45 lines
989 B
YAML
45 lines
989 B
YAML
- name: install unbound server
|
|
apt:
|
|
name: unbound
|
|
state: present
|
|
tags:
|
|
- dns
|
|
|
|
- name: configure dns
|
|
copy:
|
|
content: |
|
|
server:
|
|
access-control: {{server_net}}.0/{{server_netbits}} allow
|
|
private-domain: "{{domain_name}}"
|
|
domain-insecure: "{{domain_name}}"
|
|
|
|
interface: 0.0.0.0
|
|
|
|
local-zone: "{{domain_name}}." static
|
|
local-data: "{{server_name}}.{{domain_name}}. IN A {{server_ip}}"
|
|
local-data: "apt.{{server_name}}.{{domain_name}}. IN A {{server_ip}}"
|
|
local-data: "monserver.{{domain_name}} IN A {{server_ip}}"
|
|
dest: /etc/unbound/unbound.conf.d/fai.conf
|
|
mode: 0644
|
|
owner: root
|
|
group: root
|
|
register: unbound_conf
|
|
tags:
|
|
- dns
|
|
|
|
- name: ensure unbound is enabled and running
|
|
service:
|
|
name: unbound
|
|
state: started
|
|
enabled: true
|
|
tags:
|
|
- dns
|
|
|
|
- name: apply dns config
|
|
systemd:
|
|
name: unbound
|
|
state: restarted
|
|
when: unbound_conf.changed
|
|
tags:
|
|
- dns
|