64 lines
1.9 KiB
YAML
64 lines
1.9 KiB
YAML
|
# roles/bind/tasks/master.yml
|
||
|
# Set up a BIND master server
|
||
|
---
|
||
|
|
||
|
- name: Master | Main BIND config file (master)
|
||
|
template:
|
||
|
src: master_etc_named.conf.j2
|
||
|
dest: "{{ bind_config }}"
|
||
|
owner: "{{ bind_owner }}"
|
||
|
group: "{{ bind_group }}"
|
||
|
mode: '0640'
|
||
|
setype: named_conf_t
|
||
|
validate: 'named-checkconf %s'
|
||
|
notify: reload bind
|
||
|
tags: bind
|
||
|
|
||
|
- name: Master | Create forward lookup zone file
|
||
|
template:
|
||
|
src: bind_zone.j2
|
||
|
dest: "{{ bind_zone_dir }}/{{ item.name }}"
|
||
|
owner: "{{ bind_owner }}"
|
||
|
group: "{{ bind_group }}"
|
||
|
mode: "{{ bind_zone_file_mode }}"
|
||
|
setype: named_zone_t
|
||
|
validate: 'named-checkzone -d {{ item.name }} %s'
|
||
|
with_items:
|
||
|
- "{{ bind_zone_domains }}"
|
||
|
notify: reload bind
|
||
|
tags: bind
|
||
|
|
||
|
- name: Master | Create reverse lookup zone file
|
||
|
template:
|
||
|
src: reverse_zone.j2
|
||
|
dest: "{{ bind_zone_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa"
|
||
|
owner: "{{ bind_owner }}"
|
||
|
group: "{{ bind_group }}"
|
||
|
mode: "{{ bind_zone_file_mode }}"
|
||
|
setype: named_zone_t
|
||
|
validate: "named-checkzone {{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa %s"
|
||
|
with_subelements:
|
||
|
- "{{ bind_zone_domains }}"
|
||
|
- networks
|
||
|
- flags:
|
||
|
skip_missing: true
|
||
|
notify: reload bind
|
||
|
tags: bind
|
||
|
|
||
|
- name: Master | Create reverse IPv6 lookup zone file
|
||
|
template:
|
||
|
src: reverse_zone_ipv6.j2
|
||
|
dest: "{{bind_zone_dir}}/{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }}"
|
||
|
owner: "{{ bind_owner }}"
|
||
|
group: "{{ bind_group }}"
|
||
|
mode: "{{ bind_zone_file_mode }}"
|
||
|
setype: named_zone_t
|
||
|
validate: "named-checkzone {{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):] }} %s"
|
||
|
with_subelements:
|
||
|
- "{{ bind_zone_domains }}"
|
||
|
- ipv6_networks
|
||
|
- flags:
|
||
|
skip_missing: true
|
||
|
notify: reload bind
|
||
|
tags: bind
|