From dcfb256f7f9b1f371c8010636cab8311aec244a0 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 28 May 2023 16:31:59 +0200 Subject: drop .zip and .mov TLDs --- roles/network/bind/tasks/main.yml | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) (limited to 'roles/network/bind/tasks/main.yml') diff --git a/roles/network/bind/tasks/main.yml b/roles/network/bind/tasks/main.yml index 49898162..34e417db 100644 --- a/roles/network/bind/tasks/main.yml +++ b/roles/network/bind/tasks/main.yml @@ -60,32 +60,25 @@ notify: reload bind -- name: add empty .onion zone - when: bind_empty_onion_zone +- name: add zone blacklist config copy: - dest: /etc/bind/named.conf.onion + dest: "/etc/bind/named.conf.blacklist" content: | - // block .onion addresses - zone "onion" { + {% for zone in bind_zone_blacklist %} + zone "{{ zone }}" { type master; file "/etc/bind/db.empty"; zone-statistics no; notify no; }; + {% endfor %} notify: reload bind -- name: remove empty .onion zone - when: not bind_empty_onion_zone - file: - path: /etc/bind/named.conf.onion - state: absent - notify: reload bind - -- name: enable/disable empty .onion zone +- name: enable zone backlist lineinfile: path: /etc/bind/named.conf - line: 'include "/etc/bind/named.conf.onion";' - state: "{{ bind_empty_onion_zone is defined | ternary('present', 'absent') }}" + line: 'include "/etc/bind/named.conf.blacklist";' + state: present notify: reload bind -- cgit v1.2.3