working version
This commit is contained in:
parent
81926ff5f9
commit
c38e166e4c
4
.ansible-lint
Normal file
4
.ansible-lint
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
skip_list:
|
||||
- '204'
|
||||
- '602'
|
|
@ -1,6 +1,6 @@
|
|||
# Ansible Role: CoreDNS
|
||||
|
||||
[![Build Status](https://travis-ci.org/cloudalchemy/ansible-coredns.svg?branch=master)](https://travis-ci.org/cloudalchemy/ansible-coredns)
|
||||
[![Build Status](https://travis-ci.com/cloudalchemy/ansible-coredns.svg?branch=master)](https://travis-ci.com/cloudalchemy/ansible-coredns)
|
||||
[![License](https://img.shields.io/badge/license-MIT%20License-brightgreen.svg)](https://opensource.org/licenses/MIT)
|
||||
[![Ansible Role](https://img.shields.io/badge/ansible%20role-cloudalchemy.coredns-blue.svg)](https://galaxy.ansible.com/cloudalchemy/coredns/)
|
||||
[![GitHub tag](https://img.shields.io/github/tag/cloudalchemy/ansible-coredns.svg)](https://github.com/cloudalchemy/ansible-coredns/tags)
|
||||
|
@ -20,9 +20,9 @@ All variables which can be overridden are stored in [defaults/main.yml](defaults
|
|||
|
||||
| Name | Default Value | Description |
|
||||
| ---------------------------- | -------------- | -----------------------------------|
|
||||
| `coredns_version` | 1.3.0 | CoreDNS package version |
|
||||
| `coredns_version` | 1.4.0 | CoreDNS package version |
|
||||
| `coredns_dns_port` | 53 | Port on which CoreDNS will listen for DNS requests |
|
||||
| `coredns_config` | | The configuration of the [Corefile](https://coredns.io/manual/toc/#configuration) |
|
||||
| `coredns_config_file` | | This should contain path to file with coredns configuration [Corefile](https://coredns.io/manual/toc/#configuration) |
|
||||
|
||||
## Example
|
||||
|
||||
|
|
22
create.sh
22
create.sh
|
@ -1,22 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# To create a new role using this skeleton fill variables and run this script. Remove this file after role creation.
|
||||
|
||||
# This variable ideally should contain the name of an application which will be deployed with ansible role.
|
||||
# Do not use whitespaces.
|
||||
APPLICATION=""
|
||||
|
||||
# Port on which your application is listening
|
||||
PORT=""
|
||||
|
||||
# Your name. Preferably your full name.
|
||||
AUTHOR=""
|
||||
|
||||
rm -rf .git
|
||||
rm README.md
|
||||
mv ROLE_README.md README.md
|
||||
mv "templates/application.service.j2" "templates/${APPLICATION}.service.j2"
|
||||
|
||||
find ./ -type f -exec sed -i "s/<<AUTHOR>>/$AUTHOR/g" {} \;
|
||||
find ./ -type f -exec sed -i "s/<<APPLICATION>>/$APPLICATION/g" {} \;
|
||||
find ./ -type f -exec sed -i "s/<<PORT>>/$PORT/g" {} \;
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
coredns_version: 1.3.0
|
||||
coredns_version: 1.4.0
|
||||
coredns_dns_port: 53
|
||||
|
||||
coredns_config_file: "/etc/coredns/Corefile"
|
||||
# Config file name, searched in ansible templates path.
|
||||
coredns_config_file: ""
|
||||
|
|
28
meta/main.yml
Normal file
28
meta/main.yml
Normal file
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
galaxy_info:
|
||||
author: Pawel Krupa, Ben Kochie
|
||||
description: CoreDNS installation
|
||||
license: MIT
|
||||
role_name: coredns
|
||||
company: none
|
||||
min_ansible_version: 2.5
|
||||
platforms:
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- bionic
|
||||
- xenial
|
||||
- name: Debian
|
||||
versions:
|
||||
- jessie
|
||||
- stretch
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
- name: Fedora
|
||||
versions:
|
||||
- 27
|
||||
galaxy_tags:
|
||||
- dns
|
||||
- system
|
||||
|
||||
dependencies: []
|
|
@ -12,42 +12,36 @@ platforms:
|
|||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: xenial
|
||||
image: paulfantom/ubuntu-molecule:16.04
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: stretch
|
||||
image: paulfantom/debian-molecule:9
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: jessie
|
||||
image: paulfantom/debian-molecule:8
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: centos7
|
||||
image: paulfantom/centos-molecule:7
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: fedora
|
||||
image: paulfantom/fedora-molecule:27
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- name: clearlinux
|
||||
image: paulfantom/clearlinux-molecule:latest
|
||||
docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
# - name: xenial
|
||||
# image: paulfantom/ubuntu-molecule:16.04
|
||||
# docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
# privileged: true
|
||||
# volumes:
|
||||
# - /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
# - name: stretch
|
||||
# image: paulfantom/debian-molecule:9
|
||||
# docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
# privileged: true
|
||||
# volumes:
|
||||
# - /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
# - name: jessie
|
||||
# image: paulfantom/debian-molecule:8
|
||||
# docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
# privileged: true
|
||||
# volumes:
|
||||
# - /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
# - name: centos7
|
||||
# image: paulfantom/centos-molecule:7
|
||||
# docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
# privileged: true
|
||||
# volumes:
|
||||
# - /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
# - name: fedora
|
||||
# image: paulfantom/fedora-molecule:27
|
||||
# docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
|
||||
# privileged: true
|
||||
# volumes:
|
||||
# - /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
provisioner:
|
||||
name: ansible
|
||||
lint:
|
||||
|
|
|
@ -2,4 +2,6 @@
|
|||
- hosts: all
|
||||
any_errors_fatal: true
|
||||
roles:
|
||||
- ansible-<<APPLICATION>>
|
||||
- ansible-coredns
|
||||
vars:
|
||||
coredns_config_file: "Corefile.example.j2"
|
||||
|
|
|
@ -1,5 +1,34 @@
|
|||
import pytest
|
||||
import os
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
||||
|
||||
|
||||
@pytest.mark.parametrize("files", [
|
||||
"/usr/local/bin/coredns",
|
||||
"/etc/coredns/Corefile",
|
||||
"/etc/systemd/system/coredns.service"
|
||||
])
|
||||
def test_files(host, files):
|
||||
f = host.file(files)
|
||||
assert f.exists
|
||||
assert f.is_file
|
||||
|
||||
|
||||
def test_user(host):
|
||||
assert host.group("coredns").exists
|
||||
assert host.user("coredns").exists
|
||||
|
||||
|
||||
def test_service(host):
|
||||
s = host.service("coredns")
|
||||
# assert s.is_enabled
|
||||
assert s.is_running
|
||||
|
||||
|
||||
def test_socket(host):
|
||||
s = host.socket("tcp://0.0.0.0:53")
|
||||
assert s.is_listening
|
||||
|
|
9
tasks/configure.yml
Normal file
9
tasks/configure.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- name: Copy configuration file
|
||||
template:
|
||||
src: "{{ coredns_config_file }}"
|
||||
dest: /etc/coredns/Corefile
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart coredns
|
|
@ -1,10 +1,4 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ coredns_dependencies }}"
|
||||
|
||||
- name: Create the coredns group
|
||||
group:
|
||||
name: "{{ coredns_system_group }}"
|
||||
|
@ -21,11 +15,19 @@
|
|||
createhome: false
|
||||
home: /
|
||||
|
||||
- name: create coredns configuration directory
|
||||
file:
|
||||
path: "/etc/coredns"
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Download coredns binary to local folder
|
||||
become: false
|
||||
get_url:
|
||||
url: "https://github.com/prometheus/coredns/releases/download/v{{ coredns_version }}/coredns-{{ coredns_version }}.linux-{{ go_arch }}.tar.gz"
|
||||
dest: "/tmp/coredns-{{ coredns_version }}.linux-{{ go_arch }}.tar.gz"
|
||||
url: "https://github.com/coredns/coredns/releases/download/v{{ coredns_version }}/coredns_{{ coredns_version }}_linux_{{ go_arch }}.tgz"
|
||||
dest: "/tmp/coredns_{{ coredns_version }}_linux_{{ go_arch }}.tgz"
|
||||
checksum: "sha256:{{ coredns_checksum }}"
|
||||
register: _download_binary
|
||||
until: _download_binary is succeeded
|
||||
|
@ -37,9 +39,9 @@
|
|||
- name: Unpack coredns binary
|
||||
become: false
|
||||
unarchive:
|
||||
src: "/tmp/coredns-{{ coredns_version }}.linux-{{ go_arch }}.tar.gz"
|
||||
dest: "/tmp/coredns-{{ coredns_version }}.linux-{{ go_arch }}/"
|
||||
creates: "/tmp/coredns-{{ coredns_version }}.linux-{{ go_arch }}/coredns"
|
||||
src: "/tmp/coredns_{{ coredns_version }}_linux_{{ go_arch }}.tgz"
|
||||
dest: "/tmp"
|
||||
creates: "/tmp/coredns"
|
||||
delegate_to: localhost
|
||||
check_mode: false
|
||||
|
||||
|
@ -51,7 +53,7 @@
|
|||
|
||||
- name: Propagate coredns binaries
|
||||
copy:
|
||||
src: "/tmp/coredns-{{ coredns_version }}.linux-{{ go_arch }}/coredns"
|
||||
src: "/tmp/coredns"
|
||||
dest: "/usr/local/bin/coredns"
|
||||
mode: 0750
|
||||
owner: "{{ coredns_system_user }}"
|
||||
|
@ -59,7 +61,7 @@
|
|||
notify: restart coredns
|
||||
when: not ansible_check_mode
|
||||
|
||||
- name: Copy the Node Exporter systemd service file
|
||||
- name: Copy the coredns systemd service file
|
||||
template:
|
||||
src: coredns.service.j2
|
||||
dest: /etc/systemd/system/coredns.service
|
||||
|
|
|
@ -1,27 +1,19 @@
|
|||
---
|
||||
- name: Gather variables for each operating system
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- "{{ ansible_distribution_file_variety | lower }}.yml"
|
||||
- "{{ ansible_distribution | lower }}.yml"
|
||||
- "{{ ansible_os_family | lower }}.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: preflight.yml
|
||||
tags:
|
||||
- install
|
||||
- configure
|
||||
- coredns_install
|
||||
- coredns_configure
|
||||
- coredns_run
|
||||
|
||||
- import_tasks: install.yml
|
||||
become: true
|
||||
tags:
|
||||
- install
|
||||
- coredns_install
|
||||
|
||||
- import_tasks: configure.yml
|
||||
become: true
|
||||
tags:
|
||||
- configure
|
||||
- coredns_configure
|
||||
|
||||
- name: Ensure CoreDNS is enabled on boot
|
||||
become: true
|
||||
|
@ -30,4 +22,4 @@
|
|||
name: coredns
|
||||
enabled: true
|
||||
tags:
|
||||
- run
|
||||
- coredns_run
|
||||
|
|
|
@ -4,12 +4,17 @@
|
|||
that:
|
||||
- "coredns_dns_port <= 65535"
|
||||
|
||||
- name: Fail on unsupported init systems
|
||||
fail:
|
||||
- name: Assert usage of systemd as an init system
|
||||
assert:
|
||||
that: ansible_service_mgr == 'systemd'
|
||||
msg: "This module only works with systemd"
|
||||
when: ansible_service_mgr != 'systemd'
|
||||
|
||||
- name: Check if source Corefile is set
|
||||
assert:
|
||||
that: coredns_config_file != ""
|
||||
msg: "variable coredns_config_file cannot be empty"
|
||||
|
||||
- name: "Get checksum for {{ go_arch }} architecture"
|
||||
set_fact:
|
||||
coredns_checksum: "{{ lookup('url', 'https://github.com/coredns/coredns/releases/download/v' + coredns_version + '/coredns_' + coredns_version + '_linux_' + go_arch + '.tgz.sha256') }}"
|
||||
coredns_checksum: "{{ lookup('url', 'https://github.com/coredns/coredns/releases/download/v' + coredns_version + '/coredns_' + coredns_version + '_linux_' + go_arch + '.tgz.sha256').split(' ')[0] }}"
|
||||
run_once: true
|
||||
|
|
4
templates/Corefile.example.j2
Normal file
4
templates/Corefile.example.j2
Normal file
|
@ -0,0 +1,4 @@
|
|||
example.org {
|
||||
whoami
|
||||
prometheus
|
||||
}
|
|
@ -17,7 +17,7 @@ NoNewPrivileges=true
|
|||
User={{ coredns_system_user }}
|
||||
Group={{ coredns_system_group }}
|
||||
ExecStart=/usr/local/bin/coredns \
|
||||
-conf {{ coredns_config_file }}
|
||||
-conf /etc/coredns/Corefile \
|
||||
-dns.port "{{ coredns_dns_port }}"
|
||||
|
||||
SyslogIdentifier=coredns
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
coredns_dependencies:
|
||||
- sysadmin-basic
|
|
@ -1,2 +0,0 @@
|
|||
---
|
||||
coredns_dependencies: []
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
coredns_dependencies:
|
||||
- libselinux-python
|
||||
- policycoreutils-python
|
Loading…
Reference in a new issue