Install and configure NSD (dns) server.re.
- ansible version minimal is 2.3
- role hudecof.filter-plugins adds some jinja filters
- for RedHat based distribution EPEL repository is needed
All default variables are defined in the defaults/main.yml.
OS specific variables are in vars/os-.yml with __ prefix. See defaults which could be overwritten.
nsd_service_statedefine service state, defaults to startednsd_service_enableddefine service enable state, defaults to yesnsd_backupdefine wheather create config backup files, defaults to Falsensd_testdfine, whearther the role is in testing mode, defaults to False
nsd_packageslist of packages to install/remove, defaults to __nsd_packagesnsd_userusename to run service under, defaults to __nsd_usernsd_groupgroup name to run service under, defaults to __nsd_groupnsd_serviceservice name, defaults to __nsd_servicensd_dir_etcconfiguration directory, defaults to __nsd_dir_etcnsd_dir_dbdatabase directory, defaults to __nsd_dir_dbnsd_dir_runpid file directory, defaults to __nsd_dir_runnsd_dir_statestate directory, defaults to __nsd_dir_statensd_bin_control_setuppath to binary nsd-control-setupnsd_bin_check_confpath to binary nsd-checkconf
I will provide sample configuration. The dictionaty keys are configuration parameters for the NSD, so please see nsd.conf(5) maunal page.
nsd_conf_keys:
test:
algorithm: hmac-sha256
secret: aaaaaabbbbbbccccccdddddd
nsd_conf_zones:
example.com:
include-pattern: test
nsd_conf_patterns:
test:
'zonefile': 'zones.d/%s'
'provide-xfr': ['0.0.0.0/0 test', '::0/0 test']
nsd_conf_server:
'username': "{{ nsd_user }}"
'do-ip4': 'yes'
'do-ip6': 'no'
'hide-version': 'yes'
'zonesdir': "{{ nsd_dir_etc }}"
'database': "{{ nsd_dir_db }}/nsd.db"
'pidfile': "{{ nsd_dir_run }}/nsd.pid"
'xfrdfile': "{{ nsd_dir_state }}/xfrd.state"
'verbosity': 0
'ip-address': ['127.0.0.1']
To override onl part of the config you could use small trick with combine filter plugin.
nsd_conf_server_base:
'username': "{{ nsd_user }}"
'do-ip4': 'yes'
'do-ip6': 'no'
'hide-version': 'yes'
'zonesdir': "{{ nsd_dir_etc }}"
'database': "{{ nsd_dir_db }}/nsd.db"
'pidfile': "{{ nsd_dir_run }}/nsd.pid"
'xfrdfile': "{{ nsd_dir_state }}/xfrd.state"
'verbosity': 0
'ip-address': "{{ ansible_all_ipv4_addresses }} + {{ ['127.0.0.1'] }}"
nsd_conf_server_host: {}
nsd_conf_server: "{{ nsd_conf_server_base|combine(nsd_conf_server_host) }}"
roles:
- role: hudecof.packages
packages_centos_epel: True
packages_ubuntu_multiverse: True
packages_ubuntu_universe: True
- role: hudecof.filter_plugins
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- role: hudecof.packages
packages_centos_epel: True
packages_ubuntu_multiverse: True
packages_ubuntu_universe: True
- role: hudecof.filter_plugins
- role: hudecof.nsd
nsd_conf_keys:
test:
algorithm: hmac-sha256
secret: aaaaaabbbbbbccccccdddddd
nsd_conf_zones:
example.com:
include-pattern: test
nsd_conf_patterns:
test:
'zonefile': 'zones.d/%s'
'provide-xfr': ['0.0.0.0/0 test', '::0/0 test']
nsd_conf_server:
'username': "{{ nsd_user }}"
'do-ip4': 'yes'
'do-ip6': 'no'
'hide-version': 'yes'
'zonesdir': "{{ nsd_dir_etc }}"
'database': "{{ nsd_dir_db }}/nsd.db"
'pidfile': "{{ nsd_dir_run }}/nsd.pid"
'xfrdfile': "{{ nsd_dir_state }}/xfrd.state"
'verbosity': 0
'ip-address': ['127.0.0.1']
BSD
Peter Hudec
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent