dns.conf 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
  1. #
  2. # DNS service checks (Salt maanged)
  3. #
  4. {%- set reference_ns = salt['pillar.get']('dns-server:reference_ns') %}
  5. ################################################################################
  6. # Internal DNS services #
  7. ################################################################################
  8. # Check DNS Anycast address
  9. object Host "dns.srv.in.ffho.net" {
  10. import "generic-dummy-host"
  11. display_name = "dns.srv.in.ffho.net"
  12. address = "10.132.251.53"
  13. address6 = "2a03:2260:2342:f251::53"
  14. vars.roles = [
  15. "dns",
  16. ]
  17. }
  18. # Check DNS anycast nodes
  19. apply Service "dns4" {
  20. import "generic-service"
  21. check_command = "dns"
  22. vars.dns_lookup = "dns.srv.in.ffho.net"
  23. vars.dns_expected_answer = "10.132.251.53"
  24. vars.dns_server = host.address
  25. assign where host.address && "dns-auth" in host.vars.roles
  26. }
  27. apply Service "dns6" {
  28. import "generic-service"
  29. check_command = "dns"
  30. vars.dns_lookup = "dns.srv.in.ffho.net"
  31. vars.dns_expected_answer = "10.132.251.53"
  32. vars.dns_server = host.address6
  33. assign where host.address6 && "dns-auth" in host.vars.roles
  34. }
  35. # Check if DNS nodes are in sync with auth server
  36. apply Service "dns_sync" {
  37. import "generic-service"
  38. check_command = "dns_sync"
  39. vars.reference_ns = "{{ reference_ns }}"
  40. vars.replica_ns = host.address
  41. vars.zones = [
  42. "ffho.net",
  43. "132.10.in-addr.arpa",
  44. "30.172.in-addr.arpa",
  45. ]
  46. assign where host.address && "dns-auth" in host.vars.roles
  47. ignore where "dns-server-master" in host.vars.roles
  48. }
  49. ################################################################################
  50. # External DNS services #
  51. ################################################################################
  52. apply Service "dns_sync_dns01.srv.rfc2324.org" {
  53. import "generic-service"
  54. check_command = "dns_sync"
  55. vars.reference_ns = "{{ reference_ns }}"
  56. vars.replica_ns = "31.172.8.66"
  57. vars.zones = [
  58. "ffho.net",
  59. "hochstift.freifunk.net",
  60. "paderborn.freifunk.net",
  61. ]
  62. assign where "dns-server-master" in host.vars.roles
  63. }
  64. apply Service "dns_sync_ns.youngage.eu" {
  65. import "generic-service"
  66. check_command = "dns_sync"
  67. vars.reference_ns = "{{ reference_ns }}"
  68. vars.replica_ns = "5.9.142.19"
  69. vars.zones = [
  70. "ffho.net",
  71. "hochstift.freifunk.net",
  72. "paderborn.freifunk.net",
  73. ]
  74. assign where "dns-server-master" in host.vars.roles
  75. }