Skip to content

danielgriggs/ansible-ns-auth-chroot

Repository files navigation

Role Name

A role to configure an authoritative name server, either knot, nsd or bind in a consistant way.

Requirements

There are no requirements, though you'll need internet access to download packages.

Role Variables

nameserver_instances:
  - name: knot                   # name for the instance.
    index: 0                     # index, hope to make this optional.
    server: knot                 # which piece of software to use.
    log_syslog: True             # Log to syslog?
    log_file: True               # Log to file?
    log_severity: info           # minimum severity to log.
    source_v4: 192.168.0.1       # What v4 address to source connections from.
    source_v6: fd0:5353:5353::1  # What v6 address to source connections from.
    listen:                      # A dict of port and addresses to listen on.
      53:
        v4_addr:
          - 192.168.0.1
        v6_addr:
          - 
    zones:                       # The zone configurations.
      - knot-group
    rrl_qps: 400
    rrl_slip: 2

nameserver_zone_groups:
  knot-group:                    # The name of the configuration referenced above.
    settings:
      upstream: upstream-knot    # Named group of upstream and downstream servers.
    zones:
      - name: 1.example          # The names of the zones to serve.
      - name: 2.example
      - name: 3.example

nameserver_host_groups:
  upstream-knot:
    - server: master1             # Name of the server.
      ip: 192.168.0.4             # IP address of the upstream.
      tsig: knot-tsig             # Named tsig key configuration.

nameserver_tsig_keys:
  knot-tsig:                      # Name of the tsig key.
    key: '<some key>'             # Some base64 encoded key.
    algorithm: hmac-sha512        # The algorithm used.

Dependencies

There are no dependenices.

Example Playbook

- hosts: all
  roles:
    - ns-auth-chroot

License

BSD

Author Information

Daniel Griggs daniel@ninja.geek.nz

About

Nameserver agnostic Ansible configuration.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published