ansible-role-bind/README.md

108 lines
2.8 KiB
Markdown
Raw Permalink Normal View History

2017-10-08 12:55:01 +00:00
# Ansible role: Bind
2018-07-09 20:01:42 +00:00
[![Version](https://img.shields.io/badge/latest_version-1.2.0-green.svg)](https://github.com/nishiki/ansible-role-bind/releases)
2017-10-08 12:55:01 +00:00
[![Build Status](https://travis-ci.org/nishiki/ansible-role-bind.svg?branch=master)](https://travis-ci.org/nishiki/ansible-role-bind)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://github.com/nishiki/ansible-role-bind/blob/master/LICENSE)
Install and configure bind with dnssec
## Requirements
2018-03-17 21:19:41 +00:00
* bind version >= 9.8
## Official support OS
* Debian
* stretch
* jessie
This role can work on Debian derived OS, but it's not our priority.
2017-10-08 12:55:01 +00:00
## Role variables
2018-03-17 21:19:41 +00:00
* `bind_role` - the role `master` or `slave`, don't generate dnssec key on `slave`
2018-03-21 19:30:11 +00:00
* `bind_options` - hash general bind options
2018-03-17 21:19:41 +00:00
* `bind_zones` - the dns zones
* `bind_zones_subset` array to use in `extra-vars` with the list zones to update
2018-03-17 21:19:41 +00:00
* `bind_listen_ipv4` - enable or disable ip v4 support (default: true)
* `bind_listen_ipv6` - enable or disable ip v6 support (default: true)
2017-10-08 12:55:01 +00:00
## How to use
2018-03-17 21:19:41 +00:00
* `host_vars/dns-master`
2017-10-15 07:17:28 +00:00
```
bind_role: master
```
2018-03-17 21:19:41 +00:00
* `host_vars/dns-slave`
2017-10-15 07:17:28 +00:00
```
bind_role: slave
```
2018-03-17 21:19:41 +00:00
* `group_vars/dns-server`
2017-10-15 07:17:28 +00:00
```
bind_listen_ipv6: true
bind_listen_ipv4: true
2018-03-21 19:30:11 +00:00
bind_options:
server-id: '"1"'
2017-10-15 07:17:28 +00:00
bind_zones:
test.local:
ns_primary: ns1.test.local
mail: root@test.local
serial: 2017092202
dnssec: yes
2018-03-21 19:30:11 +00:00
options:
key-directory: '"/etc/bind/keys"'
auto-dnssec: maintain
inline-signing: yes
2018-03-17 10:07:20 +00:00
records:
2017-10-15 07:17:28 +00:00
- { name: '@', type: ns, value: localhost. }
2018-03-16 23:36:43 +00:00
- { name: hello, type: a, ttl: 5m, value: 1.2.3.4 }
2018-03-17 09:47:25 +00:00
- { name: hello, type: caa, flag: 0, tag: issue, value: letsencrypt.org }
2018-05-25 11:06:21 +00:00
- { name: hello, type: srv, priority: 0, weight: 5, port: 80, value: www }
2017-10-15 07:17:28 +00:00
hello.local:
ns_primary: ns1.hello.local
mail: root@hello.local
serial: 2017092201
dnssec: no
2018-03-31 15:50:50 +00:00
state: disabled
2018-03-17 10:07:20 +00:00
records:
2017-10-15 07:17:28 +00:00
- { name: '@', type: ns, value: localhost. }
- { name: hello, type: a, value: 4.3.2.1 }
```
2018-03-17 21:19:41 +00:00
* playbook
2017-10-15 07:17:28 +00:00
2017-10-08 12:55:01 +00:00
```
- hosts: dns-server
roles:
- bind
```
## Development
### Tests with docker
2018-03-17 21:19:41 +00:00
* install [docker](https://docs.docker.com/engine/installation/)
* install ruby
* install bundler `gem install bundler`
* install dependencies `bundle install`
* run the tests `kitchen test`
2017-10-15 00:27:10 +00:00
## License
```
Copyright (c) 2017 Adrien Waksberg
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```