dns: move tsig_key into common group variable

The tsig_key value is a shared secret between the hidden-primary and
secondary servers to facilitate secure zone transfers.  Thus we should
store it once in the common "adns" group, rather than duplicating it
in the adns-primary and ads-secondary.

Change-Id: I600f1ecdfc06bda79b6a4ce77253f489ad515fa5
Ian Wienand 2023-04-13 11:19:19 +10:00
parent b0d27692de
commit a4efec61af
No known key found for this signature in database
3 changed files with 1 additions and 4 deletions

View File

@ -114,8 +114,8 @@
dest: "/etc/ansible/hosts/{{ item }}"
- group_vars/all.yaml
- group_vars/adns.yaml
- group_vars/adns-primary.yaml
- group_vars/adns-secondary.yaml
- group_vars/bastion.yaml
- group_vars/eavesdrop.yaml
- group_vars/nodepool.yaml

View File

@ -1,6 +1,3 @@
algorithm: hmac-md5
secret: 9zO/4WnUinnLHISPgDI5Aw==
zone: zuulci.org