volker.raschek
/
ansible-role-bind9
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

test(ubuntu): tested on ubuntu

This commit is contained in:
Markus Pesch 2022-04-04 16:00:11 +02:00
parent d03840b0c6
commit cd3bd685ce
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
9 changed files with 51 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
tasks/main.yml
View File

@ -1,15 +1,15 @@
--- ---
- name: include special distribution-dependent variables - name: Include special distribution-dependent variables
include_vars: "{{ ansible_os_family }}.yml" include_vars: "{{ ansible_os_family }}.yml"
- name: install bind and dependencies - name: Install bind and dependencies
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: "{{ bind_package_names }}" with_items: "{{ bind_package_names }}"
- name: create logging directory - name: Create logging directory
file: file:
path: "{{ bind_log_directory }}" path: "{{ bind_log_directory }}"
owner: "{{ bind_unix_user }}" owner: "{{ bind_unix_user }}"
@ -18,7 +18,16 @@
state: directory state: directory
recurse: yes recurse: yes
- name: remove existing journal files - name: Create config directory
file:
path: "{{ bind_config_directory }}"
owner: "{{ bind_unix_user }}"
group: "{{ bind_unix_group }}"
mode: 0755
state: directory
recurse: yes
- name: Remove existing journal files
block: block:
- name: find existing journal files - name: find existing journal files
find: find:
@ -40,30 +49,39 @@
# loop_control: # loop_control:
# loop_var: view # loop_var: view
- name: template zone files - name: Create DNS-Zone files
include_tasks: template_zone_files.yml include_tasks: template_zone_files.yml
with_items: with_items:
- "{{ bind9_views }}" - "{{ bind9_views }}"
loop_control: loop_control:
loop_var: view loop_var: view
- name: set up global bind config - name: Create main configuration file
template:
src: "etc/named.conf.j2"
dest: "{{ bind_main_config }}"
owner: "{{ bind_unix_user }}"
group: "{{ bind_unix_group }}"
mode: 0644
notify: restart named
- name: Create excluded configuration files
template: template:
src: "{{ item }}.j2" src: "{{ item }}.j2"
dest: "/etc/{{ item }}" dest: "{{ item | replace('etc/named', bind_config_directory) }}"
owner: "{{ bind_unix_user }}" owner: "{{ bind_unix_user }}"
group: "{{ bind_unix_group }}" group: "{{ bind_unix_group }}"
mode: 0644 mode: 0644
with_items: with_items:
- named.conf - etc/named.conf
- named/named.conf.acl - etc/named/named.conf.acl
- named/named.conf.logging - etc/named/named.conf.logging
- named/named.conf.options - etc/named/named.conf.options
- named/named.conf.tsigkeys - etc/named/named.conf.tsigkeys
- named/named.conf.views - etc/named/named.conf.views
notify: restart named notify: restart named
- name: start and enabled named - name: Start and enabled named
systemd: systemd:
name: named name: named
state: started state: started

14
templates/etc/named.conf.j2 Normal file
View File

@ -0,0 +1,14 @@
#
# {{ ansible_managed }}
#
# zone "." IN {
# type hint;
# file "named.ca";
# };
include "{{ bind_config_directory }}/named.conf.acl";
include "{{ bind_config_directory }}/named.conf.logging";
include "{{ bind_config_directory }}/named.conf.options";
include "{{ bind_config_directory }}/named.conf.tsigkeys";
include "{{ bind_config_directory }}/named.conf.views";

0
templates/named/named.conf.acl.j2 → templates/etc/named/named.conf.acl.j2
View File

0
templates/named/named.conf.logging.j2 → templates/etc/named/named.conf.logging.j2
View File

2
templates/named/named.conf.options.j2 → templates/etc/named/named.conf.options.j2
View File

@ -167,7 +167,7 @@ options {
# allow-update-forwarding {}; # allow-update-forwarding {};
{% endif %} {% endif %}
directory "/etc/named"; directory "{{ bind_config_directory }}";
dnssec-validation {{ bind9_options.dnssec_validation | default('no') }}; dnssec-validation {{ bind9_options.dnssec_validation | default('no') }};

0
templates/named/named.conf.tsigkeys.j2 → templates/etc/named/named.conf.tsigkeys.j2
View File

2
templates/named/named.conf.views.j2 → templates/etc/named/named.conf.views.j2
View File

@ -127,7 +127,7 @@ view "{{ view.name }}" {
# is complete. If the Master is not available or the Slave fails to # is complete. If the Master is not available or the Slave fails to
# contact the Master, ffor whatever reason, the zone may be left with # contact the Master, ffor whatever reason, the zone may be left with
# no effective Authoritative Name Servers. # no effective Authoritative Name Servers.
file "/etc/named/{{ zone.file }}"; file "{{ bind_config_directory }}/{{ zone.file }}";
# master servers # master servers
# https://bind9.readthedocs.io/en/latest/manpages.html?highlight=masters#masters # https://bind9.readthedocs.io/en/latest/manpages.html?highlight=masters#masters

12
templates/named.conf.j2
View File

@ -1,12 +0,0 @@
# zone "." IN {
# type hint;
# file "named.ca";
# };
include "/etc/named/named.conf.acl";
include "/etc/named/named.conf.logging";
include "/etc/named/named.conf.options";
include "/etc/named/named.conf.tsigkeys";
include "/etc/named/named.conf.views";
# include "/etc/named.rfc1912.zones";
# include "/etc/named.root.key";

6
vars/Debian.yml
View File

@ -1,8 +1,8 @@
--- ---
bind_main_config: /etc/named.conf bind_main_config: /etc/bind/named.conf
bind_config_directory: /etc/named bind_config_directory: /etc/bind
bind_log_directory: /var/log/named bind_log_directory: /var/log/bind
bind_package_names: bind_package_names:
- bind9 - bind9