Skip to content

teadur/ansible-role-bind

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status

Ansible Bind9 Role

An ansible role for installing and managing bind, acting as primary and/or secondary nameserver. It does also copy the master zone files (bind_masterzones_path), but however, the zone files must exist.

Configuration:

Define where your zones files are stored:

  bind_masterzones_path: path/to/zones_dir

Configure the domains of the zones for a bind act as primary nameserver:

  bind_config_master_zones:
    - name: example.com
    - name: example2.com
    - name: example3.com

Optionally: If your zone should be synced with secondary nameservers, define the IPs of those:

  bind_config_master_allow_transfer:
    - 127.0.0.1
    - 127.0.0.2

Optionally: If your nameservers acts as a secondary nameserver, here is a sample setup:

  bind_config_slave_zones:
    - name: example.net
      masters: [ '127.1.0.1', '127.1.0.2' ]
      zones:
        - example.net
        - example.org

Optionally: If your nameservers acts as a secondary nameserver, here is a sample setup with TSIG Keys:

  bind_config_slave_zones:
    - name: example.net
      tsig_keys:
        - name: sample-key
          algorithm: hmac-md5
          secret: 'phaiGouX7Soh8gee4Vee'
      masters_templates:
        - name: example-tmpl
          servers:
          - '127.0.0.1 key sample-key'
          - '2001::15 key sample-key'
      masters: [ 'example-templ' ]
      zones:
        - example.net
        - example.org

  bind_config_master_tsig_keys:
     - name: sample-key
         algorithm: hmac-md5
         secret: 'phaiGouX7Soh8gee4Vee'

Optionally: If you need to forward some zones directly to another nameserver, here is a sample:

bind_config_forward_zones:
  - name: domains forwarded to 127.1.0.x nameservers
    forwarders: [ '127.1.0.1', '127.1.0.2' ]
    forward: only
    zones:
      - forwarded.example.net
      - forwarded.example.org

forward should be either first or only

Optionally: If you want to adjust the allow-query option globally, here is a sample:

bind_config_allow_query: [ '127.1.0.1', '127.1.0.2' ]

Dependencies

None.

Example Playbook

---
- hosts: nameservers
  remote_user: root
  roles:
     - role: bind9
       bind_base_zones_path: '/var/cache/bind'
       bind_config_version: 'none'
       bind_config_master_zones: []
       bind_config_slave_zones: []

License

MIT

Author Information

René Moser [email protected]

Additions by Daniel Paufler [email protected] Additions by Georg Kahest [email protected]

About

Bind role for Ansible

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Jinja 90.3%
  • DIGITAL Command Language 9.7%