freifunk/ansible-ffibk
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Update Playbook dns.yml

Browse source 
* update passwordstore lookup usage: use other subkey than 'password'
 * add mysql_bind_address
This commit is contained in:
Tobias Hachmer 2019-03-22 19:48:47 +01:00
parent f0eeb53442
commit 91e8a2ff3d
No known key found for this signature in database
GPG key ID: E112788464CA5C60
1 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
playbooks/dns.yml Normal file → Executable file
View file

@ -1,6 +1,7 @@
#!/usr/bin/ansible-playbook
---
- name: Manage DNS Internal Master Server.
hosts: dns-master-internal
hosts: kichererbse.freifunk-mwu.de
roles:
- service-nginx
@ -11,7 +12,7 @@
- pdns-admin
vars:
mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
mysql_databases:
- name: "pdns-admin"
encoding: "utf8"
@ -19,24 +20,25 @@
mysql_users:
- name: "pdns-admin"
host: "localhost"
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
priv: "pdns-admin.*:ALL"
mysql_max_binlog_size: "100M"
mysql_expire_logs_days: "10"
mysql_bind_address: "127.0.0.1"
pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
pdns_mysql_databases_credentials:
gmysql:
priv_user: root
priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
priv_host:
- "localhost"
pdns_config:
allow-axfr-ips: "{% for host in groups['ffmwu-gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
api: "yes"
api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey subkey=api-key') }}"
api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
default-soa-name: "{{ inventory_hostname }}"
default-soa-mail: "admin.freifunk-mwu.de"
local-port: "53"
@ -49,24 +51,24 @@
webserver: "yes"
webserver-address: "127.0.0.1"
webserver-allow-from: "0.0.0.0/0,::/0"
webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver subkey=password') }}"
webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
pdns_backends:
gmysql:
host: "127.0.0.1"
user: "powerdns"
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=password') }}"
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
dbname: "powerdns"
pdns_admin_global_config:
secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
login_title: "Freifunk MWU DNS Management"
log_level: "INFO"
log_file: "pdns-admin.log"
pdns_admin_database_config:
sqla_db_user: "pdns-admin"
sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
sqla_db_host: "127.0.0.1"
sqla_db_name: "pdns-admin"
sqlalchemy_track_modifications: True