collection of ansible roles
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
---
|
|
|
- name: unbound.conf
|
|
|
template:
|
|
|
src: unbound.conf
|
|
|
dest: /var/unbound/etc/unbound.conf
|
|
|
owner: root
|
|
|
group: wheel
|
|
|
mode: 0644
|
|
|
notify: reload unbound
|
|
|
- name: nsd.conf
|
|
|
template:
|
|
|
src: nsd.conf
|
|
|
dest: /var/nsd/etc/nsd.conf
|
|
|
owner: root
|
|
|
group: _nsd
|
|
|
mode: 0640
|
|
|
notify: reload nsd
|
|
|
- name: forward zonefile(s)
|
|
|
template:
|
|
|
src: zonefile.forward
|
|
|
dest: "/var/nsd/zones/{{ item.role }}/{{ item.name }}"
|
|
|
owner: root
|
|
|
group: _nsd
|
|
|
mode: 0640
|
|
|
with_items:
|
|
|
- "{{ dns_zones }}"
|
|
|
notify: reload zonefiles
|
|
|
- name: pf rules
|
|
|
lineinfile:
|
|
|
path: /etc/anchors/ansible
|
|
|
line: "{{ item }}"
|
|
|
notify: reload pf
|
|
|
with_items:
|
|
|
- "pass in inet proto udp to port 53"
|
|
|
- "pass out inet proto udp from port 53"
|
|
|
- "pass in on internal inet proto udp to port 53 rdr-to 127.0.0.1 port 5353"
|
|
|
- name: nsd started and enabled
|
|
|
service:
|
|
|
name: nsd
|
|
|
state: started
|
|
|
enabled: true
|
|
|
- name: unbound started and enabled
|
|
|
service:
|
|
|
name: unbound
|
|
|
state: started
|
|
|
enabled: true
|
|
|
|
