#!/usr/bin/ansible-playbook --- - name: Manage DNS Internal Master Server. hosts: kichererbse.freifunk-mwu.de roles: - service-nginx - nodejs - yarn - geerlingguy.mysql - powerdns.pdns - pdns-admin vars: mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}" mysql_databases: - name: "pdns-admin" encoding: "utf8" collation: "utf8_general_ci" mysql_users: - name: "pdns-admin" host: "localhost" password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}" priv: "pdns-admin.*:ALL" mysql_max_binlog_size: "100M" mysql_expire_logs_days: "10" mysql_bind_address: "127.0.0.1" pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}" pdns_mysql_databases_credentials: gmysql: priv_user: root priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}" priv_host: - "localhost" pdns_config: allow-axfr-ips: "{% for host in groups['ffmwu-gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}" api: "yes" api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}" default-soa-name: "{{ inventory_hostname }}" default-soa-mail: "admin.freifunk-mwu.de" local-port: "53" local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }}" local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }}" master: True only-notify: "{% for prefix in internal_prefixes %}{{ prefix.ipv4 }},{{ prefix.ipv6 }}{% if not loop.last %},{% endif %}{% endfor %}" tcp-fast-open: "50" version-string: "anonymous" webserver: "yes" webserver-address: "127.0.0.1" webserver-allow-from: "0.0.0.0/0,::/0" webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}" pdns_backends: gmysql: host: "127.0.0.1" user: "powerdns" password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}" dbname: "powerdns" pdns_admin_global_config: secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}" login_title: "Freifunk MWU DNS Management" log_level: "INFO" log_file: "pdns-admin.log" pdns_admin_database_config: sqla_db_user: "pdns-admin" sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}" sqla_db_host: "127.0.0.1" sqla_db_name: "pdns-admin" sqlalchemy_track_modifications: True