diff options
| author |  Jonas Gunz <himself@jonasgunz.de>
| 2021-10-06 01:18:17 +0200 |
|---|---|---|
| committer | Jonas Gunz <himself@jonasgunz.de>
| 2021-10-06 01:18:17 +0200 |
| commit | a263e42107537a99e258998c8d5a999f13388fb1 (patch) | |
| tree | 0560e6629dfaa1c9bfe1ecf343c132e03bbceb5c /roles | |
| parent | 84deda7bee5fec7472be556ce2b6028499f0103e (diff) | |
| download | ansible_collection-a263e42107537a99e258998c8d5a999f13388fb1.tar.gz | |
bind: add role
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/bind/defaults/main.yml | 4 | ||||
| -rw-r--r-- | roles/bind/files/named.conf.options | 15 | ||||
| -rw-r--r-- | roles/bind/handlers/main.yml | 6 | ||||
| -rw-r--r-- | roles/bind/tasks/download_zonefile.yml | 15 | ||||
| -rw-r--r-- | roles/bind/tasks/main.yml | 33 | ||||
| -rw-r--r-- | roles/bind/templates/named.conf.local.j2 | 10 |
6 files changed, 83 insertions, 0 deletions
diff --git a/roles/bind/defaults/main.yml b/roles/bind/defaults/main.yml new file mode 100644 index 0000000..bd90082 --- /dev/null +++ b/roles/bind/defaults/main.yml @@ -0,0 +1,4 @@ +--- +bind_zones: [] +bind_zonefile_base_url: '' +bind_install_zonefiles: false diff --git a/roles/bind/files/named.conf.options b/roles/bind/files/named.conf.options new file mode 100644 index 0000000..0100317 --- /dev/null +++ b/roles/bind/files/named.conf.options @@ -0,0 +1,15 @@ +// vi: ft=named +options { + directory "/var/cache/bind"; + + dnssec-validation auto; + + // Disable recursion + allow-transfer {"none";}; + allow-recursion {"none";}; + recursion no; + + listen-on-v6 { any; }; + listen-on { any; }; +}; + diff --git a/roles/bind/handlers/main.yml b/roles/bind/handlers/main.yml new file mode 100644 index 0000000..bc5a421 --- /dev/null +++ b/roles/bind/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: Restart bind + systemd: + name: bind9.service + state: restarted + become: yes diff --git a/roles/bind/tasks/download_zonefile.yml b/roles/bind/tasks/download_zonefile.yml new file mode 100644 index 0000000..9e89507 --- /dev/null +++ b/roles/bind/tasks/download_zonefile.yml @@ -0,0 +1,15 @@ +--- +- name: Download zonefile + uri: + url: '{{ bind_zonefile_base_url }}/{{ item }}' + return_content: yes + delegate_to: localhost + register: zonefile + +- name: Install zonefile + copy: + dest: '/etc/bind/zonefiles/{{ item }}' + content: '{{ zonefile.content }}' + become: yes + notify: Restart bind + diff --git a/roles/bind/tasks/main.yml b/roles/bind/tasks/main.yml new file mode 100644 index 0000000..603e142 --- /dev/null +++ b/roles/bind/tasks/main.yml @@ -0,0 +1,33 @@ +--- +- name: Install BIND9 + ansible.builtin.apt: + name: + - bind9 + - bind9utils + - bind9-doc + become: yes + +- name: Copy configuration + copy: + src: named.conf.options + dest: /etc/bind/named.conf.options + become: yes + notify: Restart bind + +- name: Install zone config + template: + src: named.conf.local.j2 + dest: /etc/bind/named.conf.local + become: yes + notify: Restart bind + +- name: Create folder + file: + state: directory + path: /etc/bind/zonefiles + become: yes + +- name: Download and install Zonefiles + include_tasks: download_zonefile.yml + when: bind_install_zonefiles + loop: '{{ bind_zones }}' diff --git a/roles/bind/templates/named.conf.local.j2 b/roles/bind/templates/named.conf.local.j2 new file mode 100644 index 0000000..94428f1 --- /dev/null +++ b/roles/bind/templates/named.conf.local.j2 @@ -0,0 +1,10 @@ +// vi: ft=named +// This file is managed by Ansible. Do not change. + +{% for zone in bind_zones %} +zone "{{ zone }}" { + type master; + file "/etc/bind/zonefiles/{{ zone }}"; +}; + +{% endfor %} |