summaryrefslogtreecommitdiff
path: root/roles/network/bind/tasks/main.yml
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2023-05-28 16:31:59 +0200
committerChristian Pointner <equinox@spreadspace.org>2023-05-28 16:31:59 +0200
commitdcfb256f7f9b1f371c8010636cab8311aec244a0 (patch)
treee958e058334ba097a291256d56aef47121c83360 /roles/network/bind/tasks/main.yml
parentchaos-at-home.org-ap: disable client steering for now (diff)
drop .zip and .mov TLDs
Diffstat (limited to 'roles/network/bind/tasks/main.yml')
-rw-r--r--roles/network/bind/tasks/main.yml23
1 files changed, 8 insertions, 15 deletions
diff --git a/roles/network/bind/tasks/main.yml b/roles/network/bind/tasks/main.yml
index 49898162..34e417db 100644
--- a/roles/network/bind/tasks/main.yml
+++ b/roles/network/bind/tasks/main.yml
@@ -60,32 +60,25 @@
notify: reload bind
-- name: add empty .onion zone
- when: bind_empty_onion_zone
+- name: add zone blacklist config
copy:
- dest: /etc/bind/named.conf.onion
+ dest: "/etc/bind/named.conf.blacklist"
content: |
- // block .onion addresses
- zone "onion" {
+ {% for zone in bind_zone_blacklist %}
+ zone "{{ zone }}" {
type master;
file "/etc/bind/db.empty";
zone-statistics no;
notify no;
};
+ {% endfor %}
notify: reload bind
-- name: remove empty .onion zone
- when: not bind_empty_onion_zone
- file:
- path: /etc/bind/named.conf.onion
- state: absent
- notify: reload bind
-
-- name: enable/disable empty .onion zone
+- name: enable zone backlist
lineinfile:
path: /etc/bind/named.conf
- line: 'include "/etc/bind/named.conf.onion";'
- state: "{{ bind_empty_onion_zone is defined | ternary('present', 'absent') }}"
+ line: 'include "/etc/bind/named.conf.blacklist";'
+ state: present
notify: reload bind
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 04:48:57 +0000