65 lines
1.4 KiB
YAML
65 lines
1.4 KiB
YAML
---
|
|
- include_tasks: configure.yml
|
|
|
|
- name: "{{ role_path|basename }} | get unix time"
|
|
shell: echo $(date +%s)
|
|
register: unix_time_stamp
|
|
delegate_to: localhost
|
|
run_once: true
|
|
become: no
|
|
|
|
- name: Create config file
|
|
template:
|
|
src: nsd.conf.j2
|
|
dest: /etc/nsd/nsd.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
validate: 'nsd-checkconf %s'
|
|
notify:
|
|
- reload nsd
|
|
|
|
- name: "{{ role_path|basename }} setting execution facts"
|
|
set_fact:
|
|
serial: "{{ unix_time_stamp.stdout }}"
|
|
run_once: true
|
|
become: no
|
|
|
|
- name: Add zone
|
|
template:
|
|
src: zone.j2
|
|
dest: "/etc/nsd/zones/{{ item.name }}.zone"
|
|
mode: '0640'
|
|
owner: nsd
|
|
group: nsd
|
|
loop: "{{ dns_zones }}"
|
|
when: "dns_zones is defined"
|
|
|
|
- name: Enable NSD on boot and start it
|
|
service: name=nsd state=started enabled=yes
|
|
|
|
- name: Generate key for dnssec
|
|
shell: "/usr/local/bin/keygen {{ item.name }}"
|
|
loop: "{{ dns_zones }}"
|
|
when: "dns_zones is defined"
|
|
|
|
- name: Generate key for dnssec
|
|
shell: "/usr/local/bin/signzone {{ item.name }}"
|
|
loop: "{{ dns_zones }}"
|
|
when: "dns_zones is defined"
|
|
|
|
- name: Get ds-record
|
|
shell: "/usr/local//bin/ds-records {{ item.name }}"
|
|
loop: "{{ dns_zones }}"
|
|
when: "dns_zones is defined"
|
|
register: dsrecord
|
|
|
|
#- name: Fix permissions on /etc/nsd/zones
|
|
# file:
|
|
# path: /etc/nsd/zones
|
|
# owner: root
|
|
# group: root
|
|
# mode: 0755
|
|
# state: directory
|
|
|