Add explicit DNS forwarders to TLS job

Current settings "--auto-forwarders" used as DNS server address
of the router in the tenant. Because it could delay requests let's
use explicit DNS forwarders from custome_nameserver variable.
Closes-Bug: #1824772
Change-Id: I31fe475843a751aefe3d8b574edf42ff762aaab8
This commit is contained in:
Sagi Shnaidman 2019-04-17 02:44:59 +03:00
parent 3a64d8cdaa
commit a33bdae59f
1 changed files with 9 additions and 2 deletions

View File

@ -45,8 +45,15 @@ ipa-server-install -U \
-a $CA_ADMIN_PASS \
--hostname `hostname -f ` \
--ip-address=$IPA_SERVER_IP \
--setup-dns --auto-forwarders --auto-reverse {{ ipa_server_install_params|default('') }}
--setup-dns \
{% if custom_nameserver is defined -%}
{% for dns in custom_nameserver %}
--forwarder={{ dns }} \
{% endfor %}
{% else %}
--auto-forwarders \
{% endif %}
--auto-reverse {{ ipa_server_install_params|default('') }}
## * Set CA to create CRL on restart
sed -i "s/ca.crl.MasterCRL.publishOnStart=.*/ca.crl.MasterCRL.publishOnStart=true/" /etc/pki/pki-tomcat/ca/CS.cfg
systemctl restart pki-tomcatd@pki-tomcat.service