create config powerdns
This commit is contained in:
parent
ae52d90998
commit
60dcadb0ac
19
ansible/group_vars/DNS
Normal file
19
ansible/group_vars/DNS
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
pdns_config:
|
||||||
|
local-address: "127.0.0.1"
|
||||||
|
local-port: "5300"
|
||||||
|
api: yes
|
||||||
|
api-key:
|
||||||
|
|
||||||
|
pdns_backends:
|
||||||
|
gsqlite3:
|
||||||
|
dnssec: yes
|
||||||
|
database: "/var/lib/powerdns/powerdns.sqlite"
|
||||||
|
pdns_sqlite_databases_locations:
|
||||||
|
- "/var/lib/powerdns/powerdns.sqlite"
|
||||||
|
|
||||||
|
pdns_rec_config:
|
||||||
|
forward-zones:
|
||||||
|
- "consul=127.0.0.1:8600"
|
||||||
|
- "ducamps.win=192.168.1.10"
|
||||||
|
- "ducamps.eu=192.168.1.10"
|
||||||
|
local-address: "{{ ansible_default_ipv4.address }}"
|
6
ansible/playbooks/dns.yml
Normal file
6
ansible/playbooks/dns.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: DNS playbook
|
||||||
|
hosts: DNS
|
||||||
|
roles:
|
||||||
|
- role: pdns_recursor-ansible
|
||||||
|
become: true
|
@ -7,6 +7,8 @@ gerard
|
|||||||
corwin
|
corwin
|
||||||
merlin
|
merlin
|
||||||
|
|
||||||
|
[DNS]
|
||||||
|
gerard
|
||||||
|
|
||||||
[dhcp]
|
[dhcp]
|
||||||
gerard
|
gerard
|
||||||
|
@ -39,3 +39,5 @@
|
|||||||
scm: git
|
scm: git
|
||||||
- src: git@github.com:vincentDcmps/ansible-role-nfs.git
|
- src: git@github.com:vincentDcmps/ansible-role-nfs.git
|
||||||
scm: git
|
scm: git
|
||||||
|
- src: https://github.com/PowerDNS/pdns-ansible.git
|
||||||
|
- src: https://github.com/PowerDNS/pdns_recursor-ansible.git
|
||||||
|
@ -5,6 +5,9 @@ gerard-dev
|
|||||||
[VPS]
|
[VPS]
|
||||||
merlin-dev
|
merlin-dev
|
||||||
|
|
||||||
|
[DNS]
|
||||||
|
oscar-dev
|
||||||
|
|
||||||
[database]
|
[database]
|
||||||
oscar-dev
|
oscar-dev
|
||||||
|
|
||||||
|
31
docs/ADR/004-DNS.md
Normal file
31
docs/ADR/004-DNS.md
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# 004 DNS
|
||||||
|
|
||||||
|
## Status
|
||||||
|
|
||||||
|
In progress
|
||||||
|
|
||||||
|
## Context
|
||||||
|
|
||||||
|
curently main local domain DNS is located on NAS.
|
||||||
|
|
||||||
|
goal:
|
||||||
|
|
||||||
|
- avoid DNS outtage in case of NAS reboot (my synology have 10 years and is a litle long to reboot) morever during NAS reboot we lost the adblock DNS in the nomad cluster because nomad depend of the NFS share.
|
||||||
|
- remove the direct redirection to service.consul DNS and the IPTABLE rule use to redirect port 53 on consul on gerard instead new DNS could be forward directly to an active consul node on port 8300
|
||||||
|
|
||||||
|
### DNS software
|
||||||
|
|
||||||
|
need DHCP Dynamic update
|
||||||
|
could redirect domain on other port than port 53
|
||||||
|
|
||||||
|
## Decision
|
||||||
|
|
||||||
|
we will migrate Main Domain DNS from NAS to gerard (powerDNS)
|
||||||
|
powerDNS provide two disting binaries one for authority server one other for recursor
|
||||||
|
goal is to first migrate the recursice part from synology to a physical service
|
||||||
|
and in second time migrate authority server in nmad cluster
|
||||||
|
|
||||||
|
## Consequences
|
||||||
|
|
||||||
|
before to move authority server need to remove DB dns dependance (create db consul services)
|
||||||
|
need to delete the iptable rule on gerard before deploy
|
Loading…
Reference in New Issue
Block a user