869dd5b62a
* Add playbook dns to manage internal dns master servers * Add role to manage PowerDNS Admin Web Frontend for PowerDNS * Move dns zone related data from mesh list to a simpler dict with a simple zone list * Update role service-bind-slave * Update Readme.md * Add requirements.yml * Update .gitignore
72 lines
2.8 KiB
YAML
72 lines
2.8 KiB
YAML
---
|
|
- name: Manage DNS Internal Master Server.
|
|
hosts: dns-master-internal
|
|
|
|
roles:
|
|
- service-nginx
|
|
- nodejs
|
|
- yarn
|
|
- geerlingguy.mysql
|
|
- powerdns.pdns
|
|
- pdns-admin
|
|
|
|
vars:
|
|
mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
|
|
mysql_databases:
|
|
- name: "pdns-admin"
|
|
encoding: "utf8"
|
|
collation: "utf8_general_ci"
|
|
mysql_users:
|
|
- name: "pdns-admin"
|
|
host: "localhost"
|
|
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
|
|
priv: "pdns-admin.*:ALL"
|
|
mysql_max_binlog_size: "100M"
|
|
mysql_expire_logs_days: "10"
|
|
|
|
pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
|
|
|
|
pdns_mysql_databases_credentials:
|
|
gmysql:
|
|
priv_user: root
|
|
priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
|
|
priv_host:
|
|
- "localhost"
|
|
|
|
pdns_config:
|
|
allow-axfr-ips: "{% for host in groups['ffmwu-gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
|
|
api: "yes"
|
|
api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey subkey=api-key') }}"
|
|
default-soa-name: "{{ inventory_hostname }}"
|
|
default-soa-mail: "admin.freifunk-mwu.de"
|
|
local-port: "53"
|
|
local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }}"
|
|
local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }}"
|
|
master: True
|
|
only-notify: "{% for prefix in internal_prefixes %}{{ prefix.ipv4 }},{{ prefix.ipv6 }}{% if not loop.last %},{% endif %}{% endfor %}"
|
|
tcp-fast-open: "50"
|
|
version-string: "anonymous"
|
|
webserver: "yes"
|
|
webserver-address: "127.0.0.1"
|
|
webserver-allow-from: "0.0.0.0/0,::/0"
|
|
webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver subkey=password') }}"
|
|
|
|
pdns_backends:
|
|
gmysql:
|
|
host: "127.0.0.1"
|
|
user: "powerdns"
|
|
password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=password') }}"
|
|
dbname: "powerdns"
|
|
|
|
pdns_admin_global_config:
|
|
secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
|
|
login_title: "Freifunk MWU DNS Management"
|
|
log_level: "INFO"
|
|
log_file: "pdns-admin.log"
|
|
|
|
pdns_admin_database_config:
|
|
sqla_db_user: "pdns-admin"
|
|
sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
|
|
sqla_db_host: "127.0.0.1"
|
|
sqla_db_name: "pdns-admin"
|
|
sqlalchemy_track_modifications: True
|