diff --git a/files/redxen-dns.conf b/files/redxen-dns.conf deleted file mode 100644 index 4b56f4e..0000000 --- a/files/redxen-dns.conf +++ /dev/null @@ -1,62 +0,0 @@ -server: - local-zone: "redxen.eu." static - local-data: "redxen.eu. 10800 IN NS ns0.redxen.eu" - local-data: "redxen.eu. 10800 IN NS ns1.redxen.eu" - local-data: "redxen.eu. 10800 IN NS ns2.redxen.eu" - local-data: "redxen.eu. 10800 IN NS ns3.redxen.eu" - local-data: "redxen.eu. 10800 IN NS ns4.redxen.eu" - - local-data: "_amazonses.redxen.eu. 86400 IN TXT PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50=" - local-data: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.redxen.eu. 86400 IN CNAME 6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com" - local-data: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.redxen.eu. 86400 IN CNAME jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" - local-data: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.redxen.eu. 86400 IN CNAME edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" - - local-data: "redxen.eu 86400 IN TXT brave-ledger-verification=1f77ffecf7da410af2f4eeb5953ae13c5ee9ddfdfed5cae63458e63003b97444" - - local-data: "_mumble._tcp.redxen.eu. 86400 IN SRV 0 5 2250 redxen.eu." - local-data: "_minecraft._tcp.redxen.eu. 86400 IN SRV 0 5 25565 redxen.eu." - - local-data: "redxen.eu. 86400 IN A 88.198.95.52" - local-data: "stats.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "git.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "seed.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "sd.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "social.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "ns0.redxen.eu. 86400 IN A 88.198.95.52" - local-data: "nbg0.redxen.eu. 86400 IN A 88.198.95.52" - - local-data: "redxen.eu. 86400 IN A 88.198.95.107" - local-data: "stats.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "git.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "seed.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "sd.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "social.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "ns1.redxen.eu. 86400 IN A 88.198.95.107" - local-data: "nbg1.redxen.eu. 86400 IN A 88.198.95.107" - - local-data: "redxen.eu. 86400 IN A 88.198.95.106" - local-data: "stats.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "git.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "seed.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "sd.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "social.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "ns2.redxen.eu. 86400 IN A 88.198.95.106" - local-data: "nbg2.redxen.eu. 86400 IN A 88.198.95.106" - - local-data: "redxen.eu. 86400 IN A 88.198.95.100" - local-data: "stats.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "git.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "seed.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "sd.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "social.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "ns3.redxen.eu. 86400 IN A 88.198.95.100" - local-data: "nbg3.redxen.eu. 86400 IN A 88.198.95.100" - - local-data: "redxen.eu. 86400 IN A 88.198.95.63" - local-data: "stats.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "git.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "seed.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "sd.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "social.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "ns4.redxen.eu. 86400 IN A 88.198.95.63" - local-data: "nbg4.redxen.eu. 86400 IN A 88.198.95.63" diff --git a/tasks/main.yml b/tasks/main.yml index 12dc590..b9af216 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,6 +5,9 @@ dest: /etc/unbound/ notify: - Reload unbound + tags: + - update + - unbound - name: Install Unbound apt: install_recommends: no @@ -12,7 +15,9 @@ state: present cache_valid_time: 3600 notify: Disable systemd-resolved - when: unbound|bool == true + tags: + - setup + - packages - name: Allow Unbound TCP through iptables loop: - ipv4 @@ -29,6 +34,9 @@ protocol: tcp notify: - Save netfilter rules + tags: + - update + - firewall - name: Allow Unbound UDP through iptables loop: - ipv4 @@ -45,3 +53,6 @@ protocol: udp notify: - Save netfilter rules + tags: + - update + - firewall diff --git a/templates/redxen-dns.conf.j2 b/templates/redxen-dns.conf.j2 new file mode 100644 index 0000000..cdb8964 --- /dev/null +++ b/templates/redxen-dns.conf.j2 @@ -0,0 +1,62 @@ +server: + local-zone: "redxen.eu." static + local-data: "redxen.eu. 10800 IN NS ns0.redxen.eu" + local-data: "redxen.eu. 10800 IN NS ns1.redxen.eu" + local-data: "redxen.eu. 10800 IN NS ns2.redxen.eu" + local-data: "redxen.eu. 10800 IN NS ns3.redxen.eu" + local-data: "redxen.eu. 10800 IN NS ns4.redxen.eu" + + local-data: "_amazonses.redxen.eu. 86400 IN TXT PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50=" + local-data: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.redxen.eu. 86400 IN CNAME 6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com" + local-data: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.redxen.eu. 86400 IN CNAME jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" + local-data: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.redxen.eu. 86400 IN CNAME edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" + + local-data: "redxen.eu 86400 IN TXT brave-ledger-verification=1f77ffecf7da410af2f4eeb5953ae13c5ee9ddfdfed5cae63458e63003b97444" + + local-data: "_mumble._tcp.redxen.eu. 86400 IN SRV 0 5 2250 redxen.eu." + local-data: "_minecraft._tcp.redxen.eu. 86400 IN SRV 0 5 25565 redxen.eu." + + local-data: "redxen.eu. 86400 IN A {{ ips.n0 }}" + local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n0 }}" + local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n0 }}" + local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n0 }}" + local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n0 }}" + local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n0 }}" + local-data: "ns0.redxen.eu. 86400 IN A {{ ips.n0 }}" + local-data: "nbg0.redxen.eu. 86400 IN A {{ ips.n0 }}" + + local-data: "redxen.eu. 86400 IN A {{ ips.n1 }}" + local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n1 }}" + local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n1 }}" + local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n1 }}" + local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n1 }}" + local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n1 }}" + local-data: "ns1.redxen.eu. 86400 IN A {{ ips.n1 }}" + local-data: "nbg1.redxen.eu. 86400 IN A {{ ips.n1 }}" + + local-data: "redxen.eu. 86400 IN A {{ ips.n2 }}" + local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n2 }}" + local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n2 }}" + local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n2 }}" + local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n2 }}" + local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n2 }}" + local-data: "ns2.redxen.eu. 86400 IN A {{ ips.n2 }}" + local-data: "nbg2.redxen.eu. 86400 IN A {{ ips.n2 }}" + + local-data: "redxen.eu. 86400 IN A {{ ips.n3 }}" + local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n3 }}" + local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n3 }}" + local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n3 }}" + local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n3 }}" + local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n3 }}" + local-data: "ns3.redxen.eu. 86400 IN A {{ ips.n3 }}" + local-data: "nbg3.redxen.eu. 86400 IN A {{ ips.n3 }}" + + local-data: "redxen.eu. 86400 IN A {{ ips.n4 }}" + local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n4 }}" + local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n4 }}" + local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n4 }}" + local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n4 }}" + local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n4 }}" + local-data: "ns4.redxen.eu. 86400 IN A {{ ips.n4 }}" + local-data: "nbg4.redxen.eu. 86400 IN A {{ ips.n4 }}" diff --git a/vars/domains.yml b/vars/domains.yml new file mode 120000 index 0000000..ee159ce --- /dev/null +++ b/vars/domains.yml @@ -0,0 +1 @@ +../../web/vars/domains.yml \ No newline at end of file diff --git a/vars/ips.yml b/vars/ips.yml new file mode 100644 index 0000000..7a844c7 --- /dev/null +++ b/vars/ips.yml @@ -0,0 +1,6 @@ +ips: + n0: "" + n1: "" + n2: "" + n3: "" + n4: ""