2017-10-08 12:55:01 +00:00
|
|
|
# Ansible role: Bind
|
2018-08-08 19:25:07 +00:00
|
|
|
[![Version](https://img.shields.io/badge/latest_version-1.2.1-green.svg)](https://github.com/nishiki/ansible-role-bind/releases)
|
2017-10-08 12:55:01 +00:00
|
|
|
[![Build Status](https://travis-ci.org/nishiki/ansible-role-bind.svg?branch=master)](https://travis-ci.org/nishiki/ansible-role-bind)
|
|
|
|
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://github.com/nishiki/ansible-role-bind/blob/master/LICENSE)
|
|
|
|
|
|
|
|
Install and configure bind with dnssec
|
|
|
|
|
|
|
|
## Requirements
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* bind version >= 9.8
|
|
|
|
|
|
|
|
## Official support OS
|
|
|
|
|
|
|
|
* Debian
|
|
|
|
* stretch
|
|
|
|
* jessie
|
|
|
|
|
|
|
|
This role can work on Debian derived OS, but it's not our priority.
|
2017-10-08 12:55:01 +00:00
|
|
|
|
|
|
|
## Role variables
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* `bind_role` - the role `master` or `slave`, don't generate dnssec key on `slave`
|
2018-03-21 19:30:11 +00:00
|
|
|
* `bind_options` - hash general bind options
|
2018-03-17 21:19:41 +00:00
|
|
|
* `bind_zones` - the dns zones
|
2018-05-26 07:51:21 +00:00
|
|
|
* `bind_zones_subset` array to use in `extra-vars` with the list zones to update
|
2018-03-17 21:19:41 +00:00
|
|
|
* `bind_listen_ipv4` - enable or disable ip v4 support (default: true)
|
|
|
|
* `bind_listen_ipv6` - enable or disable ip v6 support (default: true)
|
2017-10-08 12:55:01 +00:00
|
|
|
|
|
|
|
## How to use
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* `host_vars/dns-master`
|
2017-10-15 07:17:28 +00:00
|
|
|
```
|
|
|
|
bind_role: master
|
|
|
|
```
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* `host_vars/dns-slave`
|
2017-10-15 07:17:28 +00:00
|
|
|
```
|
|
|
|
bind_role: slave
|
|
|
|
```
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* `group_vars/dns-server`
|
2017-10-15 07:17:28 +00:00
|
|
|
```
|
|
|
|
bind_listen_ipv6: true
|
|
|
|
bind_listen_ipv4: true
|
2018-03-21 19:30:11 +00:00
|
|
|
bind_options:
|
|
|
|
server-id: '"1"'
|
2017-10-15 07:17:28 +00:00
|
|
|
|
|
|
|
bind_zones:
|
|
|
|
test.local:
|
|
|
|
ns_primary: ns1.test.local
|
|
|
|
mail: root@test.local
|
|
|
|
serial: 2017092202
|
|
|
|
dnssec: yes
|
2018-03-21 19:30:11 +00:00
|
|
|
options:
|
|
|
|
key-directory: '"/etc/bind/keys"'
|
|
|
|
auto-dnssec: maintain
|
|
|
|
inline-signing: yes
|
2018-03-17 10:07:20 +00:00
|
|
|
records:
|
2017-10-15 07:17:28 +00:00
|
|
|
- { name: '@', type: ns, value: localhost. }
|
2018-03-16 23:36:43 +00:00
|
|
|
- { name: hello, type: a, ttl: 5m, value: 1.2.3.4 }
|
2018-03-17 09:47:25 +00:00
|
|
|
- { name: hello, type: caa, flag: 0, tag: issue, value: letsencrypt.org }
|
2018-05-25 11:06:21 +00:00
|
|
|
- { name: hello, type: srv, priority: 0, weight: 5, port: 80, value: www }
|
2017-10-15 07:17:28 +00:00
|
|
|
hello.local:
|
|
|
|
ns_primary: ns1.hello.local
|
|
|
|
mail: root@hello.local
|
|
|
|
serial: 2017092201
|
|
|
|
dnssec: no
|
2018-03-31 15:50:50 +00:00
|
|
|
state: disabled
|
2018-03-17 10:07:20 +00:00
|
|
|
records:
|
2017-10-15 07:17:28 +00:00
|
|
|
- { name: '@', type: ns, value: localhost. }
|
|
|
|
- { name: hello, type: a, value: 4.3.2.1 }
|
|
|
|
```
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* playbook
|
2017-10-15 07:17:28 +00:00
|
|
|
|
2017-10-08 12:55:01 +00:00
|
|
|
```
|
|
|
|
- hosts: dns-server
|
|
|
|
roles:
|
|
|
|
- bind
|
|
|
|
```
|
|
|
|
|
|
|
|
## Development
|
|
|
|
### Tests with docker
|
|
|
|
|
2018-03-17 21:19:41 +00:00
|
|
|
* install [docker](https://docs.docker.com/engine/installation/)
|
|
|
|
* install ruby
|
|
|
|
* install bundler `gem install bundler`
|
|
|
|
* install dependencies `bundle install`
|
|
|
|
* run the tests `kitchen test`
|
2017-10-15 00:27:10 +00:00
|
|
|
|
|
|
|
## License
|
|
|
|
|
|
|
|
```
|
|
|
|
Copyright (c) 2017 Adrien Waksberg
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
```
|