robertdebock / ansible-role-dns Goto Github PK
View Code? Open in Web Editor NEWInstall and configure dns on your system.
Home Page: https://robertdebock.nl/
License: Apache License 2.0
Install and configure dns on your system.
Home Page: https://robertdebock.nl/
License: Apache License 2.0
Is your feature request related to a problem? Please describe.
I'm not familiar with the structure of the YAML zone file and I have trouble following the example. I wonder if we could include sample zone files for different scenarios.
Describe the solution you'd like
I would like to find a zone file similar to my use case(s) and know which items to modify to my specifics. For example, today I'm creating a home lab in a subdomain of my personal controlplane.info
domain
Or...
a link to a resource that can consume/create zone files in various formats (similar to https://github.com/barnybug/cli53 )
Or...
A filter that can read BIND txt (pandoc ?)
Or...
a link to a tutorial with a description of the structure of the file and which parts to change.
(like https://www.digitalocean.com/community/tutorials/how-to-deploy-and-manage-your-dns-using-octodns-on-ubuntu-18-04)
I don't want to create extra work, and I think this is probably only an issue for N00B users of the role.
Describe alternatives you've considered
I have tried other Ansible roles, but no one seems to have the consistency and rigor that @robertdebock provides, so I end up with a mess on my hands.
Additional context
If you tell me the kind of approach you would like to take and I find something that aligns with that, I'm happy to submit a PR.
This is the part of the of the defaults/main.yml
that I changed:
- name: lab.controlplane.info.
ttl: 600
ns:
- name: ns.lab.controlplane.info
mx:
- name: mail1.lab.controlplane.info.
priority: 10
- name: mail2.lab.controlplane.info.
priority: 20
records:
- name: ns
value: 192.168.254.27
- name: git
value: 192.168.254.19
- name: dl380
value: 192.168.254.27
- name: forwarded.lab.controlplane.info.
ns:
- name: forwarded.lab.controlplane.info.
records:
- name: ns
value: 192.168.254.27
dns_zone_forwarders:
- 9.9.9.9
- 8.8.8.8
# An optional list of acls to allow recursion. ("any" and "none" are always available.)
dns_allow_recursion:
- none
# An optional setting to forward traffic to other DNS servers.
dns_options_forwarders:
# - 1.1.1.1
- 8.8.8.8
And I got this error:
fatal: [ns]: FAILED! => {"changed": false, "checksum": "74c5e515d1ff9789e7cfa5d2528c364c5c9fdc4c", "exit_status": 1, "msg": "failed to validate", "stderr": "_default/lab.controlplane.info./IN: empty label\n_default/forwarded.lab.controlplane.info./IN: empty label\n", "stderr_lines": ["_default/lab.controlplane.info./IN: empty label", "_default/forwarded.lab.controlplane.info./IN: empty label"], "stdout": "zone localhost/IN: loaded serial 1\nzone 127.in-addr.arpa/IN: loaded serial 1\nzone 0.in-addr.arpa/IN: loaded serial 1\nzone 255.in-addr.arpa/IN: loaded serial 1\ndns_master_load: /var/named/lab.controlplane.info..conf:2: empty label\ndns_master_load: /var/named/lab.controlplane.info..conf:4: extra input text\n/var/named/lab.controlplane.info..conf:11: no current owner name\n/var/named/lab.controlplane.info..conf:13: no current owner name\n/var/named/lab.controlplane.info..conf:14: no current owner name\nzone lab.controlplane.info/IN: loading from master file /var/named/lab.controlplane.info..conf failed: empty label\nzone lab.controlplane.info/IN: not loaded due to errors.\ndns_master_load: /var/named/forwarded.lab.controlplane.info..conf:2: empty label\ndns_master_load: /var/named/forwarded.lab.controlplane.info..conf:4: extra input text\n/var/named/forwarded.lab.controlplane.info..conf:11: no current owner name\nzone forwarded.lab.controlplane.info/IN: loading from master file /var/named/forwarded.lab.controlplane.info..conf failed: empty label\nzone forwarded.lab.controlplane.info/IN: not loaded due to errors.\n", "stdout_lines": ["zone localhost/IN: loaded serial 1", "zone 127.in-addr.arpa/IN: loaded serial 1", "zone 0.in-addr.arpa/IN: loaded serial 1", "zone 255.in-addr.arpa/IN: loaded serial 1", "dns_master_load: /var/named/lab.controlplane.info..conf:2: empty label", "dns_master_load: /var/named/lab.controlplane.info..conf:4: extra input text", "/var/named/lab.controlplane.info..conf:11: no current owner name", "/var/named/lab.controlplane.info..conf:13: no current owner name", "/var/named/lab.controlplane.info..conf:14: no current owner name", "zone lab.controlplane.info/IN: loading from master file /var/named/lab.controlplane.info..conf failed: empty label", "zone lab.controlplane.info/IN: not loaded due to errors.", "dns_master_load: /var/named/forwarded.lab.controlplane.info..conf:2: empty label", "dns_master_load: /var/named/forwarded.lab.controlplane.info..conf:4: extra input text", "/var/named/forwarded.lab.controlplane.info..conf:11: no current owner name", "zone forwarded.lab.controlplane.info/IN: loading from master file /var/named/forwarded.lab.controlplane.info..conf failed: empty label", "zone forwarded.lab.controlplane.info/IN: not loaded due to errors."]}
Describe the bug
On Alpine (v3.10) the bind service is defined as named
, but the role tries to reload bind
:
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Bind/Named is started.
Error
fatal: [****.esolitos.com]: FAILED! => {"changed": false, "msg": "Error when trying to add bind: rc=1 * rc-update: service `bind' does not exist\n"}
Environment
Additional context
N/A
- ansible_version=">=2.2,<2.3"
- ansible_version=">=2.3,<2.4"
- ansible_version=">=2.4,<2.5"
Nothing worth mentioning.
Any OS
This role fails to download from an external source:
- name: get most recent version of the hints/root file
get_url:
url: ftp://ftp.internic.net/domain/named.root
dest: "{{ dns_zonesdir[ansible_distribution] | default(dns_zonesdir['default'] ) }}/named.root"
when:
- dns_caching_dns == true
notify:
reload zones
Run the role or look at https://travis-ci.org/robertdebock/ansible-role-dns/jobs/350698677
Working code.
fatal: [dns-alpine-3.6]: FAILED! => {"changed": false, "dest": "/var/named/named.root", "failed": true, "msg": "Request failed: <urlopen error ftp error: [Errno 111] Connection refused>", "state": "absent", "url": "ftp://ftp.internic.net/domain/named.root"}
Hello @robertdebock
Is it possible to configure a setup with 2 servers (master and slave) with this role ?
Is the solution to manage specific variable file for each server ?
Thanks.
I would like to be able to set up different types of zones like forward type zones. The zone type is hard coded in the template here https://github.com/robertdebock/ansible-role-dns/blob/master/templates/named.conf.j2#L60 You would also need conditionally remove the file entry since you don't need one for a forward zone
There are several more possible zone types allowed by bind. https://www.zytrax.com/books/dns/ch7/zone.html
A config like this would result in a forward only zone
- name: forwarded.example.com
type: forward
dns_zone_forwarders:
- 1.1.1.1
- 8.8.8.8
Output in named.conf
zone "forwarded.example.com" {
type forward;
forwarders {
1.1.1.1;
8.8.8.8;
};
};
It looks like the dns_options_listen_on variable doesn't work as described.
I expected I could add an IP address to this list, and it would only listen on that interface.
But an IP address can't be used as any other string than "any" or "none" are filtered.
Did I read the documentation wrong, or is this a bug?
I won't share the entire the file, but the important option is this.
....
dns_options_listen_on:
- "10.222.222.1"
....
failed: [demo_room -> localhost] (item=10.222.222.1) => {"ansible_loop_var": "item", "assertion": "item in [ \"any\", \"none\" ]", "changed": false, "evaluated_to": false, "item": "10.222.222.1", "msg": "Assertion failed"}
The README indicates that it's possible to run the tests using AWS, indicating that one should use molecule test --scenario-name ec2
, however such scenario doesn't seem to be available, only the "default" scenario (using docker) is provided.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.