Initial commit

2020-05-31 20:19:10 +02:00 · 2020-05-31 20:19:10 +02:00 · 317accedbc
commit 317accedbc
4 changed files with 81 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+vault/
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,22 @@
+- name: Copy configuration files
+  loop:
+        - { src: "nsd.conf", dest: "/etc/nsd/nsd.conf.d/main.conf" }
+  template:
+        follow: yes
+        src: '{{ item.src }}.j2'
+        dest: "{{ item.dest }}"
+        mode: 660
+        owner: "nsd"
+        group: "nsd"
+  notify: Run service actions
+  tags:
+        - nsd
+- name: Copy zones files
+  loop: "{{ nsd.zones }}"
+  template:
+        follow: yes
+        src: '{{ item.zonefile }}.j2'
+        dest: "/etc/nsd/zones/{{ item.zonefile }}"
+  notify: Run service actions
+  tags:
+        - nsd
--- a/templates/nsd.conf.j2
+++ b/templates/nsd.conf.j2
@ -0,0 +1,22 @@
+server:
+	ip-address: "{{ nsd.listen.addr }}"
+	port: {{ nsd.listen.port }}
+	server-count: 2
+	database: ""
+	zonelistfile: "/var/db/nsd/zone.list"
+	username: nsd
+	logfile: "/var/log/nsd.log"
+	pidfile: "/var/run/nsd.pid"
+	xfrdfile: "/var/db/nsd/xfrd.state"
+	zonesdir: "/etc/nsd/zones"
+	identity: "{{ inventory_hostname }}.redxen.eu"
+	hide-version: yes
+
+remote-control:
+	control-enable: no
+
+{% for zones in nsd.zones %}
+zone:
+	name: "{{ zones.name }}"
+	zonefile: "{{ zones.zonefile }}"
+{% endfor %}
--- a/templates/redxen.eu.zone.j2
+++ b/templates/redxen.eu.zone.j2
@ -0,0 +1,36 @@
+$ORIGIN redxen.eu.
+$TTL 1800
+@	IN	SOA	n0.redxen.eu.	admin.redxen.eu. (
+			2020053101
+			30m
+			2m
+			1w
+			1h
+)
+{% for host in groups['dns'] %}
+@	NS	{{ host }}
+{% endfor %}
+{% for host in groups['all'] %}
+{{ host }}	A	{{ hostvars[host]['ansible_default_ipv4']['address'] }}
+{{ host }}	AAAA	{{ hostvars[host]['ansible_default_ipv6']['address'] }}
+{% endfor %}
+
+{% for domains in unbound.public.group.A %}
+{% for host in groups[domains.group] %}
+{{ domains.domain|default("@") }}	A	{{ hostvars[host]['ansible_default_ipv4']['address'] }}
+{{ domains.domain|default("@") }}	AAAA	{{ hostvars[host]['ansible_default_ipv6']['address'] }}
+{% endfor %}
+{% endfor %}
+
+{% for record in unbound.public.TXT %}
+{{ record.name|default("@") }}	TXT	{{ record.content }}
+{% endfor %}
+{% for record in unbound.public.CNAME %}
+{{ record.name|default("@") }}	CNAME	{{ record.pointer }}
+{% endfor %}
+{% for record in unbound.public.SRV %}
+_{{ record.service }}._{{ record.proto }}	SRV	0 5 {{ record.port }} {{ record.host }}.
+{% endfor %}
+{% for record in unbound.public.A %}
+{{ record.name|default("@") }}	A	{{ record.addr }}
+{% endfor %}