From 358c614ad3ebf73660503d8f6546eb29901014f3 Mon Sep 17 00:00:00 2001 From: rubenb Date: Wed, 22 May 2024 17:04:42 +0200 Subject: [PATCH] add rol nsupdate --- linux-config-nsupdate.yaml | 12 ++++++++++++ roles/config-nsupdate/tasks/main.yaml | 19 +++++++++++++++++++ roles/config-nsupdate/vars/main.yaml | 9 +++++++++ 3 files changed, 40 insertions(+) create mode 100644 linux-config-nsupdate.yaml create mode 100644 roles/config-nsupdate/tasks/main.yaml create mode 100644 roles/config-nsupdate/vars/main.yaml diff --git a/linux-config-nsupdate.yaml b/linux-config-nsupdate.yaml new file mode 100644 index 0000000..bb224cc --- /dev/null +++ b/linux-config-nsupdate.yaml @@ -0,0 +1,12 @@ +--- + +- hosts: ns1 + become: yes + become_method: sudo + gather_facts: no + + tasks: + + - name: "[CONFIG NSUPDATE] configure zone with NSUPDATE" + import_role: + name: config-nsupdate \ No newline at end of file diff --git a/roles/config-nsupdate/tasks/main.yaml b/roles/config-nsupdate/tasks/main.yaml new file mode 100644 index 0000000..4dd3190 --- /dev/null +++ b/roles/config-nsupdate/tasks/main.yaml @@ -0,0 +1,19 @@ +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# Configure zones on bind9 with NSUPDATE +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# Add and update DNS records on bind9 with NSUPDATE +- name: Add or modify DNS records A to some IP + community.general.nsupdate: + key_name: "rndc-key" + key_secret: "{{ bind9secretkey_password }}" + key_algorithm: "hmac-md5" + server: "ns1.verdnatura.es" + zone: "{{ zone_record }}" + record: "{{ name_record }}" + ttl: "{{ ttl_record }}" + type: "{{ type_record }}" + value: "{{ value_record }}" + state: "{{ state_record }}" +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ diff --git a/roles/config-nsupdate/vars/main.yaml b/roles/config-nsupdate/vars/main.yaml new file mode 100644 index 0000000..a11cf20 --- /dev/null +++ b/roles/config-nsupdate/vars/main.yaml @@ -0,0 +1,9 @@ +--- +# vars file +bind9secretkey_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 36386562613235363931396632656535383336313537636431643338353438313231623839313031 + 3830616135393732353265666664353963393366343461630a633365396165653761353762383739 + 66303862376465626435633964313237643230653463353662343831646464633639383336323863 + 6139333234386565620a653438613165626131653834633931343766343162653932373161653362 + 38303139333536656263656163623333313234393666353766363565633732366165