adns: Set zone directory permissions

Bind needs to be able to write to the zone directories in order to sign the zones. Change-Id: I5649c28c6f7d8d98e0eca3c9c4da5d7312198b5c
2018-11-05 09:02:55 -08:00 · 2018-11-05 09:02:55 -08:00 · d15c6166c3
commit d15c6166c3
parent dae1a0351c
1 changed files with 3 additions and 0 deletions
--- a/playbooks/roles/master-nameserver/tasks/main.yaml
+++ b/playbooks/roles/master-nameserver/tasks/main.yaml
@ -19,6 +19,9 @@
  synchronize:
    src: "/opt/source/{{ item.source }}"
    dest: "/var/lib/bind/zones/{{ item.name }}"
+    rsync_opts:
+      - "--chmod=u+rwX,g+rX,o+rX"
+      - "--chown=bind:bind"
  loop: "{{ dns_zones }}"
  notify: Reload named
 - name: Install tsig key