mirror of
https://github.com/iiab/iiab.git
synced 2025-02-13 03:32:12 +00:00
Update named.yml
This commit is contained in:
A Holt
GitHub
parent
d28883dab8
commit
b3a7af09c5
1 changed files with 65 additions and 52 deletions
|
|
@ -1,6 +1,7 @@
|
||||||
- name: Install named packages (debuntu)
|
- name: Install named packages (debuntu)
|
||||||
package: name={{ item }}
|
package:
|
||||||
state=present
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- bind9
|
- bind9
|
||||||
- bind9utils
|
- bind9utils
|
||||||
|
|
@ -9,8 +10,9 @@
|
||||||
- download
|
- download
|
||||||
|
|
||||||
- name: Install named packages (OS's that are not debuntu)
|
- name: Install named packages (OS's that are not debuntu)
|
||||||
package: name={{ item }}
|
package:
|
||||||
state=present
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- bind
|
- bind
|
||||||
- bind-utils
|
- bind-utils
|
||||||
|
|
@ -20,26 +22,30 @@
|
||||||
|
|
||||||
# or we have to change the serial number in the config files.
|
# or we have to change the serial number in the config files.
|
||||||
- name: Stop named before copying files
|
- name: Stop named before copying files
|
||||||
service: name={{ dns_service }} state=stopped
|
service:
|
||||||
|
name: "{{ dns_service }}"
|
||||||
|
state: stopped
|
||||||
when: first_run and is_debuntu
|
when: first_run and is_debuntu
|
||||||
|
|
||||||
- name: Set folder permission
|
- name: Set folder permission
|
||||||
file: path={{ item }}
|
file:
|
||||||
owner={{ dns_user }}
|
path: "{{ item }}"
|
||||||
group=root
|
owner: "{{ dns_user }}"
|
||||||
mode=0755
|
group: root
|
||||||
state=directory
|
mode: 0755
|
||||||
|
state: directory
|
||||||
with_items:
|
with_items:
|
||||||
- /var/named-iiab
|
- /var/named-iiab
|
||||||
- /var/named-iiab/data
|
- /var/named-iiab/data
|
||||||
- /etc/sysconfig/olpc-scripts/domain_config.d
|
- /etc/sysconfig/olpc-scripts/domain_config.d
|
||||||
|
|
||||||
- name: Configure named
|
- name: Configure named
|
||||||
template: src={{ item.src }}
|
template:
|
||||||
dest={{ item.dest }}
|
src: "{{ item.src }}"
|
||||||
owner={{ item.owner }}
|
dest: "{{ item.dest }}"
|
||||||
group=root
|
owner: "{{ item.owner }}"
|
||||||
mode={{ item.mode }}
|
group: root
|
||||||
|
mode: "{{ item.mode }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root", mode: '0644' }
|
- { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root", mode: '0644' }
|
||||||
- { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root", mode: '0644' }
|
- { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root", mode: '0644' }
|
||||||
|
|
@ -65,31 +71,38 @@
|
||||||
- { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole', owner: "{{ dns_user }}", mode: '0644' }
|
- { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole', owner: "{{ dns_user }}", mode: '0644' }
|
||||||
|
|
||||||
- name: Substitute our unit file which uses $OPTIONS from sysconfig
|
- name: Substitute our unit file which uses $OPTIONS from sysconfig
|
||||||
template: src=roles/network/templates/named/{{ dns_service }}.service
|
template:
|
||||||
dest=/etc/systemd/system/{{ dns_service }}.service
|
src: "roles/network/templates/named/{{ dns_service }}.service"
|
||||||
mode=0644
|
dest: "/etc/systemd/system/{{ dns_service }}.service"
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: The dns-jail redirect requires the named.blackhole, disabling recursion
|
- name: The dns-jail redirect requires the named.blackhole, disabling recursion
|
||||||
# in named-iiab.conf, and the redirection of 404 error documents to /
|
# in named-iiab.conf, and the redirection of 404 error documents to /
|
||||||
template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/
|
template:
|
||||||
|
src: roles/network/templates/named/dns-jail.conf
|
||||||
|
dest: "/etc/{{ apache_config_dir }}/"
|
||||||
when: dns_jail_enabled
|
when: dns_jail_enabled
|
||||||
|
|
||||||
- name: Separate enabling required for debuntu
|
- name: Separate enabling required (debuntu)
|
||||||
file: src=/etc/{{ apache_config_dir }}/dns-jail.conf
|
file:
|
||||||
path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf
|
src: "/etc/{{ apache_config_dir }}/dns-jail.conf"
|
||||||
state=link
|
path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf"
|
||||||
|
state: link
|
||||||
when: is_debuntu and dns_jail_enabled
|
when: is_debuntu and dns_jail_enabled
|
||||||
|
|
||||||
- name: Separate enabling/disabling required (debuntu)
|
- name: Separate disabling required (debuntu)
|
||||||
file: src=/etc/{{ apache_config_dir }}/dns-jail.conf
|
file:
|
||||||
path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf
|
path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf"
|
||||||
state=absent
|
state: absent
|
||||||
when: is_debuntu and not dns_jail_enabled
|
when: is_debuntu and not dns_jail_enabled
|
||||||
|
|
||||||
- name: Separate enabling/disabling required (OS's that are not debuntu)
|
- name: Separate enabling/disabling required (OS's that are not debuntu)
|
||||||
file: path=/etc/{{ apache_config_dir }}/dns-jail.conf
|
file:
|
||||||
state=absent
|
path: "/etc/{{ apache_config_dir }}/dns-jail.conf"
|
||||||
|
state: absent
|
||||||
when: not is_debuntu and not dns_jail_enabled
|
when: not is_debuntu and not dns_jail_enabled
|
||||||
|
|
||||||
- name: Start named after copying files
|
- name: Start named after copying files
|
||||||
service: name={{ dns_service }} state=started
|
service:
|
||||||
|
name: "{{ dns_service }}"
|
||||||
|
state: started
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue