diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2019-01-05 23:05:23 +0100 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2019-01-05 23:05:23 +0100 |
| commit | 3572c448f189d451dab80933fc4f78980999acd6 (patch) | |
| tree | 131b545289379660af5b6caf1cf8951c823188fe /ansible/roles | |
| parent | ad9943e6b9a597e8efc3a9a5807600d21d9c717e (diff) | |
| download | infra-3572c448f189d451dab80933fc4f78980999acd6.tar.gz infra-3572c448f189d451dab80933fc4f78980999acd6.tar.bz2 infra-3572c448f189d451dab80933fc4f78980999acd6.tar.xz infra-3572c448f189d451dab80933fc4f78980999acd6.zip | |
bind: wip.
Diffstat (limited to 'ansible/roles')
| -rw-r--r-- | ansible/roles/bind/defaults/main.yml | 1 | ||||
| -rw-r--r-- | ansible/roles/bind/tasks/main.yml | 80 |
2 files changed, 81 insertions, 0 deletions
diff --git a/ansible/roles/bind/defaults/main.yml b/ansible/roles/bind/defaults/main.yml new file mode 100644 index 0000000..84c58f9 --- /dev/null +++ b/ansible/roles/bind/defaults/main.yml @@ -0,0 +1 @@ +bind__ufw: yes diff --git a/ansible/roles/bind/tasks/main.yml b/ansible/roles/bind/tasks/main.yml new file mode 100644 index 0000000..710bb4f --- /dev/null +++ b/ansible/roles/bind/tasks/main.yml @@ -0,0 +1,80 @@ +- tags: + - bind + - bind_packages + become: yes + vars: + items: + - bind9 + - bind9utils + - dnsutils + apt: + install_recommends: no + name: "{{ items }}" + +- tags: + - bind + - bind_ufw + when: bind__ufw + become: yes + ufw: + name: Bind9 + rule: allow + +- tags: + - bind + - update-passwords + become: yes + copy: + dest: /etc/bind/rndc.key + content: | + key "rndc-key" { + algorithm hmac-md5; + secret "{{ bind__rndc_key }}"; + }; + +- tags: + - bind + - bind_files + local_action: + module: find + paths: "./files/{{ ansible_hostname }}/bind" + recurse: yes + register: all_files + +- tags: + - bind + - bind_files + become: yes + vars: + files: "{{ all_files.files|map(attribute='path') | map('regex_replace', '^files/' + ansible_hostname + '/bind/', '') | flatten | sort }}" + conf_files: "{{ files | map('regex_findall', '^named\\.conf\\..*') | flatten }}" + dirs: "{{ files | map('regex_replace', '[^/]*$', '') | flatten | unique }}" + block: + # - debug: var=all_files + - debug: var=files + - debug: var=dirs + - debug: var=conf_files + - with_items: "{{ dirs }}" + file: + path: "/etc/bind/{{ item }}" + state: directory + + - with_items: "{{ files }}" + copy: + dest: "/etc/bind/{{ item }}" + src: "{{ ansible_hostname + '/bind/' + item }}" + +# - name: Generate named.conf.ansible +# copy: +# dest: /etc/bind/named.conf.ansible +# content: | +# {% for f in zone_files.files %} +# zone "/etc/bind/{{ '/'.join(f.path.split('/')[3:]) }}"; +# {% endfor %} + + - name: Register named.conf.ansible + with_items: "{{ conf_files }}" + lineinfile: + path: /etc/bind/named.conf.local + line: "include \"/etc/bind/{{ item }}\";" + regexp: "{{ item }}" |