Add api/api_key parameters
Also add axfr_ips,version_string and webserver*
as configurable parameters.
Related PROD: 11411
Change-Id: I4697872a85a11dddfc3a5e080d6e402576042538
diff --git a/README.rst b/README.rst
index e85f36f..f16ed70 100644
--- a/README.rst
+++ b/README.rst
@@ -21,6 +21,18 @@
bind:
address: 0.0.0.0
port: 53
+ axfr_ips:
+ - 10.11.0.0/16
+ - 127.0.0.1
+ api:
+ enabled: true
+ key: SecurePass
+ webserver:
+ enabled: true
+ password: SuperSecurePass
+ address: 0.0.0.0
+ port: 8081
+
PowerDNS server with sqlite backend
@@ -37,6 +49,14 @@
port: 55
default-soa-name: ns1.domain.tld
soa-minimum-ttl: 3600
+ api:
+ enabled: true
+ key: SecurePass
+ webserver:
+ enabled: true
+ password: SuperSecurePass
+ address: 0.0.0.0
+ port: 8081
Read more
diff --git a/powerdns/files/pdns.conf b/powerdns/files/pdns.conf
index 7b48195..d40feb7 100644
--- a/powerdns/files/pdns.conf
+++ b/powerdns/files/pdns.conf
@@ -1,21 +1,30 @@
{%- from "powerdns/map.jinja" import server with context %}
# Autogenerated configuration file template
-launch=
+allow-axfr-ips={{ server.axfr_ips|join(',') }}
allow-recursion=127.0.0.1
+{%- if server.api.enabled %}
+api-key={{ server.api_key }}
+api=yes
+{%- endif %}
config-dir=/etc/powerdns
daemon=yes
default-soa-name={{ server.default_soa_name }}
-soa-minimum-ttl={{ server.soa_minimum_ttl }}
-disable-axfr=yes
+disable-axfr=no
guardian=yes
+include-dir=/etc/powerdns/pdns.d
+launch=
local-address={{ server.bind.address }}
local-port={{ server.bind.port }}
+master=no
setgid=pdns
setuid=pdns
+slave=yes
+soa-minimum-ttl={{ server.soa_minimum_ttl }}
socket-dir=/var/run
+version-string={{ server.version_string }}
+{%- if server.webserver.enabled %}
webserver=yes
-webserver-address=127.0.0.1
-webserver-password=i.cannot.be.bad
-webserver-port=8081
-version-string=powerdns
-include-dir=/etc/powerdns/pdns.d
+webserver-address={{ server.webserver.address }}
+webserver-password={{ server.webserver.password }}
+webserver-port={{ server.webserver.port }}
+{%- endif %}
diff --git a/powerdns/map.jinja b/powerdns/map.jinja
index bdced8e..3ebd104 100644
--- a/powerdns/map.jinja
+++ b/powerdns/map.jinja
@@ -19,7 +19,17 @@
'port': 53,
},
'default_soa_name': 'a.very.best.power.dns.server',
- 'soa_minimum_ttl': 3600
+ 'soa_minimum_ttl': 3600,
+ 'axfr_ips': [ '127.0.0.1' ],
+ 'version_string': 'powerdns',
+ 'webserver': {
+ 'enabled': false,
+ 'address': '127.0.0.1',
+ 'port': 8081,
+ },
+ 'api': {
+ 'enabled': false,
+ },
},
'RedHat': {
'service': 'pdns',
@@ -40,6 +50,16 @@
'port': 53,
},
'default_soa_name': 'a.very.best.power.dns.server',
- 'soa_minimum_ttl': 3600
+ 'soa_minimum_ttl': 3600,
+ 'axfr_ips': '127.0.0.1',
+ 'version_string': 'powerdns',
+ 'webserver': {
+ 'enabled': false,
+ 'address': '127.0.0.1',
+ 'port': 8081,
+ },
+ 'api': {
+ 'enabled': false,
+ },
},
}, merge=salt['pillar.get']('powerdns:server')) %}
diff --git a/tests/pillar/server.sls b/tests/pillar/server.sls
index e1aa1e8..ca7d5b4 100644
--- a/tests/pillar/server.sls
+++ b/tests/pillar/server.sls
@@ -8,3 +8,10 @@
bind:
address: 127.0.0.1
port: 53
+ api:
+ enabled: true
+ key: ChanGEMe
+ webserver:
+ enabled: true
+ address: 127.0.0.1
+ password: ChangeMeToo