ansible/roles/dns/tasks/main.yml

54 lines
1.3 KiB
YAML
Raw Normal View History

2017-03-26 22:46:35 +02:00
---
2020-11-05 18:53:33 +01:00
- name: Enable powerdns apt-key
apt_key: url='https://repo.powerdns.com/FD380FBB-pub.asc'
- name: Enable powerdns repository
apt_repository: repo='deb http://repo.powerdns.com/debian buster-dnsdist-15 main'
2017-03-26 22:46:35 +02:00
- name: Install powerdns
2020-10-08 22:31:20 +02:00
apt:
name:
2020-11-04 23:16:27 +01:00
- dnsdist
2020-10-08 22:31:20 +02:00
- pdns-backend-bind
- pdns-recursor
- pdns-server
2018-01-18 12:47:56 +01:00
- name: Ensure certificates are available
command:
cmd: >
openssl req -x509 -nodes -newkey rsa:2048
-keyout /etc/dnsdist/{{ ansible_fqdn }}.key
-out /etc/dnsdist/{{ ansible_fqdn }}.crt
-days 730 -subj "/CN={{ ansible_fqdn }}"
creates: /etc/dnsdist/{{ ansible_fqdn }}.crt
notify: Restart dnsdist
- name: Configure certificate manager
template: src=certs.j2 dest=/etc/acertmgr/{{ ansible_fqdn }}_dns.conf
notify: Run acertmgr
2018-01-18 12:47:56 +01:00
- name: Create zone directory
file: path=/etc/powerdns/bind/ state=directory
2017-03-26 22:46:35 +02:00
- name: Configure powerdns
2017-04-05 22:02:56 +02:00
template: src={{ item }}.j2 dest=/etc/powerdns/{{ item }}
2017-03-26 22:46:35 +02:00
notify: Restart powerdns
with_items:
2018-07-26 10:57:58 +02:00
- bind/ffrgb.zone
- bind/90.10.in-addr.arpa.zone
- bindbackend.conf
- pdns.conf
- recursor.conf
2017-03-26 22:46:35 +02:00
2020-11-04 23:16:27 +01:00
- name: Configure dnsdist
template: src=dnsdist.conf.j2 dest=/etc/dnsdist/dnsdist.conf
notify: Restart dnsdist
- name: Start the dns services
2017-04-05 22:02:56 +02:00
service: name={{ item }} state=started enabled=yes
2017-03-26 22:46:35 +02:00
with_items:
2020-11-04 23:16:27 +01:00
- dnsdist
2018-07-26 10:57:58 +02:00
- pdns
- pdns-recursor