|
- ---
- - import_playbook: playbook_ssh_known_host.yml
- - name: Configure PowerDNS auth server
- hosts:
- - all
- gather_facts: yes
- vars_files:
- - vars/powerdns.yml
- pre_tasks:
- - apt:
- name: '*'
- update_cache: true
- only_upgrade: true
- state: latest
- when: ansible_facts.os_family == "Debian"
- become: true
- become_method: sudo
- - yum:
- name: '*'
- update_cache: true
- security: true
- state: latest
- update_only: true
- when: ansible_facts.os_family == "RedHat"
- become: true
- become_method: sudo
- - set_fact:
- managed_domains: "{{ query('fileglob', '*.zone') | map('regex_replace', '(.*/)(.*).zone$', '\\2') | list | default([], true) }}"
- - set_fact:
- auth_ip_addresses: "{{ (slave_ip_addresses | default([], true)) | union(master_ip_addresses | default([], true)) | default(['127.0.0.0/8'], true) }}"
- - set_fact:
- delegated_managed_domains: "{{ delegated_managed_domains | default({}, true) | combine({item:auth_ip_addresses}) }}"
- loop: "{{ managed_domains | default([], true) }}"
- - set_fact:
- pdns_rec_forward_zones: "{{ (pdns_rec_forward_zones | default([])) + [[item.key, ((item.value | map('regex_replace', '/.*$')) | join(';'))] | join('=')] }}"
- loop: "{{ lookup('dict', (delegated_domains | default({}, true) | combine(delegated_managed_domains | default({}, true))), wantlist=true) }}"
- roles:
- - {role: powerdns.pdns, tags: ["auth"], become: true, become_method: sudo}
- - {role: powerdns.pdns_recursor, tags: ["recursor"], become: true, become_method: sudo}
- - {role: iptables, become: true, become_method: sudo}
- ...
|
