dns/tasks/master.yml

# roles/bind/tasks/master.yml
# Set up a BIND master server
---
- name: Master | Main BIND config file (master)
  template:
    src: master_etc_named.conf.j2
    dest: "{{ bind_config }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "0640"
    setype: named_conf_t
    validate: "named-checkconf %s"
  notify: reload bind
  tags: bind

- name: Master | Create forward lookup zone file
  template:
    src: bind_zone.j2
    dest: "{{ bind_zone_dir }}/{{ item.name }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "{{ bind_zone_file_mode }}"
    setype: named_zone_t
    validate: "named-checkzone -d {{ item.name }} %s"
  with_items:
    - "{{ bind_zone_domains }}"
  notify: reload bind
  tags: bind

- name: Master | Create reverse lookup zone file
  template:
    src: reverse_zone.j2
    dest: "{{ bind_zone_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "{{ bind_zone_file_mode }}"
    setype: named_zone_t
    validate: "named-checkzone {{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa %s"
  with_subelements:
    - "{{ bind_zone_domains }}"
    - networks
    - flags:
      skip_missing: true
  notify: reload bind
  tags: bind

- name: Master | Create reverse IPv6 lookup zone file
  template:
    src: reverse_zone_ipv6.j2
    dest: "{{ bind_zone_dir }}/{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "{{ bind_zone_file_mode }}"
    setype: named_zone_t
    validate: "named-checkzone {{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):] }} %s"
  with_subelements:
    - "{{ bind_zone_domains }}"
    - ipv6_networks
    - flags:
      skip_missing: true
  notify: reload bind
  tags: bind
updated DNS role 2019-04-16 14:53:34 +00:00			`# roles/bind/tasks/master.yml`
			`# Set up a BIND master server`
			`---`
			`- name: Master \| Main BIND config file (master)`
			`template:`
			`src: master_etc_named.conf.j2`
			`dest: "{{ bind_config }}"`
			`owner: "{{ bind_owner }}"`
			`group: "{{ bind_group }}"`
linting 2021-10-22 08:53:28 +00:00			`mode: "0640"`
updated DNS role 2019-04-16 14:53:34 +00:00			`setype: named_conf_t`
linting 2021-10-22 08:53:28 +00:00			`validate: "named-checkconf %s"`
updated DNS role 2019-04-16 14:53:34 +00:00			`notify: reload bind`
			`tags: bind`

			`- name: Master \| Create forward lookup zone file`
			`template:`
			`src: bind_zone.j2`
			`dest: "{{ bind_zone_dir }}/{{ item.name }}"`
			`owner: "{{ bind_owner }}"`
			`group: "{{ bind_group }}"`
			`mode: "{{ bind_zone_file_mode }}"`
			`setype: named_zone_t`
linting 2021-10-22 08:53:28 +00:00			`validate: "named-checkzone -d {{ item.name }} %s"`
updated DNS role 2019-04-16 14:53:34 +00:00			`with_items:`
			`- "{{ bind_zone_domains }}"`
			`notify: reload bind`
			`tags: bind`

			`- name: Master \| Create reverse lookup zone file`
			`template:`
			`src: reverse_zone.j2`
			`dest: "{{ bind_zone_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa"`
			`owner: "{{ bind_owner }}"`
			`group: "{{ bind_group }}"`
			`mode: "{{ bind_zone_file_mode }}"`
			`setype: named_zone_t`
			`validate: "named-checkzone {{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa %s"`
			`with_subelements:`
			`- "{{ bind_zone_domains }}"`
			`- networks`
			`- flags:`
			`skip_missing: true`
			`notify: reload bind`
			`tags: bind`

			`- name: Master \| Create reverse IPv6 lookup zone file`
			`template:`
			`src: reverse_zone_ipv6.j2`
linting 2021-10-22 08:53:28 +00:00			`dest: "{{ bind_zone_dir }}/{{ (item.1 \| ipaddr('revdns'))[-(9+(item.1\|regex_replace('^.*/','')\|int)//2):-1] }}"`
updated DNS role 2019-04-16 14:53:34 +00:00			`owner: "{{ bind_owner }}"`
			`group: "{{ bind_group }}"`
			`mode: "{{ bind_zone_file_mode }}"`
			`setype: named_zone_t`
			`validate: "named-checkzone {{ (item.1 \| ipaddr('revdns'))[-(9+(item.1\|regex_replace('^.*/','')\|int)//2):] }} %s"`
			`with_subelements:`
			`- "{{ bind_zone_domains }}"`
			`- ipv6_networks`
			`- flags:`
			`skip_missing: true`
			`notify: reload bind`
			`tags: bind`