aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity

Manage DNS servers using Ansible #93

Open
jeltz wants to merge 45 commits from dns into master
pull from: dns
merge into: aurore:master
Conversation 0 Commits 45 Files changed 19 +79 -10
1 changed files with 79 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 8d92035a81 - Show all commits

89
playbooks/knotd.yml
View file

@ -145,6 +145,60 @@
portail-gs:
- 10.53.0.247
- 2a09:6840:53::247
adh.auro.re:
hoffman:
- 45.66.110.1
- 2a09:6840:110:0:2d8:61ff:fe56:d7eb
hindley:
- 45.66.110.3
- 2a09:6840:110:0:a6ba:dbff:fe03:1f36
yberreby:
- 45.66.110.5
- 2a09:6840:110:0:d896:1dff:fe59:8381
paon:
- 45.66.110.10
- 2a09:6840:110:0:231:92ff:fe1b:ae22
lovelace:
- 45.66.110.45
- 2a09:6840:110:0:c634:6bff:feb5:7bcc
switch-leo:
- 45.66.110.103
- 2a09:6840:110:0:82cc:9cff:fe82:ca3e
haskell:
- 45.66.110.112
- 2a09:6840:110:0:f4ac:cbff:fe81:7f48
lyshyga0:
- 45.66.110.113
- 2a09:6840:110:0:6af7:28ff:fe91:e8d9
pz28910:
- 45.66.110.114
vinsing0:
- 45.66.110.123
- 2a09:6840:110:0:1e1b:dff:fe90:7d81
osc-routeur:
- 45.66.110.125
- 2a09:6840:110:0:ba27:ebff:fe2d:c1a1
odroid:
- 45.66.110.154
- 2a09:6840:110:0:21e:6ff:fe49:e00
amau0:
- 45.66.110.164
- 2a09:6840:110:0:3e7c:3fff:fec3:27d1
regulus:
- 45.66.110.180
- 2a09:6840:110:0:2ef0:5dff:fe2a:1530
toaster:
- 45.66.110.188
- 2a09:6840:110:0:5246:5dff:fe9a:f70
rpijutax:
- 45.66.110.190
- 2a09:6840:110:0:ba27:ebff:fe76:a9bc
lafeychine:
- 45.66.110.200
- 2a09:6840:110:0:46a5:6eff:fe71:1
polaris:
- 45.66.110.245
- 2a09:6840:110:0:dea6:32ff:feb4:d033
knotd__zones:
auro.re:
dnssec_policy: public
@ -222,7 +276,18 @@
- smtp
- imap
target: mail
hosts: "{{ knotd__hosts['auro.re'] }}"
- name:
- prometheus-paul.adh
- pma-paul.adh
- nextcloud-paul.adh
- grafana-paul.adh
- jellyfin-paul.adh
- monitoring.adh
- beta-mpp.adh
target: pz28910.adh
hosts: "{{ knotd__hosts['auro.re']
| combine(knotd__hosts['adh.auro.re']
| add_origin_keys('adh.auro.re.')) }}"
infra.auro.re:
dnssec_policy: infra
notify:
@ -295,6 +360,9 @@
- target:
- ns-1.auro.re.
- ns-2.auro.re.
reverse_hosts: "{{ knotd__hosts['adh.auro.re']
| ip_filter(['45.66.110.0/24'])
| add_origin_keys('adh.auro.re.') }}"
111.66.45.in-addr.arpa:
dnssec_policy: ripe
notify:
@ -308,15 +376,10 @@
- target:
- ns-1.auro.re.
- ns-2.auro.re.
ptr:
- name: "1"
target: x.auro.re.
- name: "2"
target: y.auro.re.
reverse_hosts: "{{ knotd__hosts['auro.re']
| ip_filter(['45.66.111.0/24'])
| add_origin_keys('auro.re.') }}"
4.8.6.9.0.a.2.ip6.arpa:
0.4.8.6.9.0.a.2.ip6.arpa:
dnssec_policy: ripe
notify:
- xfr-ns-1
@ -329,6 +392,12 @@
- target:
- ns-1.auro.re.
- ns-2.auro.re.
reverse_hosts: "{{ knotd__hosts['auro.re']
| ip_filter(['2a09:6840::/32'])
| add_origin_keys('auro.re.')
| combine(knotd__hosts['adh.auro.re']
| ip_filter(['2a09:6840::/32'])
| add_origin_keys('adh.auro.re.')) }}"
#reverse: "{{ nb_dns_reverse(ranges={'45.66.108.0/24'},
# vlan_suffixes=nb__dns_vlan_suffixes) }}"
#hosts: "{{ nb_dns_hosts(vlans={'int', 'ceph', 'ext', 'bmc'},
@ -374,12 +443,12 @@
- 10.0.0.0/8
knotd__zones:
auro.re:
dnssec_validation: false
dnssec_validation: true
acl:
- notify-master
master: xfr-master
infra.auro.re:
dnssec_validation: false
dnssec_validation: true
acl:
- notify-master
#queryacl: local
@ -404,7 +473,7 @@
acl:
- notify-master
master: xfr-master
4.8.6.9.0.a.2.ip6.arpa:
0.4.8.6.9.0.a.2.ip6.arpa:
dnssec_validation: false
acl:
- notify-master