kresd: create role + playbook

This commit is contained in:
jeltz 2022-08-26 02:01:12 +02:00
parent cdc68cedd5
commit 9fc0aa1fe8
Signed by: jeltz
GPG key ID: 800882B66C0C3326
5 changed files with 73 additions and 0 deletions

22
playbooks/kresd.yml Executable file
View file

@ -0,0 +1,22 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- dns-1.int.infra.auro.re
vars:
kresd__listen:
- address: 0.0.0.0
port: 53
kind: dns
- address: "::"
port: 53
kind: dns
- address: 0.0.0.0
port: 853
kind: tls
- address: "::"
port: 853
kind: tls
kresd__cache_size: 256
roles:
- kresd
...

View file

@ -0,0 +1,4 @@
---
kresd__listen: []
kresd__freebind: true
kresd__cache_size: 128

View file

@ -0,0 +1,5 @@
---
- name: Restart kresd
systemd:
name: kresd@1.service
state: restarted

View file

@ -0,0 +1,21 @@
---
- name: Install knot-resolver
apt:
name: knot-resolver
- name: Configure kresd
template:
src: kresd.conf.j2
dest: /etc/knot-resolver/kresd.conf
owner: root
group: knot-resolver
mode: u=rw,g=r,o=
notify:
- Restart kresd
- name: Enable and start kresd
systemd:
name: kresd@1.service
state: started
enabled: true
...

View file

@ -0,0 +1,21 @@
{{ ansible_managed | comment(decoration="-- ") }}
{% for listen in kresd__listen %}
net.listen(
{{ listen.address | enquote }},
{{ listen.port | int }},
{
kind = {{ listen.kind | enquote }},
freebind = {{ listen.freebind
| default(kresd__freebind) }},
}
)
{% endfor %}
modules = {
'hints > iterate',
'stats',
'predict',
}
cache.size = {{ kresd__cache_size | int }} * MB