foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

unbound: Add support for copying zone files

Browse source
This commit is contained in:
Timo Makinen 2024-05-09 18:23:21 +00:00
parent 2329b5d5e6
commit 3b2c2a453e
11 changed files with 28 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
group_vars/dnagw.yml
View file

@ -16,6 +16,10 @@ network_ether_interfaces:
- device: vio1
proto: none
unbound_zones:
- 20.172.in-addr.arpa
- home.foo.sh
# use custom firewall config
firewall_src: pf.conf.gw_home

4
group_vars/frigate.yml
View file

@ -11,7 +11,9 @@ network_vip_interfaces:
netmask: 255.255.0.0
pass: "{{ vip26_pass }}"
zm_mysql_host: sqldb02.home.foo.sh
unbound_zones:
- 26.20.172.in-addr.arpa
- cam.foo.sh
dhcpd_template: dhcpd.conf.cam.j2
firewall_in:

4
group_vars/nms.yml
View file

@ -2,6 +2,10 @@
datadisks:
- {size: 10, type: nvme}
unbound_zones:
- 25.20.172.in-addr.arpa
- oob.foo.sh
network_vip_interfaces:
- device: eth0
vhid: 11

4
group_vars/print.yml
View file

@ -9,6 +9,10 @@ network_vip_interfaces:
dhcpd_template: dhcpd.conf.print.j2
unbound_zones:
- 24.20.172.in-addr.arpa
- print.foo.sh
firewall_in:
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
- {proto: tcp, port: 53, from: [172.20.24.0/24]}

13
playbooks/dna-gw.yml
View file

@ -144,19 +144,6 @@
tags: certificates
notify: Restart unbound
- name: Copy DNS zone files
ansible.builtin.copy:
dest: "/var/unbound/db/{{ item }}"
src: "/srv/dns/{{ item }}"
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
tags: dns
notify: Restart unbound
with_items:
- 20.172.in-addr.arpa
- home.foo.sh
- name: Import unbound role
ansible.builtin.import_role:
name: unbound

13
playbooks/frigate.yml
View file

@ -35,19 +35,6 @@
- name: Run handlers to get interfaces configured
ansible.builtin.meta: flush_handlers
- name: Copy DNS zone files
ansible.builtin.copy:
dest: "/var/lib/unbound/{{ item }}"
src: "/srv/dns/{{ item }}"
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
tags: dns
notify: Restart unbound
with_items:
- 26.20.172.in-addr.arpa
- cam.foo.sh
- name: Include unbound role
ansible.builtin.import_role:
name: unbound

13
playbooks/nms.yml
View file

@ -46,19 +46,6 @@
vars:
relay_domains: [foo.sh]
- name: Copy DNS zone files
ansible.builtin.copy:
dest: "/var/lib/unbound/{{ item }}"
src: "/srv/dns/{{ item }}"
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
tags: dns
notify: Restart unbound
with_items:
- 25.20.172.in-addr.arpa
- oob.foo.sh
- name: Import unbound role
ansible.builtin.import_role:
name: unbound

13
playbooks/print.yml
View file

@ -25,19 +25,6 @@
ansible.builtin.import_role:
name: dhcpd
- name: Copy DNS zone files
ansible.builtin.copy:
dest: "/var/lib/unbound/{{ item }}"
src: "/srv/dns/{{ item }}"
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
tags: dns
notify: Restart unbound
with_items:
- 24.20.172.in-addr.arpa
- print.foo.sh
- name: Install unbound role
ansible.builtin.import_role:
name: unbound

11
roles/unbound/tasks/main.yml
View file

@ -15,6 +15,17 @@
creates: "{{ unbound_control_key }}"
notify: Restart unbound
- name: Copy zone files
ansible.builtin.copy:
dest: "{{ unbound_zonedir }}/{{ item }}"
src: "/srv/dns/{{ item }}"
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
with_items: "{{ unbound_zones }}"
notify: Restart unbound
when: unbound_zones is defined
- name: Copy config
ansible.builtin.template:
dest: "{{ unbound_conf }}"

1
roles/unbound/vars/OpenBSD.yml
View file

@ -1,3 +1,4 @@
---
unbound_conf: /var/unbound/etc/unbound.conf
unbound_control_key: /var/unbound/etc/unbound_control.key
unbound_zonedir: /var/unbound/db

1
roles/unbound/vars/RedHat.yml
View file

@ -1,3 +1,4 @@
---
unbound_conf: /etc/unbound/unbound.conf
unbound_control_key: /etc/unbound/unbound_control.key
unbound_zonedir: /var/lib/unbound