forked from FF-RGB/ansible
dns_auth: new role
also apply role to ns1.regensburg.freifunk.net
This commit is contained in:
parent
dd93bd6b11
commit
2070c32a26
1
hosts
1
hosts
@ -2,6 +2,7 @@
|
|||||||
gw11.regensburg.freifunk.net
|
gw11.regensburg.freifunk.net
|
||||||
gw21.regensburg.freifunk.net
|
gw21.regensburg.freifunk.net
|
||||||
gw31.regensburg.freifunk.net
|
gw31.regensburg.freifunk.net
|
||||||
|
ns1.regensburg.freifunk.net
|
||||||
web.regensburg.freifunk.net
|
web.regensburg.freifunk.net
|
||||||
stats.ffrgb ansible_host=10.90.224.100
|
stats.ffrgb ansible_host=10.90.224.100
|
||||||
unms.ffrgb ansible_host=10.90.224.101
|
unms.ffrgb ansible_host=10.90.224.101
|
||||||
|
4
roles/dns_auth/handlers/main.yml
Normal file
4
roles/dns_auth/handlers/main.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Restart powerdns
|
||||||
|
service: name=pdns state=restarted
|
28
roles/dns_auth/tasks/main.yml
Normal file
28
roles/dns_auth/tasks/main.yml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Enable powerdns apt-key
|
||||||
|
apt_key: url='https://repo.powerdns.com/FD380FBB-pub.asc'
|
||||||
|
|
||||||
|
- name: Enable powerdns repository
|
||||||
|
apt_repository: repo='deb http://repo.powerdns.com/debian buster-auth-43 main'
|
||||||
|
|
||||||
|
- name: Install powerdns
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- pdns-server
|
||||||
|
- pdns-backend-sqlite3
|
||||||
|
- sqlite3
|
||||||
|
|
||||||
|
- name: Configure powerdns
|
||||||
|
template: src=pdns.conf.j2 dest=/etc/powerdns/pdns.conf
|
||||||
|
notify: Restart powerdns
|
||||||
|
|
||||||
|
- name: Initialize database
|
||||||
|
command:
|
||||||
|
cmd: >
|
||||||
|
sqlite3 -init /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql
|
||||||
|
/var/lib/powerdns/powerdns.sqlite3
|
||||||
|
creates: /var/lib/powerdns/powerdns.sqlite3
|
||||||
|
|
||||||
|
- name: Start the powerdns services
|
||||||
|
service: name=pdns state=started enabled=yes
|
31
roles/dns_auth/templates/pdns.conf.j2
Normal file
31
roles/dns_auth/templates/pdns.conf.j2
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
#################################
|
||||||
|
# allow-axfr-ips Allow zonetransfers only to these subnets
|
||||||
|
#
|
||||||
|
# allow-axfr-ips=127.0.0.0/8,::1
|
||||||
|
allow-axfr-ips=127.0.0.1,::1
|
||||||
|
|
||||||
|
#################################
|
||||||
|
# dname-processing If we should support DNAME records
|
||||||
|
#
|
||||||
|
# dname-processing=no
|
||||||
|
dname-processing=yes
|
||||||
|
|
||||||
|
#################################
|
||||||
|
# launch Which backends to launch and order to query them in
|
||||||
|
#
|
||||||
|
# launch=
|
||||||
|
launch=gsqlite3
|
||||||
|
|
||||||
|
gsqlite3-database=/var/lib/powerdns/powerdns.sqlite3
|
||||||
|
|
||||||
|
#################################
|
||||||
|
# master Act as a master
|
||||||
|
#
|
||||||
|
# master=no
|
||||||
|
master=yes
|
||||||
|
|
||||||
|
#################################
|
||||||
|
# only-notify Only send AXFR NOTIFY to these IP addresses or netmasks
|
||||||
|
#
|
||||||
|
# only-notify=0.0.0.0/0,::/0
|
||||||
|
only-notify=
|
5
site.yml
5
site.yml
@ -26,6 +26,11 @@
|
|||||||
- yanic
|
- yanic
|
||||||
- web_gw
|
- web_gw
|
||||||
|
|
||||||
|
- name: Setup name servers
|
||||||
|
hosts: ns1.regensburg.freifunk.net
|
||||||
|
roles:
|
||||||
|
- dns_auth
|
||||||
|
|
||||||
- name: Setup web service proxy
|
- name: Setup web service proxy
|
||||||
hosts: web.regensburg.freifunk.net
|
hosts: web.regensburg.freifunk.net
|
||||||
roles:
|
roles:
|
||||||
|
Loading…
Reference in New Issue
Block a user