90 lines
5.0 KiB
YAML
90 lines
5.0 KiB
YAML
---
|
|
- hosts: dns
|
|
vars:
|
|
#file:
|
|
# - { path: "/etc/nsd/zones", owner: "nsd", group: "nsd", mode: "765", state: directory }
|
|
# - { path: "/etc/nsd", owner: "nsd", group: "nsd", mode: "665", state: directory }
|
|
firewall:
|
|
- { port: 53, ipv: "v4", proto: "tcp" }
|
|
- { port: 53, ipv: "v4", proto: "udp" }
|
|
- { port: 53, ipv: "v6", proto: "tcp" }
|
|
- { port: 53, ipv: "v6", proto: "udp" }
|
|
systemd:
|
|
services:
|
|
- { name: "systemd-resolved", action: stopped }
|
|
- { name: "unbound", enabled: true, action: restarted }
|
|
# - { name: "nsd", enabled: true, action: restarted }
|
|
apt:
|
|
packages:
|
|
- { package: "unbound", state: present }
|
|
# - { package: "nsd", state: present }
|
|
# nsd:
|
|
# listen:
|
|
# addr: "127.0.0.1"
|
|
# port: 5353
|
|
# zones:
|
|
# - name: "redxen.eu"
|
|
# zonefile: "redxen.eu.zone"
|
|
unbound:
|
|
port: 53
|
|
listen:
|
|
ipv4: "0.0.0.0"
|
|
ipv6: "::0"
|
|
forward: # NOTE: Specify in the specific order as you want them to be used
|
|
- { host: "dns.quad9.net", port: 853, ipa: "2620:fe::fe" }
|
|
- { host: "dns.quad9.net", port: 853, ipa: "9.9.9.9" }
|
|
- { host: "cloudflare-dns.com", port: 853, ipa: "2606:4700:4700::1111" }
|
|
- { host: "cloudflare-dns.com", port: 853, ipa: "1.1.1.1" }
|
|
internal:
|
|
local:
|
|
SRV:
|
|
- { service: "gitea", port: "{{ global.dev.gitea.port.http }}", group: "dev" }
|
|
- { service: "seedown", port: "{{ global.seedbox.darkhttpd.port }}", group: "seedbox" }
|
|
- { service: "transmission", port: "{{ global.seedbox.transmission.port }}", group: "seedbox" }
|
|
- { service: "grafana", port: "{{ global.monitoring.grafana.port }}", group: "monitoring" }
|
|
A: # Wish these would support SRV, would ease a lot of configuration management
|
|
- { service: "postgres", group: "backend" }
|
|
- { service: "redis", group: "backend" }
|
|
- { service: "influxdb", group: "backend" }
|
|
remote:
|
|
- { service: "homepage", port: "80", domain: "rxhome.s3-website.eu-central-1.amazonaws.com." }
|
|
public:
|
|
SRV:
|
|
- { service: "mumble", proto: "tcp", host: "n0.redxen.eu", port: 64738 }
|
|
- { service: "minecraft", proto: "tcp", host: "redxen.eu", port: 25565 }
|
|
TXT:
|
|
- { name: "_amazonses.", content: "PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50="}
|
|
- { name: "", content: "brave-ledger-verification=1f77ffecf7da410af2f4eeb5953ae13c5ee9ddfdfed5cae63458e63003b97444" }
|
|
CNAME:
|
|
- { name: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.", pointer: "6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com" }
|
|
- { name: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.", pointer: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" }
|
|
- { name: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.", pointer: "edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" }
|
|
A:
|
|
- { name: "", addr: "88.198.95.52" }
|
|
- { name: "nbg0.", addr: "88.198.95.52" }
|
|
|
|
- { name: "", addr: "88.198.95.107" }
|
|
- { name: "nbg1.", addr: "88.198.95.107" }
|
|
|
|
- { name: "", addr: "88.198.95.106" }
|
|
- { name: "nbg2.", addr: "88.198.95.106" }
|
|
|
|
- { name: "", addr: "88.198.95.100" }
|
|
- { name: "nbg3.", addr: "88.198.95.100" }
|
|
|
|
- { name: "", addr: "88.198.95.63" }
|
|
- { name: "nbg4.", addr: "88.198.95.63" }
|
|
group:
|
|
A:
|
|
- { domain: "stats", group: "frontend" }
|
|
- { domain: "git", group: "frontend" }
|
|
- { domain: "seed", group: "frontend" }
|
|
- { domain: "sd", group: "frontend" }
|
|
roles:
|
|
- file
|
|
- apt
|
|
#- nsd
|
|
- unbound
|
|
- systemd
|
|
- firewall
|