Add unbound for print hosts
This commit is contained in:
parent
32bcba70cb
commit
37bfd27551
3 changed files with 19 additions and 0 deletions
|
|
@ -9,6 +9,8 @@ network_vip_interfaces:
|
||||||
|
|
||||||
firewall_in:
|
firewall_in:
|
||||||
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
||||||
|
- {proto: tcp, port: 53, from: [172.20.24.0/24]}
|
||||||
|
- {proto: udp, port: 53, from: [172.20.24.0/24]}
|
||||||
- {proto: tcp, port: 443, from: [172.20.20.0/22]}
|
- {proto: tcp, port: 443, from: [172.20.20.0/22]}
|
||||||
firewall_raw:
|
firewall_raw:
|
||||||
- "-A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT"
|
- "-A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT"
|
||||||
|
|
|
||||||
|
|
@ -4,10 +4,12 @@ network_interfaces:
|
||||||
- device: eth0
|
- device: eth0
|
||||||
vlan: 20
|
vlan: 20
|
||||||
mac: "52:54:00:ac:dc:1b"
|
mac: "52:54:00:ac:dc:1b"
|
||||||
|
nameservers: []
|
||||||
- device: eth1
|
- device: eth1
|
||||||
vlan: 24
|
vlan: 24
|
||||||
ipaddr: 172.20.24.2
|
ipaddr: 172.20.24.2
|
||||||
netmask: 255.255.255.0
|
netmask: 255.255.255.0
|
||||||
proto: static
|
proto: static
|
||||||
|
nameservers: [172.20.24.1,172.20.24.2]
|
||||||
|
|
||||||
vip24_priority: 128
|
vip24_priority: 128
|
||||||
|
|
|
||||||
|
|
@ -18,3 +18,18 @@
|
||||||
principals:
|
principals:
|
||||||
- "HTTP/print.foo.sh@{{ kerberos_realm }}"
|
- "HTTP/print.foo.sh@{{ kerberos_realm }}"
|
||||||
- cups/server
|
- cups/server
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: copy dns zone files
|
||||||
|
copy:
|
||||||
|
dest: "/var/lib/unbound/{{ item }}"
|
||||||
|
src: "/srv/dns/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
|
owner: root
|
||||||
|
group: "{{ ansible_wheel }}"
|
||||||
|
notify: restart unbound
|
||||||
|
with_items:
|
||||||
|
- 24.20.172.in-addr.arpa
|
||||||
|
- print.foo.sh
|
||||||
|
- import_role:
|
||||||
|
name: unbound
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue