Enhancement: Structure
This commit is contained in:
parent
ea74e0b246
commit
2b6c1ed108
GPG key ID:
873D883BD359DEE2
5 changed files with 22 additions and 20 deletions
|
|
@ -1,9 +1,5 @@
|
||||||
- name: Configuration of ns zones
|
- name: Configuration of ns zones
|
||||||
hosts: primarydns
|
hosts: primarydns
|
||||||
vars:
|
|
||||||
zones:
|
|
||||||
- zome:
|
|
||||||
domain_name: trans13nrv.eu.org
|
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Use variables
|
- name: Use variables
|
||||||
|
|
@ -25,19 +21,19 @@
|
||||||
state: directory
|
state: directory
|
||||||
owner: "{{ root.user }}"
|
owner: "{{ root.user }}"
|
||||||
group: "{{ dns.group }}"
|
group: "{{ dns.group }}"
|
||||||
mode: "660"
|
mode: "775"
|
||||||
|
|
||||||
- name: Ensure required keys zone directory is present
|
- name: Ensure required keys zone directory is present
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ dns.paths.keys }}"
|
path: "{{ dns.paths.keys_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: "{{ dns.user }}"
|
owner: "{{ dns.user }}"
|
||||||
group: "{{ dns.group }}"
|
group: "{{ dns.group }}"
|
||||||
mode: "660"
|
mode: "770"
|
||||||
|
|
||||||
- name: Prymary Zones
|
- name: Prymary Zones
|
||||||
ansible.builtin.include_tasks: tasks/ns/primary-zone.yml
|
ansible.builtin.include_tasks: tasks/ns/primary-zone.yml
|
||||||
loop: "{{ zones }}"
|
with_list: "{{ dns.zones }}"
|
||||||
|
|
||||||
- name: Reload bind9 service
|
- name: Reload bind9 service
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
|
|
|
||||||
|
|
@ -1,25 +1,28 @@
|
||||||
---
|
---
|
||||||
- vars:
|
- name: "Setting facts for zone {{ item.zone.domain_name }}"
|
||||||
zone_config_file: "{{ dns.patch.etc }}/named.conf.{{ zone.domain_name }}"
|
ansible.builtin.set_fact:
|
||||||
zone_db_file: "{{ dns.patch.primary_zones }}/db.{{ zone.domain_name }}.zone"
|
zone_config_file: "{{ dns.paths.etc }}/named.conf.{{ item.zone.domain_name }}"
|
||||||
|
zone_db_file: "{{ dns.paths.primary_zones }}/db.{{ item.zone.domain_name }}.zone"
|
||||||
|
domain_name: "{{ item.zone.domain_name }}"
|
||||||
|
|
||||||
- name: Updating primary zone db file
|
- name: Updating primary zone db file
|
||||||
ansible.builtin.file:
|
ansible.builtin.copy:
|
||||||
src: "file/ns/zone/db.{{ zone.domain_name }}"
|
src: "tasks/ns/files/db.{{ domain_name }}.zone"
|
||||||
dest: "{{ zone_db_file }}"
|
dest: "{{ zone_db_file }}"
|
||||||
|
mode: "644"
|
||||||
|
|
||||||
- name: "Creating zone {{ domain_name }}"
|
- name: "Creating zone {{ domain_name }}"
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: templates/ns/zone/named.conf.primary-zone.j2
|
src: tasks/ns/templates/named.conf.primary-zone.j2
|
||||||
dest: "{{ zone_config_file }}"
|
dest: "{{ zone_config_file }}"
|
||||||
mode: "644"
|
mode: "644"
|
||||||
|
|
||||||
- name: "Including zone configuration to global configuration"
|
- name: "Including zone configuration to global configuration"
|
||||||
ansible.builtin.blockinfile:
|
ansible.builtin.blockinfile:
|
||||||
path: "{{ dns.path.etc }}/named.conf.local"
|
path: "{{ dns.paths.etc }}/named.conf.local"
|
||||||
state: present
|
state: present
|
||||||
marker: "// {mark} ANSIBLE MANAGED BLOCK FOR {{ domain_name }} ZONE"
|
marker: "// {mark} ANSIBLE MANAGED BLOCK FOR {{ domain_name }} ZONE"
|
||||||
block: |
|
block: |
|
||||||
"include \"{{ zone_config_file }}\"";
|
include "{{ zone_config_file }}";
|
||||||
marker_begin: BEGIN
|
marker_begin: BEGIN
|
||||||
marker_end: END
|
marker_end: END
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
acl "{{ domain_name }}-acl" {
|
acl "{{ domain_name }}-acl" {
|
||||||
{% if transfer_hosts %}
|
{% if transfer_hosts is defined and transfer_hosts|length %}
|
||||||
{% for ip in transfer_hosts %}
|
{% for ip in transfer_hosts %}
|
||||||
{{ ip }};
|
{{ ip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
@ -10,7 +10,7 @@ acl "{{ domain_name }}-acl" {
|
||||||
|
|
||||||
zone "{{ domain_name }}" IN {
|
zone "{{ domain_name }}" IN {
|
||||||
type master;
|
type master;
|
||||||
file "{{ dns.paths.primary_zones }}/db.{{ domain_name }}";
|
file "{{ dns.paths.primary_zones }}/db.{{ domain_name }}.zone";
|
||||||
#auto-dnssec maintain;
|
#auto-dnssec maintain;
|
||||||
inline-signing yes;
|
inline-signing yes;
|
||||||
dnssec-policy default;
|
dnssec-policy default;
|
||||||
|
|
@ -18,5 +18,5 @@ zone "{{ domain_name }}" IN {
|
||||||
allow-update { none; };
|
allow-update { none; };
|
||||||
allow-transfer { {{ domain_name }}-acl; };
|
allow-transfer { {{ domain_name }}-acl; };
|
||||||
notify yes;
|
notify yes;
|
||||||
key-directory "{{ dns.paths.keys }}";
|
key-directory "{{ dns.paths.keys_dir }}";
|
||||||
};
|
};
|
||||||
|
|
@ -2,8 +2,11 @@ dns:
|
||||||
paths:
|
paths:
|
||||||
etc: /etc/bind/
|
etc: /etc/bind/
|
||||||
primary_zones: /etc/bind/primary
|
primary_zones: /etc/bind/primary
|
||||||
keys: /etc/bind/primary/keys
|
keys_dir: /etc/bind/primary/keys
|
||||||
user: bind
|
user: bind
|
||||||
group: bind
|
group: bind
|
||||||
|
zones:
|
||||||
|
- zone:
|
||||||
|
domain_name: trans13nrv.eu.org
|
||||||
root:
|
root:
|
||||||
user: root
|
user: root
|
||||||
Loading…
Add table
Add a link
Reference in a new issue