disable dnssec for catalog zones on auth-dns
All checks were successful
/ Ansible Lint (push) Successful in 2m35s
All checks were successful
/ Ansible Lint (push) Successful in 2m35s
Catalog zones are not real zones in the DNS hierarchy and don't have a parent zone. Therefore they will never have a valid DNSSEC delegation so we should skip signing those zones.
This commit is contained in:
parent
6bb09901a0
commit
3541c68357
SSH key fingerprint:
SHA256:y9T5GFw2A20WVklhetIxG1+kcg/Ce0shnQmbu1LQ37g
1 changed files with 1 additions and 2 deletions
|
|
@ -67,8 +67,7 @@ template:
|
||||||
# template for automatically created special zones
|
# template for automatically created special zones
|
||||||
- id: catalog
|
- id: catalog
|
||||||
catalog-role: generate
|
catalog-role: generate
|
||||||
dnssec-signing: on
|
dnssec-signing: off
|
||||||
dnssec-policy: default
|
|
||||||
|
|
||||||
|
|
||||||
# define zones on this server
|
# define zones on this server
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue