break: change with_items to loop
This commit is contained in:
parent
2b279efc50
commit
769433d20a
6 changed files with 27 additions and 21 deletions
|
|
@ -4,6 +4,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
- break: change with_items to loop
|
||||||
|
|
||||||
## v1.2.2 (2018-09-07)
|
## v1.2.2 (2018-09-07)
|
||||||
- fix: remove a bug in dnssec cron
|
- fix: remove a bug in dnssec cron
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ Install and configure bind with dnssec
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
* Ansible >= 2.4
|
* Ansible >= 2.6
|
||||||
* bind version >= 9.8
|
* bind version >= 9.8
|
||||||
* Debian Stretch
|
* Debian Stretch
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ galaxy_info:
|
||||||
author: Adrien Waksberg
|
author: Adrien Waksberg
|
||||||
description: Install and configure bind9 with dnssec
|
description: Install and configure bind9 with dnssec
|
||||||
license: Apache2
|
license: Apache2
|
||||||
min_ansible_version: 2.4
|
min_ansible_version: 2.6
|
||||||
|
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,12 @@
|
||||||
- name: install packages for bind9
|
- name: install packages for bind9
|
||||||
apt:
|
apt:
|
||||||
name: '{{ item }}'
|
name: '{{ packages }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
vars:
|
||||||
- bind9
|
packages:
|
||||||
- bind9-host
|
- bind9
|
||||||
- cron
|
- bind9-host
|
||||||
|
- cron
|
||||||
|
|
||||||
- name: create zone directory
|
- name: create zone directory
|
||||||
file:
|
file:
|
||||||
|
|
@ -30,7 +31,7 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
with_items:
|
loop:
|
||||||
- named.conf
|
- named.conf
|
||||||
- named.conf.options
|
- named.conf.options
|
||||||
- named.conf.local
|
- named.conf.local
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,12 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: bind
|
group: bind
|
||||||
mode: 0640
|
mode: 0640
|
||||||
# no_log: true
|
no_log: true
|
||||||
with_nested:
|
loop: '{{ bind_dnssec|product(file_ext)|list }}'
|
||||||
- '{{ bind_dnssec }}'
|
vars:
|
||||||
- [ 'ksk', 'zsk' ]
|
file_ext:
|
||||||
|
- ksk
|
||||||
|
- zsk
|
||||||
|
|
||||||
- name: copy public key
|
- name: copy public key
|
||||||
template:
|
template:
|
||||||
|
|
@ -17,7 +19,9 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: bind
|
group: bind
|
||||||
mode: 0640
|
mode: 0640
|
||||||
# no_log: true
|
no_log: true
|
||||||
with_nested:
|
loop: '{{ bind_dnssec|product(file_ext)|list }}'
|
||||||
- '{{ bind_dnssec }}'
|
vars:
|
||||||
- [ 'ksk', 'zsk' ]
|
file_ext:
|
||||||
|
- ksk
|
||||||
|
- zsk
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
- set_fact:
|
- set_fact:
|
||||||
bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
|
bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
|
||||||
with_dict: '{{ bind_zones }}'
|
loop: '{{ bind_zones|dict2items }}'
|
||||||
when: (item.value.state is not defined or item.value.state != 'absent') and (bind_zones_subset is not defined or item.key in bind_zones_subset)
|
when: (item.value.state is not defined or item.value.state != 'absent') and (bind_zones_subset is not defined or item.key in bind_zones_subset)
|
||||||
|
|
||||||
- name: create zone folder
|
- name: create zone folder
|
||||||
|
|
@ -10,7 +10,7 @@
|
||||||
group: bind
|
group: bind
|
||||||
mode: 0755
|
mode: 0755
|
||||||
state: directory
|
state: directory
|
||||||
with_items: '{{ bind_zones_play }}'
|
loop: '{{ bind_zones_play }}'
|
||||||
|
|
||||||
- name: copy zone files
|
- name: copy zone files
|
||||||
template:
|
template:
|
||||||
|
|
@ -19,7 +19,7 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
with_items: '{{ bind_zones_play }}'
|
loop: '{{ bind_zones_play }}'
|
||||||
register: zone
|
register: zone
|
||||||
notify: reload bind
|
notify: reload bind
|
||||||
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
shell: 'dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db'
|
shell: 'dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db'
|
||||||
args:
|
args:
|
||||||
chdir: /etc/bind/keys
|
chdir: /etc/bind/keys
|
||||||
with_items: '{{ zone.results }}'
|
loop: '{{ zone.results }}'
|
||||||
when: item.changed and item.item.key in bind_dnssec
|
when: item.changed and item.item.key in bind_dnssec
|
||||||
notify: reload bind
|
notify: reload bind
|
||||||
|
|
||||||
|
|
@ -42,5 +42,5 @@
|
||||||
file:
|
file:
|
||||||
path: '{{ item.path }}'
|
path: '{{ item.path }}'
|
||||||
state: absent
|
state: absent
|
||||||
with_items: '{{ zone_folders.files }}'
|
loop: '{{ zone_folders.files }}'
|
||||||
when: item.path|basename not in bind_zones or ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')
|
when: item.path|basename not in bind_zones or ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue