From 06abd17792fafc3adec3916f56c69800690b1431 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobreli@redhat.com>
Date: Tue, 5 Sep 2017 15:56:43 +0200
Subject: Document global DNS security options (#694)

* Document global DNS security options

Related changes:
* Do not create a view if externally managed.
* Allow to specify the recursion settings for public/private
  views defined by the dns-view role.

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>

* Document public_dns_nameservers better

Also use it as the private view forwarder

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
---
 roles/dns-views/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 roles/dns-views/defaults/main.yml

(limited to 'roles/dns-views/defaults/main.yml')

diff --git a/roles/dns-views/defaults/main.yml b/roles/dns-views/defaults/main.yml
new file mode 100644
index 000000000..c9f8248af
--- /dev/null
+++ b/roles/dns-views/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+external_nsupdate_keys: {}
+named_private_recursion: 'yes'
+named_public_recursion: 'no'
-- 
cgit v1.2.3