https://github.com/herbetom/salt-formula-knot

https://github.com/herbetom/salt-formula-knot

salt salt-formula saltstack saltstack-formula

Last synced: about 16 hours ago
JSON representation

• Host: GitHub
• URL: https://github.com/herbetom/salt-formula-knot
• Owner: herbetom
• License: agpl-3.0
• Created: 2020-06-03T22:39:44.000Z (about 6 years ago)
• Default Branch: master
• Last Pushed: 2020-06-05T13:01:54.000Z (about 6 years ago)
• Last Synced: 2025-02-22T18:49:47.865Z (over 1 year ago)
• Topics: salt, salt-formula, saltstack, saltstack-formula
• Language: SaltStack
• Size: 14.6 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Salt-formula-knot

This salt formula enables you to deploy [knot-dns](https://www.knot-dns.cz/) as your authoritative DNS Server.

## Example Pillars

### init.sls

```yaml

---

include:

{% if grains.fqdn.startswith('ns1.') %}

  - group.knot.master

{% else %}

  - group.knot.slave

{% endif %}

knot:

  server:

    params:

      rundir: /run/knot

      user: knot:knot

      listen: 

        - 0.0.0.0@53

        - ::@53

  log:

    syslog: 

      any: info

  # generate with `keymgr -t tsig_ffrn_ns_2020052100 hmac-sha384`

  key:

    tsig_key:

      algorithm: hmac-sha512

      secret: supersecretkey

  template:

    default:

      storage: "/var/lib/knot/zones"

      file: "%s.zone"

      journal-db: "/var/lib/knot/journal"

      kasp-db: "/var/lib/knot/keys"

      timer-db: "/var/lib/knot/timers"

  zone:

    example.org: {}

    test.example.org:

      file: "testone.zone"

```

### master.sls

```yaml

---

knot:

  zones-repository:

    remote: https://github.com/Freifunk-Rhein-Neckar/zones.git

  remote:

    remote_slave_ns:

      address:

        - "198.51.100.53"

        - "2001:db8:2::53"

        - "203.0.113.53"

        - "2001:db8:3::53"

      key: tsig_key

  acl:

    acl_slave_ns:

      address:

        - "198.51.100.53"

        - "2001:db8:2::53"

        - "203.0.113.53"

        - "2001:db8:3::53"

      key: tsig_key

      action: transfer

  template:

    default:

      notify: remote_slave_ns

      acl: acl_slave_ns

      zonefile-sync: -1

      zonefile-load: difference

      journal-content: changes

```

### slave.sls

```yaml

---

knot:

  remote:

    master_ns:

      address:

        - "192.0.2.53"

        - "2001:db8:1::53"

      key: tsig_key

  acl:

    acl_ns:

      address: 

        - "192.0.2.53"

        - "2001:db8:1::53"

      action: notify

      key: tsig_key

  template:

    default:

      master: master_ns

      acl: acl_ns

```