unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add reverse dns zones for incus (#260)

Browse Source 
- add reverse dns zones for incus hosts
- update acls for openresolver

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/260
This commit is contained in:
Ben Vincent 2025-04-24 23:48:34 +10:00
parent ecce93bedb
commit 463abe4b9d
2 changed files with 96 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
hieradata/roles/infra/dns/master.yaml
View File

@ -9,6 +9,14 @@ profiles::dns::master::acls:
- 198.18.15.0/24
- 198.18.16.0/24
- 198.18.17.0/24
- 198.18.19.0/24
- 198.18.20.0/24
- 198.18.24.0/24
- 198.18.25.0/24
- 198.18.26.0/24
- 198.18.27.0/24
- 198.18.28.0/24
- 198.18.29.0/24
profiles::dns::master::zones:
main.unkin.net:
@ -47,6 +55,72 @@ profiles::dns::master::zones:
dynamic: false
ns_notify: true
source: '/var/named/sources/17.18.198.in-addr.arpa.conf'
19.18.198.in-addr.arpa:
domain: '19.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/19.18.198.in-addr.arpa.conf'
20.18.198.in-addr.arpa:
domain: '20.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/20.18.198.in-addr.arpa.conf'
21.18.198.in-addr.arpa:
domain: '21.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/21.18.198.in-addr.arpa.conf'
22.18.198.in-addr.arpa:
domain: '22.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/22.18.198.in-addr.arpa.conf'
23.18.198.in-addr.arpa:
domain: '23.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/23.18.198.in-addr.arpa.conf'
24.18.198.in-addr.arpa:
domain: '24.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/24.18.198.in-addr.arpa.conf'
25.18.198.in-addr.arpa:
domain: '25.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/25.18.198.in-addr.arpa.conf'
26.18.198.in-addr.arpa:
domain: '26.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/26.18.198.in-addr.arpa.conf'
27.18.198.in-addr.arpa:
domain: '27.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/27.18.198.in-addr.arpa.conf'
28.18.198.in-addr.arpa:
domain: '28.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/28.18.198.in-addr.arpa.conf'
29.18.198.in-addr.arpa:
domain: '29.18.198.in-addr.arpa'
zone_type: 'master'
dynamic: false
ns_notify: true
source: '/var/named/sources/29.18.198.in-addr.arpa.conf'
profiles::dns::master::views:
master-zones:
@ -58,6 +132,17 @@ profiles::dns::master::views:
- 15.18.198.in-addr.arpa
- 16.18.198.in-addr.arpa
- 17.18.198.in-addr.arpa
- 19.18.198.in-addr.arpa
- 20.18.198.in-addr.arpa
- 21.18.198.in-addr.arpa
- 22.18.198.in-addr.arpa
- 23.18.198.in-addr.arpa
- 24.18.198.in-addr.arpa
- 25.18.198.in-addr.arpa
- 26.18.198.in-addr.arpa
- 27.18.198.in-addr.arpa
- 28.18.198.in-addr.arpa
- 29.18.198.in-addr.arpa
match_clients:
- acl-main.unkin.net

11
hieradata/roles/infra/dns/resolver.yaml
View File

@ -93,6 +93,17 @@ profiles::dns::resolver::views:
- 15.18.198.in-addr.arpa-forward
- 16.18.198.in-addr.arpa-forward
- 17.18.198.in-addr.arpa-forward
- 19.18.198.in-addr.arpa-forward
- 20.18.198.in-addr.arpa-forward
- 21.18.198.in-addr.arpa-forward
- 22.18.198.in-addr.arpa-forward
- 23.18.198.in-addr.arpa-forward
- 24.18.198.in-addr.arpa-forward
- 25.18.198.in-addr.arpa-forward
- 26.18.198.in-addr.arpa-forward
- 27.18.198.in-addr.arpa-forward
- 28.18.198.in-addr.arpa-forward
- 29.18.198.in-addr.arpa-forward
- 8.10.10.in-addr.arpa-forward
- 16.10.10.in-addr.arpa-forward
- 20.10.10.in-addr.arpa-forward