nishiki/ansible-role-bind
1
0
Fork 0
Code Issues Pull requests Releases 2 Activity Actions

style: fix syntax for yamlint and ansible-lint

Browse source
This commit is contained in:
Adrien Waksberg 2019-02-18 22:36:09 +01:00
parent a396e6714e
commit 7eb050a76c
11 changed files with 48 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.kitchen.yml
View file

@ -1,3 +1,4 @@
---
driver: driver:
name: docker_cli name: docker_cli
@ -17,7 +18,7 @@ provisioner:
platforms: platforms:
- name: debian-9 - name: debian-9
driver_config: driver_config:
image: nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.6' %> image: "nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.6' %>"
command: /bin/systemd command: /bin/systemd
volume: volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

2
.rubocop.yml
View file

@ -1,4 +1,4 @@
---
AllCops: AllCops:
Exclude: Exclude:
- db/**/* - db/**/*

1
.travis.yml
View file

@ -1,3 +1,4 @@
---
sudo: required sudo: required
language: ruby language: ruby

13
.yamllint Normal file
View file

@ -0,0 +1,13 @@
---
extends: default
ignore: |
.kitchen*
vendor/
test/
rules:
line-length:
max: 120
level: warning
truthy: false

1
handlers/main.yml
View file

@ -1,3 +1,4 @@
---
- name: restart bind - name: restart bind
service: service:
name: bind9 name: bind9

2
meta/main.yml
View file

@ -1,5 +1,7 @@
---
galaxy_info: galaxy_info:
author: Adrien Waksberg author: Adrien Waksberg
company: Adrien Waksberg
description: Install and configure bind9 with dnssec description: Install and configure bind9 with dnssec
license: Apache2 license: Apache2
min_ansible_version: 2.6 min_ansible_version: 2.6

5
tasks/base.yml
View file

@ -1,3 +1,4 @@
---
- name: install packages for bind9 - name: install packages for bind9
apt: apt:
name: '{{ packages }}' name: '{{ packages }}'
@ -7,6 +8,10 @@
- bind9 - bind9
- bind9-host - bind9-host
- cron - cron
register: result
retries: 3
delay: 1
until: result is success
- name: create zone directory - name: create zone directory
file: file:

9
tasks/keys.yml
View file

@ -1,6 +1,9 @@
---
- name: copy private key - name: copy private key
copy: copy:
dest: '/etc/bind/keys/K{{ item.0 }}.+{{ "00{}".format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}+{{ bind_dnssec[item.0][item.1].tag }}.private' dest: "/etc/bind/keys/K{{ item.0 }}.\
+{{ '00{}'.format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}\
+{{ bind_dnssec[item.0][item.1].tag }}.private"
content: '{{ bind_dnssec[item.0][item.1].private_key }}' content: '{{ bind_dnssec[item.0][item.1].private_key }}'
owner: root owner: root
group: bind group: bind
@ -15,7 +18,9 @@
- name: copy public key - name: copy public key
template: template:
src: public.key.j2 src: public.key.j2
dest: '/etc/bind/keys/K{{ item.0 }}.+{{ "00{}".format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}+{{ bind_dnssec[item.0][item.1].tag }}.key' dest: "/etc/bind/keys/K{{ item.0 }}.\
+{{ '00{}'.format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}\
+{{ bind_dnssec[item.0][item.1].tag }}.key"
owner: root owner: root
group: bind group: bind
mode: 0640 mode: 0640

1
tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- import_tasks: base.yml - import_tasks: base.yml
tags: bind tags: bind

18
tasks/zones.yml
View file

@ -1,7 +1,11 @@
- set_fact: ---
- name: set fact bind_zone_play if it empty
set_fact:
bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}' bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
loop: '{{ bind_zones|dict2items }}' loop: '{{ bind_zones|dict2items }}'
when: (item.value.state is not defined or item.value.state != 'absent') and (bind_zones_subset is not defined or item.key in bind_zones_subset) when: >
(item.value.state is not defined or item.value.state != 'absent')
and (bind_zones_subset is not defined or item.key in bind_zones_subset)
- name: create zone folder - name: create zone folder
file: file:
@ -24,11 +28,13 @@
notify: reload bind notify: reload bind
- name: dnssec sign - name: dnssec sign
shell: 'dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db' shell: >
dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT
-o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db
args: args:
chdir: /etc/bind/keys chdir: /etc/bind/keys
loop: '{{ zone.results }}' loop: '{{ zone.results }}'
when: item.changed and item.item.key in bind_dnssec when: item.item.key in bind_dnssec and item.changed
notify: reload bind notify: reload bind
- name: get zones files - name: get zones files
@ -43,4 +49,6 @@
path: '{{ item.path }}' path: '{{ item.path }}'
state: absent state: absent
loop: '{{ zone_folders.files }}' loop: '{{ zone_folders.files }}'
when: item.path|basename not in bind_zones or ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent') when: >
item.path|basename not in bind_zones or
('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')

3
test/integration/bind/default.yml
View file

@ -1,3 +1,4 @@
---
- hosts: localhost - hosts: localhost
connection: local connection: local
vars: vars:
@ -6,7 +7,7 @@
bind_options: bind_options:
server-id: '"1"' server-id: '"1"'
bind_dnssec: bind_dnssec:
test.local: test.local:
ksk: ksk:
algorithm: 8 algorithm: 8
digest: 3 digest: 3