Add tags, use templating for public dns and add (now empty) ip list

This commit is contained in:
Alex 2020-04-10 16:09:26 +02:00
parent dec156e069
commit 1514c3f63f
Signed by: caskd
GPG Key ID: F92BA85F61F4C173
5 changed files with 81 additions and 63 deletions

View File

@ -1,62 +0,0 @@
server:
local-zone: "redxen.eu." static
local-data: "redxen.eu. 10800 IN NS ns0.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns1.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns2.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns3.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns4.redxen.eu"
local-data: "_amazonses.redxen.eu. 86400 IN TXT PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50="
local-data: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.redxen.eu. 86400 IN CNAME 6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com"
local-data: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.redxen.eu. 86400 IN CNAME jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com"
local-data: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.redxen.eu. 86400 IN CNAME edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com"
local-data: "redxen.eu 86400 IN TXT brave-ledger-verification=1f77ffecf7da410af2f4eeb5953ae13c5ee9ddfdfed5cae63458e63003b97444"
local-data: "_mumble._tcp.redxen.eu. 86400 IN SRV 0 5 2250 redxen.eu."
local-data: "_minecraft._tcp.redxen.eu. 86400 IN SRV 0 5 25565 redxen.eu."
local-data: "redxen.eu. 86400 IN A 88.198.95.52"
local-data: "stats.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "git.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "seed.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "sd.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "social.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "ns0.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "nbg0.redxen.eu. 86400 IN A 88.198.95.52"
local-data: "redxen.eu. 86400 IN A 88.198.95.107"
local-data: "stats.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "git.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "seed.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "sd.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "social.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "ns1.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "nbg1.redxen.eu. 86400 IN A 88.198.95.107"
local-data: "redxen.eu. 86400 IN A 88.198.95.106"
local-data: "stats.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "git.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "seed.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "sd.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "social.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "ns2.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "nbg2.redxen.eu. 86400 IN A 88.198.95.106"
local-data: "redxen.eu. 86400 IN A 88.198.95.100"
local-data: "stats.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "git.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "seed.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "sd.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "social.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "ns3.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "nbg3.redxen.eu. 86400 IN A 88.198.95.100"
local-data: "redxen.eu. 86400 IN A 88.198.95.63"
local-data: "stats.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "git.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "seed.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "sd.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "social.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "ns4.redxen.eu. 86400 IN A 88.198.95.63"
local-data: "nbg4.redxen.eu. 86400 IN A 88.198.95.63"

View File

@ -5,6 +5,9 @@
dest: /etc/unbound/ dest: /etc/unbound/
notify: notify:
- Reload unbound - Reload unbound
tags:
- update
- unbound
- name: Install Unbound - name: Install Unbound
apt: apt:
install_recommends: no install_recommends: no
@ -12,7 +15,9 @@
state: present state: present
cache_valid_time: 3600 cache_valid_time: 3600
notify: Disable systemd-resolved notify: Disable systemd-resolved
when: unbound|bool == true tags:
- setup
- packages
- name: Allow Unbound TCP through iptables - name: Allow Unbound TCP through iptables
loop: loop:
- ipv4 - ipv4
@ -29,6 +34,9 @@
protocol: tcp protocol: tcp
notify: notify:
- Save netfilter rules - Save netfilter rules
tags:
- update
- firewall
- name: Allow Unbound UDP through iptables - name: Allow Unbound UDP through iptables
loop: loop:
- ipv4 - ipv4
@ -45,3 +53,6 @@
protocol: udp protocol: udp
notify: notify:
- Save netfilter rules - Save netfilter rules
tags:
- update
- firewall

View File

@ -0,0 +1,62 @@
server:
local-zone: "redxen.eu." static
local-data: "redxen.eu. 10800 IN NS ns0.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns1.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns2.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns3.redxen.eu"
local-data: "redxen.eu. 10800 IN NS ns4.redxen.eu"
local-data: "_amazonses.redxen.eu. 86400 IN TXT PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50="
local-data: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.redxen.eu. 86400 IN CNAME 6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com"
local-data: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.redxen.eu. 86400 IN CNAME jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com"
local-data: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.redxen.eu. 86400 IN CNAME edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com"
local-data: "redxen.eu 86400 IN TXT brave-ledger-verification=1f77ffecf7da410af2f4eeb5953ae13c5ee9ddfdfed5cae63458e63003b97444"
local-data: "_mumble._tcp.redxen.eu. 86400 IN SRV 0 5 2250 redxen.eu."
local-data: "_minecraft._tcp.redxen.eu. 86400 IN SRV 0 5 25565 redxen.eu."
local-data: "redxen.eu. 86400 IN A {{ ips.n0 }}"
local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n0 }}"
local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n0 }}"
local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n0 }}"
local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n0 }}"
local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n0 }}"
local-data: "ns0.redxen.eu. 86400 IN A {{ ips.n0 }}"
local-data: "nbg0.redxen.eu. 86400 IN A {{ ips.n0 }}"
local-data: "redxen.eu. 86400 IN A {{ ips.n1 }}"
local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n1 }}"
local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n1 }}"
local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n1 }}"
local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n1 }}"
local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n1 }}"
local-data: "ns1.redxen.eu. 86400 IN A {{ ips.n1 }}"
local-data: "nbg1.redxen.eu. 86400 IN A {{ ips.n1 }}"
local-data: "redxen.eu. 86400 IN A {{ ips.n2 }}"
local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n2 }}"
local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n2 }}"
local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n2 }}"
local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n2 }}"
local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n2 }}"
local-data: "ns2.redxen.eu. 86400 IN A {{ ips.n2 }}"
local-data: "nbg2.redxen.eu. 86400 IN A {{ ips.n2 }}"
local-data: "redxen.eu. 86400 IN A {{ ips.n3 }}"
local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n3 }}"
local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n3 }}"
local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n3 }}"
local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n3 }}"
local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n3 }}"
local-data: "ns3.redxen.eu. 86400 IN A {{ ips.n3 }}"
local-data: "nbg3.redxen.eu. 86400 IN A {{ ips.n3 }}"
local-data: "redxen.eu. 86400 IN A {{ ips.n4 }}"
local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n4 }}"
local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n4 }}"
local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n4 }}"
local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n4 }}"
local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n4 }}"
local-data: "ns4.redxen.eu. 86400 IN A {{ ips.n4 }}"
local-data: "nbg4.redxen.eu. 86400 IN A {{ ips.n4 }}"

1
vars/domains.yml Symbolic link
View File

@ -0,0 +1 @@
../../web/vars/domains.yml

6
vars/ips.yml Normal file
View File

@ -0,0 +1,6 @@
ips:
n0: ""
n1: ""
n2: ""
n3: ""
n4: ""