From a0651d770378f02dcfd1776b522a96f5de7958ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yoha=C3=AF-Eliel=20BERREBY?= Date: Sat, 18 Apr 2020 16:52:13 +0200 Subject: [PATCH] unbound: bind to the right addresses on backup hosts --- group_vars/all/vars.yml | 4 ++-- hosts | 13 +++++++++++-- roles/unbound/tasks/main.yml | 10 ++++++++++ 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 153e4f5..5c438a9 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -43,10 +43,10 @@ matrix_discord_bot_token: "{{ vault_matrix_discord_bot_token }}" # Dernier octet (en décimal) de l'addresse des serveurs DNS récursifs de chaque # résidence. -dns_host_suffix: 253 +dns_host_suffix_main: 253 +dns_host_suffix_backup: 153 upstream_dns_servers: - "80.67.169.12" # French Data Network (FDN) (ns0.fdn.fr) - "1.1.1.1" # Cloudflare -unbound_log_file: "/var/log/unbound.log" diff --git a/hosts b/hosts index 0fc686d..9ec7bef 100644 --- a/hosts +++ b/hosts @@ -156,11 +156,20 @@ gs_pve #dhcp-edc.adm.auro.re #dhcp-gs.adm.auro.re -[recursive_dns] +[recursive_dns:children] +rdns_main +rdns_backup + +[rdns_main] dns-fleming.adm.auro.re -dns-fleming-backup.adm.auro.re dns-pacaterie.adm.auro.re + +[rdns_backup] +dns-fleming-backup.adm.auro.re dns-pacaterie-backup.adm.auro.re + + +# FIXME: #dns-edc.adm.auro.re #dns-gs.adm.auro.re diff --git a/roles/unbound/tasks/main.yml b/roles/unbound/tasks/main.yml index 4dfaa59..18f99ce 100644 --- a/roles/unbound/tasks/main.yml +++ b/roles/unbound/tasks/main.yml @@ -1,5 +1,15 @@ --- +# This is used to let unbound bind to the right IP addresses. +- set_fact: + dns_host_suffix: "{{ dns_host_suffix_main }}" + when: "'rdns_main' in group_names" + +- set_fact: + dns_host_suffix: "{{ dns_host_suffix_backup }}" + when: "'rdns_backup' in group_names" + + - name: install unbound apt: update_cache: true