Commit eeb64bd0 authored by Bernhard Geier's avatar Bernhard Geier

Merge branch 'master_ffms' into master

parents e563db15 9a52dd2e
......@@ -636,7 +636,7 @@ LoadPlugin write_graphite
{% if "domaenenliste" in hostvars[host] %}
Host "{{domaenen[domaene[0]].ffv4_network | ipaddr(hostvars[host].domaenenliste[domaene[0]].server_id) | ipaddr('address') }}"
{% else %}
Host "{{domaenen[domaene[0]].ffv4_network | ipaddr(hostvars[host].vm_id) | ipaddr('address') }}"
Host "{{domaenen[domaene[0]].ffv4_network | ipaddr(hostvars[host].server_id) | ipaddr('address') }}"
{% endif %}
{% endif %}
{% endfor %}
......
......@@ -14,25 +14,25 @@ $TTL 3600
{% endif %}
{% endfor %}
{% for host in groups['gateways']+groups['hypervisors'] %}
{{host}} IN A {{hostvars[host].ansible_ssh_host}};
{{host}} IN A {{hostvars[host].ipv4}};
{{host}} IN AAAA {{hostvars[host].ipv6}};
{% endfor %}
{% for host in groups['gateways'] %}
{% if hostvars[host].domaenenliste is defined %}
{% for domaene in hostvars[host].domaenenliste|dictsort %}
domaene{{domaene[0]}} IN A {{hostvars[host].ansible_ssh_host}};
domaene{{domaene[0]}} IN A {{hostvars[host].ipv4}};
domaene{{domaene[0]}} IN AAAA {{hostvars[host].ipv6}};
{% if domaene[1].server_id is defined and domaene[1].server_id == 2 %}
domaene{{domaene[0]}}-A IN A {{hostvars[host].ansible_ssh_host}};
domaene{{domaene[0]}}-A IN A {{hostvars[host].ipv4}};
domaene{{domaene[0]}}-A IN AAAA {{hostvars[host].ipv6}};
{% elif domaene[1].server_id is defined and domaene[1].server_id == 3 %}
domaene{{domaene[0]}}-B IN A {{hostvars[host].ansible_ssh_host}};
domaene{{domaene[0]}}-B IN A {{hostvars[host].ipv4}};
domaene{{domaene[0]}}-B IN AAAA {{hostvars[host].ipv6}};
{% elif domaene[1].server_id is defined and domaene[1].server_id == 4 %}
domaene{{domaene[0]}}-C IN A {{hostvars[host].ansible_ssh_host}};
domaene{{domaene[0]}}-C IN A {{hostvars[host].ipv4}};
domaene{{domaene[0]}}-C IN AAAA {{hostvars[host].ipv6}};
{% elif domaene[1].server_id is defined and domaene[1].server_id == 5 %}
domaene{{domaene[0]}}-D IN A {{hostvars[host].ansible_ssh_host}};
domaene{{domaene[0]}}-D IN A {{hostvars[host].ipv4}};
domaene{{domaene[0]}}-D IN AAAA {{hostvars[host].ipv6}};
{% endif %}
{% endfor %}
......
......@@ -14,7 +14,7 @@ view "domaene-{{domaene[0]}}" {
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
{% if is_external_nameserver is defined and is_external_nameserver %}
include "/etc/bind/named.conf.tld";
# include "/etc/bind/named.conf.tld";
{% endif %}
zone "{{freifunk.kurzname}}." {
type master;
......
// {{ ansible_managed }}
options {
directory "/var/cache/bind";
directory "/var/cache/bind";
dnssec-validation auto;
recursion yes;
allow-recursion {
localhost;
dnssec-validation auto;
recursion yes;
allow-recursion {
localhost;
{% if domaenenliste is defined %}
{% for domaene in domaenenliste|dictsort %}
{{domaenen[domaene[0]].ffv4_network}};
{{domaenen[domaene[0]].ffv6_network}};
{{domaenen[domaene[0]].ffv4_network}};
{{domaenen[domaene[0]].ffv6_network}};
{% endfor %}
{% endif %}
};
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
minimal-responses yes;
tcp-clients 1000;
recursive-clients 10000;
rrset-order { order random; };
rrset-order { order random; };
};
{% if collectd is defined and collectd.collect_bind %}
statistics-channels {
inet 127.0.0.1 port 8053 allow { 127.0.0.1; };
inet 127.0.0.1 port 8053 allow { 127.0.0.1; };
};
{% endif %}
......@@ -222,6 +222,28 @@ object Service "Check Bird6 Sessions" {
vars.notification.hipchat = "1"
}
{% if nrpe.check_websites_upstream_ipv4 is defined and hostvars[item].ffrl_nat_ip is defined %}
object Service "Check selected Websites via FFRL tunnel (HTTP/IPv4) " {
import "generic-service"
host_name = "{{ item }}"
check_command = "nrpe2"
vars.nrpe_command = "check_websites-ffrl-ipv4"
vars.sla = "24x7"
vars.notification.hipchat = "1"
}
{% endif %}
{% if nrpe.check_websites_upstream_ipv4 is defined and hostvars[item].ffnw_nat_ip is defined %}
object Service "Check selected Websites via FFNW tunnel (HTTP/IPv4) " {
import "generic-service"
host_name = "{{ item }}"
check_command = "nrpe2"
vars.nrpe_command = "check_websites-ffnw-ipv4"
vars.sla = "24x7"
vars.notification.hipchat = "1"
}
{% endif %}
{% if hostvars[item].domaenenliste is defined %}
{% for domaene in hostvars[item].domaenenliste|dictsort %}
object Service "Check BATMAN Dom {{domaene[0]}} via IP" {
......
......@@ -16,13 +16,13 @@ Unattended-Upgrade::Allowed-Origins {
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
+{% if unattended_upgrades.origins_pattern is defined and unattended_upgrades.origins_pattern %}
+
+ // Custom matching:
+{% for item in unattended_upgrades.origins_pattern %}
+ "{{ item }}";
+{% endfor %}
+{% endif %}
{% if unattended_upgrades.origins_pattern is defined and unattended_upgrades.origins_pattern %}
// Custom matching:
{% for item in unattended_upgrades.origins_pattern %}
"{{ item }}";
{% endfor %}
{% endif %}
};
// List of packages to not update (regexp are supported)
......@@ -38,7 +38,7 @@ Unattended-Upgrade::Package-Blacklist {
Unattended-Upgrade::DevRelease "false";
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
// unattended-upgrades will automatically run
// dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
......@@ -73,7 +73,7 @@ Unattended-Upgrade::MinimalSteps "true";
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
// Automatically reboot *WITHOUT CONFIRMATION*
// if the file /var/run/reboot-required is found after the upgrade
// if the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";
// If automatic reboot is enabled and needed, reboot at the specific
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment