From 37bfd275514619987fe6b0d80868b40a086e1a57 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Thu, 25 Mar 2021 17:40:49 +0000 Subject: [PATCH] Add unbound for print hosts --- group_vars/print.yml | 2 ++ host_vars/print01.home.foo.sh.yml | 2 ++ playbooks/print.yml | 15 +++++++++++++++ 3 files changed, 19 insertions(+) diff --git a/group_vars/print.yml b/group_vars/print.yml index 8dd600a..662bb4a 100644 --- a/group_vars/print.yml +++ b/group_vars/print.yml @@ -9,6 +9,8 @@ network_vip_interfaces: firewall_in: - {proto: tcp, port: 22, from: [172.20.20.0/22]} + - {proto: tcp, port: 53, from: [172.20.24.0/24]} + - {proto: udp, port: 53, from: [172.20.24.0/24]} - {proto: tcp, port: 443, from: [172.20.20.0/22]} firewall_raw: - "-A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT" diff --git a/host_vars/print01.home.foo.sh.yml b/host_vars/print01.home.foo.sh.yml index dd54eda..308af90 100644 --- a/host_vars/print01.home.foo.sh.yml +++ b/host_vars/print01.home.foo.sh.yml @@ -4,10 +4,12 @@ network_interfaces: - device: eth0 vlan: 20 mac: "52:54:00:ac:dc:1b" + nameservers: [] - device: eth1 vlan: 24 ipaddr: 172.20.24.2 netmask: 255.255.255.0 proto: static + nameservers: [172.20.24.1,172.20.24.2] vip24_priority: 128 diff --git a/playbooks/print.yml b/playbooks/print.yml index a26f0a1..66ba11b 100644 --- a/playbooks/print.yml +++ b/playbooks/print.yml @@ -18,3 +18,18 @@ principals: - "HTTP/print.foo.sh@{{ kerberos_realm }}" - cups/server + + tasks: + - name: copy dns zone files + copy: + dest: "/var/lib/unbound/{{ item }}" + src: "/srv/dns/{{ item }}" + mode: 0644 + owner: root + group: "{{ ansible_wheel }}" + notify: restart unbound + with_items: + - 24.20.172.in-addr.arpa + - print.foo.sh + - import_role: + name: unbound