07 15:41:21 +01:00
|
|
|
|
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# local-port The port on which we listen
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
2019-10-14 18:34:43 +02:00
|
|
|
# local-port=53
|
|
|
|
local-port=5300
|
2017-01-07 15:41:21 +01:00
|
|
|
|
2021-05-16 18:35:29 +02:00
|
|
|
{% if ansible_default_ipv4.address == dns_primary %}
|
2018-01-23 18:29:16 +01:00
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# master Act as a master
|
|
|
|
#
|
|
|
|
# master=no
|
|
|
|
master=yes
|
|
|
|
|
2021-07-30 23:44:00 +02:00
|
|
|
{% if dns_secondary is defined %}
|
2021-05-16 18:35:29 +02:00
|
|
|
#################################
|
|
|
|
# only-notify Only send AXFR NOTIFY to these IP addresses or netmasks
|
|
|
|
#
|
|
|
|
# only-notify=0.0.0.0/0,::/0
|
|
|
|
only-notify={{ dns_secondary }}
|
|
|
|
{% endif %}
|
2021-07-30 23:44:00 +02:00
|
|
|
{% endif %}
|
2021-05-16 18:35:29 +02:00
|
|
|
|
|
|
|
#################################
|
|
|
|
# security-poll-suffix Domain name from which to query security update notifications
|
2018-01-23 18:29:16 +01:00
|
|
|
#
|
|
|
|
# security-poll-suffix=secpoll.powerdns.com.
|
|
|
|
security-poll-suffix=
|
|
|
|
|
2017-01-07 15:41:21 +01:00
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# setgid If set, change group id to this gid for more security
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
|
|
|
setgid=pdns
|
|
|
|
|
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# setuid If set, change user id to this uid for more security
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
|
|
|
setuid=pdns
|
|
|
|
|
2021-09-04 16:36:01 +02:00
|
|
|
{% if dns_secondary is defined and ansible_default_ipv4.address == dns_secondary %}
|
2021-05-16 18:35:29 +02:00
|
|
|
#################################
|
|
|
|
# slave Act as a slave
|
|
|
|
#
|
|
|
|
# slave=no
|
|
|
|
slave=yes
|
|
|
|
|
|
|
|
#################################
|
|
|
|
# trusted-notification-proxy IP address of incoming notification proxy
|
|
|
|
#
|
|
|
|
# trusted-notification-proxy=
|
|
|
|
trusted-notification-proxy=127.0.0.1,::1
|
|
|
|
{% endif %}
|
|
|
|
|
2017-01-07 15:41:21 +01:00
|
|
|
#################################
|
2021-05-16 18:35:29 +02:00
|
|
|
# bind-config Location of named.conf
|
2017-01-07 15:41:21 +01:00
|
|
|
#
|
|
|
|
bind-config=/etc/powerdns/bindbackend.conf
|
2021-05-16 18:35:29 +02:00
|
|
|
|
|
|
|
#################################
|
|
|
|
# gsqlite3-database Filename of the SQLite3 database
|
|
|
|
#
|
|
|
|
# gsqlite3-database=
|
|
|
|
gsqlite3-database=/var/lib/powerdns/pdns.sqlite3
|