From: Tom Hughes <tom@compton.nu>
Date: Wed, 26 Jun 2019 17:58:27 +0000 (+0100)
Subject: Allow local netblocks to access bind as well as known hosts
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/3cef4ee66b7354afd03f536e58187b559ca98659

Allow local netblocks to access bind as well as known hosts
---

diff --git a/cookbooks/bind/templates/default/named.options.erb b/cookbooks/bind/templates/default/named.options.erb
index f9cebbc10..2ec4094dc 100644
--- a/cookbooks/bind/templates/default/named.options.erb
+++ b/cookbooks/bind/templates/default/named.options.erb
@@ -2,11 +2,17 @@
 
 acl "osm" {
 	127.0.0.1/32;
+<% node.interfaces(:family => :inet).each do |interface| -%>
+        <%= interface[:network] %>/<%= interface[:prefix] %>;
+<% end -%>
 <% @ipv4_clients.sort.each do |address| -%>
 	<%= address %>/32;
 <% end -%>
 
 	::1/128;
+<% node.interfaces(:family => :inet6).each do |interface| -%>
+        <%= interface[:network] %>/<%= interface[:prefix] %>;
+<% end -%>
 <% @ipv6_clients.sort.each do |address| -%>
 	<%= address %>/128;
 <% end -%>