8681f17bad
- Incomplete - Creates the directory for the Reverse DNS Zones - Fails to copy the files and apply the db-reverse.js template - Not sure if DNSSEC is applicable on the reverse zone or not
86 lines
2.7 KiB
YAML
86 lines
2.7 KiB
YAML
- hosts: localhost
|
|
connection: local
|
|
vars:
|
|
bind_listen_ipv6: false
|
|
bind_role: master
|
|
bind_options:
|
|
server-id: '"1"'
|
|
bind_reverse_zones:
|
|
3.2.1.in-addr.arpa:
|
|
ns_primary: ns1.test.local
|
|
mail: root@test.local
|
|
serial: 2017092202
|
|
ttl: 3600
|
|
refresh: 14400
|
|
retry: 86400
|
|
expire: 2419200
|
|
negative_cache: 86400
|
|
dnssec: yes
|
|
options:
|
|
auto-dnssec: maintain
|
|
inline-signing: yes
|
|
key-directory: '"/etc/bind/keys"'
|
|
records:
|
|
- { name: '@', type: ns, value: localhost. }
|
|
- { name: '4', type: ptr, value: hello.test.local }
|
|
bind_zones:
|
|
test.local:
|
|
allow_transfer:
|
|
- '4.2.2.4'
|
|
ns_primary: ns1.test.local
|
|
mail: root@test.local
|
|
serial: 2017092202
|
|
ttl: 3600
|
|
refresh: 14400
|
|
retry: 86400
|
|
expire: 2419200
|
|
negative_cache: 86400
|
|
dnssec: yes
|
|
options:
|
|
auto-dnssec: maintain
|
|
inline-signing: yes
|
|
key-directory: '"/etc/bind/keys"'
|
|
records:
|
|
- { name: '@', type: mx, priority: 20, value: mail.test.local. }
|
|
- { name: '@', type: ns, value: localhost. }
|
|
- { name: hello, type: a, ttl: 5m, value: 1.2.3.4 }
|
|
- { name: hello, type: caa, flag: 0, tag: issue, value: letsencrypt.org }
|
|
- { name: hello, type: caa, flag: 0, tag: iodef, value: 'mailto:root@test.local' }
|
|
- { name: hello, type: srv, priority: 0, weight: 5, port: 80, value: www }
|
|
hello.local:
|
|
ns_primary: ns1.hello.local
|
|
mail: root@hello.local
|
|
serial: 2017092201
|
|
dnssec: no
|
|
records:
|
|
- { name: '@', type: mx, priority: 20, value: mail.test.local. }
|
|
- { name: '@', type: ns, value: localhost. }
|
|
- { name: '@', type: txt, value: RFufr9qzCi9vnJeWUB2FMNDCtu8ZtP6WE2jl2OFvIiz6pv2dwfzEXBgTC8SI1UzsmlkFYS7vxkHeYuOCLQ95BkOl0YP85ejQQlz8DNbcMcUdAoDtmlaZ9jeXnU7RgCXs5F9ggsmM9B6mFMhZWo1lzwsX86UAR5nw7rIO3cbGo9oUcMTShVFDkTPnoNhP7MTE0L4M99yv8ZLptmS2GP6goHXZgTdFIyYCdfziQgoENcloUI3KshDscsoh6H6I2LA }
|
|
- { name: hello, type: a, value: 4.3.2.1 }
|
|
disabled.local:
|
|
ns_primary: ns1.disabled.local
|
|
mail: root@disabled.local
|
|
serial: 2017092201
|
|
dnssec: no
|
|
state: disabled
|
|
records:
|
|
- { name: '@', type: mx, priority: 20, value: mail.test.local. }
|
|
absent.local:
|
|
ns_primary: ns1.absent.local
|
|
mail: root@absent.local
|
|
serial: 2017092201
|
|
dnssec: no
|
|
state: absent
|
|
records:
|
|
- { name: '@', type: mx, priority: 20, value: mail.test.local. }
|
|
|
|
|
|
|
|
|
|
|
|
roles:
|
|
- ansible-role-bind
|
|
|
|
tasks:
|
|
- apt:
|
|
name: dnsutils
|