feat: add debian 12 support

CHANGELOG.md

@@ -5,12 +5,21 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 ## [Unreleased]
 
+### Added
+
+- support debian 11 and 12
+
+### Removed
+
+- support debian 10
+
 ### Changed
 
 - test: replace kitchen to molecule
 - feat: use label in loop_control
 
 ## v1.3.0 (2020-02-12)
+
 - feat: add support debian 10
 - break: change with_items to loop
 - break: remove support ansible < 2.7
@@ -18,18 +27,23 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 - test: add ansible-lint
 
 ## v1.2.2 (2018-09-07)
+
 - fix: remove a bug in dnssec cron
 
 ## v1.2.1 (2018-08-08)
+
 - fix: add dnssec cron
 
 ## v1.2.0 (2018-07-09)
+
 - feat: add bind_zones_subnet for extra-vars 
 - fix: disable allow transfer if isn't set
 
 ## v1.1.0 (2018-03-31)
+
 - feat: remove old zone files
 - feat: test the playbook with ansible 2.5
 
 ## v1.0.0 (2018-03-21)
+
 - first version

README.md

@@ -7,9 +7,11 @@ Install and configure bind with dnssec
 
 ## Requirements
 
-* Ansible >= 2.7
+* Ansible >= 2.9
 * bind version >= 9.8
-* Debian Stretch and Buster
+* Debian
+  * Bullseye
+  * Bookworm
 
 ## Role variables
 

meta/main.yml

@@ -1,16 +1,18 @@
 ---
 galaxy_info:
+  role_name: bind
+  namespace: nishiki
   author: Adrien Waksberg
   company: Adrien Waksberg
   description: Install and configure bind9 with dnssec
   license: Apache2
-  min_ansible_version: 2.7
+  min_ansible_version: "2.9"
 
   platforms:
     - name: Debian
       versions:
-        - stretch
+        - bullseye
-        - buster
+        - bookworm
 
   galaxy_tags:
     - bind

molecule/default/converge.yml

@@ -179,6 +179,12 @@
             priority: 20
             value: mail.test.local.
 
-  tasks:
+  pre_tasks:
-    - apt:
+    - name: Update apt cache
-        name: dnsutils
+      ansible.builtin.apt:
+        update_cache: true
+
+    - name: Install dnsutils for the tests
+      ansible.builtin.package:
+        name:
+          - dnsutils

molecule/default/molecule.yml

@@ -2,16 +2,30 @@
 driver:
   name: docker
 platforms:
-  - name: debian10
+  - name: debian12
-    image: nishiki/debian10:molecule
+    image: nishiki/debian12:molecule
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN
+  - name: debian11
+    image: nishiki/debian11:molecule
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    command: /bin/systemd
+    capabilities:
+      - SYS_ADMIN
+lint: |
+  set -e
+  yamllint .
+  ansible-lint .
 verifier:
   name: testinfra
 provisioner:
   options:
-    vault-password-file: vault
+    vault-password-file: molecule/default/vault

templates/named.conf.options.j2

@@ -3,10 +3,6 @@
 options {
   directory "/var/cache/bind";
 
-  dnssec-enable yes;
-  dnssec-validation yes;
-  dnssec-lookaside auto;
-
   auth-nxdomain no;    # conform to RFC1035
   listen-on { {% if bind_listen_ipv4 %}any{% else %}none{% endif %}; };
   listen-on-v6 { {% if bind_listen_ipv6 %}any{% else %}none{% endif %}; };