fix key distribution in bind role

2019-06-27 13:11:40 +04:00 · 2019-06-27 13:11:40 +04:00 · d0893b87df
commit d0893b87df
parent d5bf5d23f8
2 changed files with 22 additions and 3 deletions
--- a/roles/bind-role/tasks/main.yml
+++ b/roles/bind-role/tasks/main.yml
@ -57,6 +57,28 @@
  register: reverse_hashes_ipv6
  with_items: "{{ bind_zone_ipv6_networks }}"

+- name: Generate rndc.key
+  shell: rndc-confgen -a -b 128 -c /etc/rndc.key -k rndc-key
+  register: key_generated
+  when: key_generated is not defined
+
+- name: "grab rndc.key"
+  fetch:
+    dest: "./.tmp/rndc.key"
+    src: "/etc/rndc.key"
+    flat: true
+  when: key_generated is defined
+
+- name: "put master rndc.key to slave"
+  copy:
+    src: "./.tmp/rndc.key"
+    dest: "/etc/rndc.key"
+    owner: root
+    group: named
+    mode: 0640
+    force: yes
+  when: key_generated is defined
+
 - include_tasks: master.yml
  when: bind_zone_master_server_ip in ansible_all_ipv4_addresses

--- a/roles/bind-role/tasks/master.yml
+++ b/roles/bind-role/tasks/master.yml
@ -1,9 +1,6 @@
 # roles/bind/tasks/master.yml
 # Set up a BIND master server
 ---
- name: Master | Generate rndc.key
-  shell: rndc-confgen -a -b 128 -c /etc/rndc.key -k rndc-key
-
 - name: Master | Main BIND config file (master)
  template:
    src: master_etc_named.conf.j2