- Manage bind config files. Zonefiles must be managed somewhere else.
- This role will solely copy the masterfiles from
bind_lookup_zones
. - Build slaves from master without configuring zones.
Lookup path for master zone files on local ansible machine, relative to playbook.
bind_lookup_zones: path/to/zones_dir
Create bind ACLs in named.conf.options
bind_acls:
v6localhost:
- ::1/128
some_random_networks:
- 8.0.0.0/8
- 169.254.0.0/16
Create dns64 clients list in named.conf.options
bind_dns64_clients:
- v6localhost
Enable the use of statistics-channels. This allows for monitoring via systems like the Prometheus bind_exporter.
bind_statistics_channels:
- inet: 127.0.0.1
port: 8053
allow:
- 127.0.0.1
Zones are defined as dict. The key is used as domain name.
secondary
is optional.type
is defaulted to "master".- When
type
is set to "slave", thesecondary
property is used as master.
bind_zones:
example.com:
secondary:
- '10.100.2.1'
type: master
foobar.com:
secondary:
- '10.100.2.3'
type: slave
Optionally: List of IP's wich are allowed to do recursive queries.
bind_recursion_allowed_clients:
- 127.0.0.1
- 127.0.0.2
Optionally: Use ipv4, ip6 or any protocols
bind_use_protocol: any
Optionally: Define listen adresses. Default: bind listens on all interfaces.
bind_listen: []
Optionally: Define forwarders. If you define forwarders but no zonefiles. Bind is setup as forwarding only.
bind_forwarders:
- 8.8.8.8
- 8.8.4.4
Optionally: Include RFC-1918 zones or not (True|False)
bind_rfc1918: any
Set bind_create_slave_from_master
to create a slave with not having to define zones.
bind_create_slave_from_master:
- master: 'master-ns'
- master_address:
- 10.100.2.20
None.
---
- hosts: bind
become: yes
roles:
- { role: netzwirt.bind }
BSD