Page History

...

If you are hosting a DNS server the following keys are needed:

Key	Description	Example	Created by	Data-type	Used by:
profile::dns::forwarders

...

Which DNS servers your DNS server should use to resolve domainnames where it is not an authorative DNS

- '<ip-addres-DNS1>'

- '<ip-address-DNS2>'

N/A

List of strings

role::bootstrap, role::dns::master

profile::dns::key::transfer

...

	The TSIG keys used for zone-transfers	'UvetjoX5zMiw/NbQr3biug=='	dnssec-keygen -a HMAC-MD5 -b 128 -n HOST <keyname>	String	role::bootstrap, role::dns::master, role::dns::slave
profile::dns::key::update

...

The TSIG keys used for DNS updates

'UvetjoX5zMiw/NbQr3biug=='

...

dnssec-keygen -a HMAC-MD5 -b 128 -n HOST <keyname>

String

role::bootstrap, role::dns::master, role::dns::

...

slave
profile::dns::slaves	A list over DNS slave-servers which replicates the zone-files from the main DNS server. The hash is structured as key=Servername and value=DNS-IPv4	'ns2.example.com': '192.

...

0.

...

2.

...

130'

...

N/A

List of Hashes

role::bootstrap, role::dns::

...

master, role::

...

dns::

...

slave

profile::dns::

...

zones

A list over DNS zones managed by our DNS servers, or used by our dashboard. The hash is structured as key=DNS-zone and value=DNS-server-shortname.

'zone.example.com': 'ns1'

N/A

List of Hashes

role::bootstrap, role::dashboard, role::dns::master, role::dns::slave

I addition there are a set of keys which are needed for each DNS server managing a DNS zone used by us. Shortname is here the name used in "profile::dns::zones".

Key	Description	Example	Created by	Data-type	Used by:
profile::dns::

...

<shortname>::

...

ipv4

The IPv4 address of a specific DNS server.

'192.

...

0.

...

2.

...

129'

...

N/A

String

role::bootstrap, role::dashboard, role::dns::master, role::

...

dns::slave

profile::dns::

...

<shortname>::name

...

The fqdn of a specific DNS server

'ns1.example

...

.com'

...

N/A

String

role::bootstrap, role::dns::master, role::dns::slave

Dashboard

The general configuration of the dashboard are based on the following keys:

Key

Description

Example

Created by

Data-type

Used by:

profile::dns::<shortname>::key

The TSIG key used for updates sent to this server. It can be useful to let this be a hiera-lookup for the zones managed by our own DNS servers.

'UvetjoX5zMiw/NbQr3biug=='

"%{hiera('profile::dns::key::update')}"

dnssec-keygen -a HMAC-MD5 -b 128 -n HOST <keyname>

String

role::dashboard

profile::dashboard::api: 'http://%{hiera('profile::dashboard::name::v4only')}'
profile::dashboard::datadir: '/var/lib/machineadmin'
profile::dashboard::database::type: 'mysql'
profile::dashboard::database::name: '<mysql-database-name>'
profile::dashboard::database::user: '<mysql-database-user>'
profile::dashboard::database::pass: '<mysql-database-password>'
profile::dashboard::database::host: "%{hiera('profile::haproxy::management::ip')}"
profile::dashboard::database::grant: "%"
profile::dashboard::django::secret: '<pwgen -1 -y -s 50>'
profile::dashboard::ldap::url: 'ldaps://<ldaps-server>:636'
profile::dashboard::ldap::search_base: '<LDAP Search base>'
profile::dashboard::ldap::domain: '<LDAP domain>'
profile::dashboard::name: '<Main dashboard hostname (A and AAAA can be defined for this name)>'
profile::dashboard::name::v4only: '<v4-only dashboard hostname (Should only have an A record defined>'

...

Page tree

Versions Compared

Old Version 10

New Version 11

Key

Dashboard