s3lph/ansible-collection-nameserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Documentation

Browse source
This commit is contained in:
s3lph 2021-01-19 21:12:53 +01:00
parent 9c329c8897
commit c040429eac
9 changed files with 111 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -1,5 +1,7 @@
# Ansible Collection - s3lph.nameserver # Ansible Collection - s3lph.nameserver
Documentation for the collection. Authoritative nameserver setup using the [knot][knot] DNS server.
WIP For a usage example see `docs/`.
[knot]: https://www.knot-dns.cz/

48
docs/group_vars/all/zones/zone.example.org.yml Normal file
View file

@ -0,0 +1,48 @@
---
# Replace example.org with your zone name
knot_zone_example.org:
masters:
- ns1.example.org
replicas:
- ns2.example.org
- ns3.example.org
# Replace example.org. with your zone name
name: example.org.
# Configure the SOA record to your liking
soa:
class: IN
primary: ns1.example.org
rname: abuse.example.org
refresh: 3600
retry: 300
expire: 7200
ttl: 3600
min_ttl: 3600
# Place your DNS records here
records:
- name: "@"
type: NS
value: ns1.example.org.
- name: "@"
type: NS
value: ns2.example.org.
- name: "@"
type: NS
value: ns3.example.org.
- name: "www"
type: AAAA
value: 2001:db8::42
- name: "@"
type: MX
value: 10 mail.example.org.
- name: "@"
type: TXT
value: '"v=spf1 mx a ~all"'

16
docs/host_vars/ns1.example.org/knot.yml Normal file
View file

@ -0,0 +1,16 @@
---
# Optional: Override nameserver identity and NSID
knot_server_identity: ns1.example.org
knot_server_nsid: ns1.example.org
# Mandatory for replicated setup: Addresses under which the nameserver
# is reachable
knot_dns_addresses:
- "2001:db8:42::1"
- "10.42.0.1"
# Change other host specific options here
# knot 2.7 in Debian stable doesn't know double-ds yet
knot_dnssec_policy_cds_publish: always

16
docs/host_vars/ns2.example.org/knot.yml Normal file
View file

@ -0,0 +1,16 @@
---
# Optional: Override nameserver identity and NSID
knot_server_identity: ns2.example.org
knot_server_nsid: ns2.example.org
# Mandatory for replicated setup: Addresses under which the nameserver
# is reachable
knot_dns_addresses:
- "2001:db8:42::2"
- "10.42.0.2"
# Change other host specific options here
# knot 2.7 in Debian stable doesn't know double-ds yet
knot_dnssec_policy_cds_publish: always

5
docs/host_vars/ns3.example.org/knot.yml Normal file
View file

@ -0,0 +1,5 @@
---
knot_dns_addresses:
- "2001:db8:1337::1"
- "172.16.0.1"

11
docs/inventory.ini Normal file
View file

@ -0,0 +1,11 @@
[nameserver]
ns1.example.org
ns2.example.org
[nameserver_external]
# External nameservers not managed here
#
# These hosts only serve as dummy hosts to hold the necessary
# information required for using them as zone transfer sources or
# targets
ns3.example.org

5
docs/playbook.yml Normal file
View file

@ -0,0 +1,5 @@
---
- hosts: nameserver
roles:
- s3lph.nameserver.knot

5
docs/requirements.yml Normal file
View file

@ -0,0 +1,5 @@
---
collections:
- name: https://gitlab.com/s3lph/ansible-collection-nameserver
type: git
version: master

2
galaxy.yml
View file

@ -21,7 +21,7 @@ authors:
### OPTIONAL but strongly recommended ### OPTIONAL but strongly recommended
# A short summary description of the collection # A short summary description of the collection
description: Authoritative nameserver setup with knot as master and nsd as replicas description: Authoritative nameserver setup using knot
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only # Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file' # accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'