Project

General

Profile

Statistics
| Branch: | Revision:

duckcorp-infra / ansible / group_vars / dns_servers / dns.yml @ aad53888

History | View | Annotate | Download (2.15 KB)

1
---
2
ns:
3
  master:
4
    zone_path: "/etc/bind/masters"
5
    signed_zone_path: "/etc/bind/masters/signed"
6
  slave:
7
    zone_path: "/var/cache/bind/slaves"
8
  zone_file_suffix: ".zone"
9
  tlsa_file_suffix: ".tlsa"
10
  dnssec_signer_call: "ods-signer sign %s"
11
  server_groups:
12
    duckcorp_ns1:
13
      ips:
14
        - 2001:67c:1740:9016::c111:c0d3
15
        - 193.200.43.105
16
      key: duckcorp-internal
17
    duckcorp_ns2:
18
      ips:
19
        - 2001:67c:1740:9001::c1c8:2ab1
20
        - 193.200.42.177
21
        - 2001:7a8:1:267::3
22
        - 213.215.11.164
23
      key: duckcorp-internal
24
    duckcorp_net:
25
      ips:
26
        - 2001:7a8:1:52::/64
27
        - 2001:67c:1740:9001::/64
28
        - 193.200.42.176/28
29
        - 2001:7a8:1:267::3
30
        - 213.215.11.164
31
        - 2001:67c:1740:9016::c111:c0d3
32
        - 193.200.43.105
33
        - 2001:67c:1740:9005::26
34
        - 193.200.43.26
35
        - 2001:67c:1740:9005::27
36
        - 193.200.43.27
37
        - 176.158.227.221
38
    duckland_ns1:
39
      ips:
40
        - 2001:67c:1740:a000::1
41
        - 193.200.43.161
42
      key: duckcorp-internal
43
    duckland_ns2:
44
      ips:
45
        - 2001:67c:1740:a000::2
46
        - 193.200.43.162
47
      key: duckcorp-internal
48
    duckland_net:
49
      ips:
50
        - 192.168.0.0/16
51
        - 193.17.192.249
52
        - 193.200.43.160/27
53
        - 2001:067C:1740:A000::/64
54
        - 2001:067C:1740:A001::/64
55
        - 2001:067C:1740:A002::/64
56
        - 2001:067C:1740:A003::/64
57
        - 2001:067C:1740:A004::/64
58
        - 2001:067C:1740:A004::/64
59
        - 2001:067C:1740:A005::/64
60
        - 2001:067C:1740:A006::/64
61
        - 2001:067C:1740:A007::/64
62
        - 111.89.174.184/29
63
        - 2001:2c0:cc1e:e700::/56
64
    hivane_ns2:
65
      ips:
66
        - 2001:67c:1740:100::c111:c046
67
        - 193.17.192.70
68
        - 193.17.192.66
69
      key: duckcorp-hivane
70
    gandi:
71
      ips:
72
        - 217.70.177.40
73
  recursion_allowed_groups:
74
    - duckcorp_net
75
    - duckland_net
76
  options:
77
    rate-limit: "{ slip 1; window 15; responses-per-second 10; referrals-per-second 10; nodata-per-second 10; nxdomains-per-second 10; errors-per-second 10; all-per-second 30; qps-scale 60; exempt-clients { localhost; }; }"
78

    
79
# default for the bind9 role
80
manage_firewall: False
81