Skip to content
Snippets Groups Projects
Commit 65603132 authored by ale's avatar ale
Browse files

Allow named to read DNSSEC credentials

parent 181e5146
No related branches found
No related tags found
No related merge requests found
Pipeline #67585 passed
Stage: test
Show whitespace changes
Inline Side-by-side
roles/float-infra-dns/tasks/main.yml
+ 6
2
View file @ 65603132
...@@ -109,13 +109,17 @@ ...@@ -109,13 +109,17 @@
file: file:
path: "/etc/credentials/dnssec" path: "/etc/credentials/dnssec"
state: directory state: directory
mode: 0700 owner: root
group: bind
mode: 0750
- name: Install DNSSEC keys - name: Install DNSSEC keys
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "/etc/credentials/dnssec/{{ item | basename }}" dest: "/etc/credentials/dnssec/{{ item | basename }}"
mode: 0600 owner: root
group: bind
mode: 0640
with_fileglob: with_fileglob:
- "{{ credentials_dir }}/dnssec/K*.private" - "{{ credentials_dir }}/dnssec/K*.private"
- "{{ credentials_dir }}/dnssec/K*.key" - "{{ credentials_dir }}/dnssec/K*.key"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment