Giter VIP home page Giter VIP logo

ansible-role-dns's Issues

[DOC] Provide more guidance on zone files

Is your feature request related to a problem? Please describe.

I'm not familiar with the structure of the YAML zone file and I have trouble following the example. I wonder if we could include sample zone files for different scenarios.

Describe the solution you'd like

I would like to find a zone file similar to my use case(s) and know which items to modify to my specifics. For example, today I'm creating a home lab in a subdomain of my personal controlplane.info domain

Or...
a link to a resource that can consume/create zone files in various formats (similar to https://github.com/barnybug/cli53 )

Or...
A filter that can read BIND txt (pandoc ?)

Or...
a link to a tutorial with a description of the structure of the file and which parts to change.
(like https://www.digitalocean.com/community/tutorials/how-to-deploy-and-manage-your-dns-using-octodns-on-ubuntu-18-04)

I don't want to create extra work, and I think this is probably only an issue for N00B users of the role.

Describe alternatives you've considered
I have tried other Ansible roles, but no one seems to have the consistency and rigor that @robertdebock provides, so I end up with a mess on my hands.

Additional context

If you tell me the kind of approach you would like to take and I find something that aligns with that, I'm happy to submit a PR.

This is the part of the of the defaults/main.yml that I changed:

  - name: lab.controlplane.info.
    ttl: 600
    ns:
      - name: ns.lab.controlplane.info
    mx:
      - name: mail1.lab.controlplane.info.
        priority: 10
      - name: mail2.lab.controlplane.info.
        priority: 20
    records:
      - name: ns
        value: 192.168.254.27
      - name: git
        value: 192.168.254.19
      - name: dl380
        value: 192.168.254.27
  - name: forwarded.lab.controlplane.info.
    ns:
      - name: forwarded.lab.controlplane.info.
    records:
      - name: ns
        value: 192.168.254.27
    dns_zone_forwarders:
      - 9.9.9.9
      - 8.8.8.8
# An optional list of acls to allow recursion. ("any" and "none" are always available.)
dns_allow_recursion:
  - none
# An optional setting to forward traffic to other DNS servers.
dns_options_forwarders:
#   - 1.1.1.1
  - 8.8.8.8

And I got this error:

fatal: [ns]: FAILED! => {"changed": false, "checksum": "74c5e515d1ff9789e7cfa5d2528c364c5c9fdc4c", "exit_status": 1, "msg": "failed to validate", "stderr": "_default/lab.controlplane.info./IN: empty label\n_default/forwarded.lab.controlplane.info./IN: empty label\n", "stderr_lines": ["_default/lab.controlplane.info./IN: empty label", "_default/forwarded.lab.controlplane.info./IN: empty label"], "stdout": "zone localhost/IN: loaded serial 1\nzone 127.in-addr.arpa/IN: loaded serial 1\nzone 0.in-addr.arpa/IN: loaded serial 1\nzone 255.in-addr.arpa/IN: loaded serial 1\ndns_master_load: /var/named/lab.controlplane.info..conf:2: empty label\ndns_master_load: /var/named/lab.controlplane.info..conf:4: extra input text\n/var/named/lab.controlplane.info..conf:11: no current owner name\n/var/named/lab.controlplane.info..conf:13: no current owner name\n/var/named/lab.controlplane.info..conf:14: no current owner name\nzone lab.controlplane.info/IN: loading from master file /var/named/lab.controlplane.info..conf failed: empty label\nzone lab.controlplane.info/IN: not loaded due to errors.\ndns_master_load: /var/named/forwarded.lab.controlplane.info..conf:2: empty label\ndns_master_load: /var/named/forwarded.lab.controlplane.info..conf:4: extra input text\n/var/named/forwarded.lab.controlplane.info..conf:11: no current owner name\nzone forwarded.lab.controlplane.info/IN: loading from master file /var/named/forwarded.lab.controlplane.info..conf failed: empty label\nzone forwarded.lab.controlplane.info/IN: not loaded due to errors.\n", "stdout_lines": ["zone localhost/IN: loaded serial 1", "zone 127.in-addr.arpa/IN: loaded serial 1", "zone 0.in-addr.arpa/IN: loaded serial 1", "zone 255.in-addr.arpa/IN: loaded serial 1", "dns_master_load: /var/named/lab.controlplane.info..conf:2: empty label", "dns_master_load: /var/named/lab.controlplane.info..conf:4: extra input text", "/var/named/lab.controlplane.info..conf:11: no current owner name", "/var/named/lab.controlplane.info..conf:13: no current owner name", "/var/named/lab.controlplane.info..conf:14: no current owner name", "zone lab.controlplane.info/IN: loading from master file /var/named/lab.controlplane.info..conf failed: empty label", "zone lab.controlplane.info/IN: not loaded due to errors.", "dns_master_load: /var/named/forwarded.lab.controlplane.info..conf:2: empty label", "dns_master_load: /var/named/forwarded.lab.controlplane.info..conf:4: extra input text", "/var/named/forwarded.lab.controlplane.info..conf:11: no current owner name", "zone forwarded.lab.controlplane.info/IN: loading from master file /var/named/forwarded.lab.controlplane.info..conf failed: empty label", "zone forwarded.lab.controlplane.info/IN: not loaded due to errors."]}

Wrong service name on Alpine 3.10

Describe the bug

On Alpine (v3.10) the bind service is defined as named, but the role tries to reload bind:

To Reproduce
Steps to reproduce the behavior:

  1. Run this role against an alpine (3.10, haven't tested other versions) host.
  2. See error below

Expected behavior
Bind/Named is started.

Error

fatal: [****.esolitos.com]: FAILED! => {"changed": false, "msg": "Error when trying to add bind: rc=1  * rc-update: service `bind' does not exist\n"}

Environment

  • Control node OS: Debian 9
  • Control node Ansible version: 2.8.5
  • Managed node OS: Alpine 3.10

Additional context
N/A

Build fails: Connection refused

ISSUE TYPE
  • Bug Report
ANSIBLE VERSION
  - ansible_version=">=2.2,<2.3"
  - ansible_version=">=2.3,<2.4"
  - ansible_version=">=2.4,<2.5"
CONFIGURATION

Nothing worth mentioning.

OS / ENVIRONMENT

Any OS

SUMMARY

This role fails to download from an external source:

- name: get most recent version of the hints/root file
  get_url:
    url: ftp://ftp.internic.net/domain/named.root
    dest: "{{ dns_zonesdir[ansible_distribution] | default(dns_zonesdir['default'] ) }}/named.root"
  when:
    - dns_caching_dns == true
  notify:
    reload zones
STEPS TO REPRODUCE

Run the role or look at https://travis-ci.org/robertdebock/ansible-role-dns/jobs/350698677

EXPECTED RESULTS

Working code.

ACTUAL RESULTS
    fatal: [dns-alpine-3.6]: FAILED! => {"changed": false, "dest": "/var/named/named.root", "failed": true, "msg": "Request failed: <urlopen error ftp error: [Errno 111] Connection refused>", "state": "absent", "url": "ftp://ftp.internic.net/domain/named.root"}

Add ability to set zone type

I would like to be able to set up different types of zones like forward type zones. The zone type is hard coded in the template here https://github.com/robertdebock/ansible-role-dns/blob/master/templates/named.conf.j2#L60 You would also need conditionally remove the file entry since you don't need one for a forward zone

There are several more possible zone types allowed by bind. https://www.zytrax.com/books/dns/ch7/zone.html

A config like this would result in a forward only zone

  - name: forwarded.example.com
    type: forward
    dns_zone_forwarders:
      - 1.1.1.1
      - 8.8.8.8

Output in named.conf

zone "forwarded.example.com" {
  type forward;
  forwarders {
    1.1.1.1;
    8.8.8.8;
  };
};

dns_options_listen_on doesnt allow IP address as input

Describe the bug

It looks like the dns_options_listen_on variable doesn't work as described.
I expected I could add an IP address to this list, and it would only listen on that interface.
But an IP address can't be used as any other string than "any" or "none" are filtered.
Did I read the documentation wrong, or is this a bug?

Playbook

I won't share the entire the file, but the important option is this.

....
dns_options_listen_on:
  - "10.222.222.1"
....

Output

failed: [demo_room -> localhost] (item=10.222.222.1) => {"ansible_loop_var": "item", "assertion": "item in [ \"any\", \"none\" ]", "changed": false, "evaluated_to": false, "item": "10.222.222.1", "msg": "Assertion failed"}

Environment

  • Control node OS: Ubuntu 22.04.1 LTS
  • Control node Ansible version: 2.13.4
  • Managed node OS: Ubuntu 22.04.1 LTS

Molecule: missing scenario "ec2"

The README indicates that it's possible to run the tests using AWS, indicating that one should use molecule test --scenario-name ec2, however such scenario doesn't seem to be available, only the "default" scenario (using docker) is provided.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.