]> git.openstreetmap.org Git - chef.git/blob - cookbooks/bind/templates/default/named.options.erb
projects / chef.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Allow local netblocks to access bind as well as known hosts
[chef.git] / cookbooks / bind / templates / default / named.options.erb
1 # DO NOT EDIT - This file is being maintained by Chef
2
3 acl "osm" {
4         127.0.0.1/32;
5 <% node.interfaces(:family => :inet).each do |interface| -%>
6         <%= interface[:network] %>/<%= interface[:prefix] %>;
7 <% end -%>
8 <% @ipv4_clients.sort.each do |address| -%>
9         <%= address %>/32;
10 <% end -%>
11
12         ::1/128;
13 <% node.interfaces(:family => :inet6).each do |interface| -%>
14         <%= interface[:network] %>/<%= interface[:prefix] %>;
15 <% end -%>
16 <% @ipv6_clients.sort.each do |address| -%>
17         <%= address %>/128;
18 <% end -%>
19 };
20
21 options {
22         # Directory to use for any working files
23         directory "/var/cache/bind";
24
25 <% if node[:bind][:forwarders] -%>
26         # Forward any queries we can't answer
27         forwarders {
28 <% node[:bind][:forwarders].each do |forwarder| -%>
29                 <%= forwarder %>;
30 <% end -%>
31         };
32 <% end -%>
33
34         # Only allow queries from our machines
35         allow-query { osm; };
36
37         # Don't allow transfers
38         allow-transfer { none; };
39
40         # Listen on any IPv6 interfaces
41         listen-on-v6 { any; };
42 };
43
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.