dns-ops/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/0sunet.catalog.conf

# 0sunet.catalog (catalog generator)

acl:
  - id: txt_ddns_allow
    action: update
    key: knot-ladok
    update-type: [TXT]
    update-owner: name
    update-owner-name: [ _acme-challenge.*.alternativ.ladok.se. ]
    update-owner-match: pattern

  - id: ddns_allow_alt_ladok
    action: update
    key: alt-ladok
    update-type: [TXT]
    update-owner: name
    update-owner-name: [ _acme-challenge.*.alt.ladok.se., _acme-challenge.*.*.alt.ladok.se. ]
    update-owner-match: pattern

  - id: ddns_allow_sun_ladok
    action: update
    key: sun-ladok
    update-type: [TXT]
    update-owner: name
    update-owner-name: [ _acme-challenge.*.sun.ladok.se., _acme-challenge.*.*.sun.ladok.se. ]
    update-owner-match: pattern

  - id: ddns_allow_infra_utv_ladok
    action: update
    key: infra-utv-ladok
    update-type: [TXT]
    update-owner: name
    update-owner-name: [ _acme-challenge.*.infra.utv.ladok.se. ]
    update-owner-match: pattern

  - id: ddns_allow_lab_utv_ladok
    action: update
    key: lab-utv-ladok
    update-type: [TXT]
    update-owner: name
    update-owner-name: [ _acme-challenge.*.lab.utv.ladok.se. ]
    update-owner-match: pattern


template:
  - id: 0sunet-catz
    catalog-role: member
    catalog-zone: 0sunet.catalog.
    notify: [ ns1-sunet-se, sunic-node1, sunic-node2, sunic-node3 ]
    storage: "/var/lib/knot/catzones"
    file: "%s.zone"

zone:
  - domain: 0sunet.catalog.
    catalog-role: generate
    notify: [ ns1-sunet-se, sunic-node1, sunic-node2, sunic-node3 ]

  - domain: alternativ.ladok.se.
    template: 0sunet-catz
    acl: [txt_ddns_allow]

  - domain: alt.ladok.se.
    template: 0sunet-catz
    acl: [ddns_allow_alt_ladok]

  - domain: sun.ladok.se.
    template: 0sunet-catz
    acl: [ddns_allow_sun_ladok]

  - domain: infra.utv.ladok.se.
    template: 0sunet-catz
    acl: [ddns_allow_infra_utv_ladok]

  - domain: lab.utv.ladok.se.
    template: 0sunet-catz
    acl: [ddns_allow_lab_utv_ladok]