From e6900dc4ae537851a992d43ca62ee9b3df867eb6 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Mon, 5 Aug 2019 18:14:21 +0200 Subject: [PATCH] Replace bind-caching-server with the more generic bind-nameserver. --- .../defaults/main.yml | 26 ++++++++++++++++++- .../handlers/main.yml | 0 .../tasks/deb-caching-nameserver.yml | 9 +++++++ .../tasks/deb-nameserver.yml} | 9 ++----- library/roles/bind-nameserver/tasks/main.yml | 8 ++++++ .../named.conf.caching-nameserver.options.j2} | 0 6 files changed, 44 insertions(+), 8 deletions(-) rename library/roles/{bind-caching-server => bind-nameserver}/defaults/main.yml (51%) rename library/roles/{bind-caching-server => bind-nameserver}/handlers/main.yml (100%) create mode 100644 library/roles/bind-nameserver/tasks/deb-caching-nameserver.yml rename library/roles/{bind-caching-server/tasks/main.yml => bind-nameserver/tasks/deb-nameserver.yml} (74%) create mode 100644 library/roles/bind-nameserver/tasks/main.yml rename library/roles/{bind-caching-server/templates/named.conf.options.j2 => bind-nameserver/templates/named.conf.caching-nameserver.options.j2} (100%) diff --git a/library/roles/bind-caching-server/defaults/main.yml b/library/roles/bind-nameserver/defaults/main.yml similarity index 51% rename from library/roles/bind-caching-server/defaults/main.yml rename to library/roles/bind-nameserver/defaults/main.yml index 91be4a42..f8b9cefa 100644 --- a/library/roles/bind-caching-server/defaults/main.yml +++ b/library/roles/bind-nameserver/defaults/main.yml @@ -8,6 +8,31 @@ bind_pkg_list: - '{{ bind_pkg_n }}-host' - '{{ bind_pkg_n }}utils' +bind_user: bind +bind_group: bind +bind_config_path: '/etc/bind' +bind_cache_dir: '/var/cache/bind' + +# RH/CentOS. We do not handle that yet +bind_use_chroot_on_rh: True +bind_chroot_base: /var/named/chroot +bind_service_enabled: True +bind_rh_config_path: '/etc' +bind_rh_user: named +bind_rh_group: named + +bind_rh_packages: + - bind + - bind-license + - bind-utils + +bind_rh_chroot_packages: + - bind-chroot + - bind-license + - bind-utils + +# These options are meant for the caching nameserver configuration +bind_caching_nameserver: False bind_allowed_query_acl: - '{{ ansible_default_ipv4.address }}' @@ -19,7 +44,6 @@ bind_forwarders_list: bind_listen_on_ipv4: True bind_listen_on_ipv6: - any -bind_cache_dir: /var/cache/bind bind_dnssec_enabled: False bind_dnssec_validation: auto # Default: 1 week diff --git a/library/roles/bind-caching-server/handlers/main.yml b/library/roles/bind-nameserver/handlers/main.yml similarity index 100% rename from library/roles/bind-caching-server/handlers/main.yml rename to library/roles/bind-nameserver/handlers/main.yml diff --git a/library/roles/bind-nameserver/tasks/deb-caching-nameserver.yml b/library/roles/bind-nameserver/tasks/deb-caching-nameserver.yml new file mode 100644 index 00000000..cfb0f86d --- /dev/null +++ b/library/roles/bind-nameserver/tasks/deb-caching-nameserver.yml @@ -0,0 +1,9 @@ +--- +- block: + - name: Install the bind caching configuration, we are going to run a caching nameserver + template: src=named.conf.caching-nameserver.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=0640 + notify: reload bind + + when: bind_enabled + tags: [ 'bind', 'caching_nameserver' ] + diff --git a/library/roles/bind-caching-server/tasks/main.yml b/library/roles/bind-nameserver/tasks/deb-nameserver.yml similarity index 74% rename from library/roles/bind-caching-server/tasks/main.yml rename to library/roles/bind-nameserver/tasks/deb-nameserver.yml index 8aed3e4f..c53cf345 100644 --- a/library/roles/bind-caching-server/tasks/main.yml +++ b/library/roles/bind-nameserver/tasks/deb-nameserver.yml @@ -1,13 +1,9 @@ --- - block: - - name: Install the bind packages + - name: Install the bind packages on deb based systems apt: pkg={{ item }} state={{ bind_pkg_state }} update_cache=yes cache_valid_time=1800 with_items: '{{ bind_pkg_list }}' - - name: Install the bind configuration - template: src=named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=0640 - notify: reload bind - - name: Ensure that the bind service is running and enabled service: name=bind9 state=started enabled=yes @@ -22,10 +18,9 @@ - name: Ensure that the bind service is stopped and disabled service: name=bind9 state=stopped enabled=no - - name: Remove the bind packages + - name: Remove the bind packages on deb based systems apt: pkg={{ item }} state=absent with_items: '{{ bind_pkg_list }}' when: not bind_install tags: [ 'bind', 'caching_nameserver' ] - diff --git a/library/roles/bind-nameserver/tasks/main.yml b/library/roles/bind-nameserver/tasks/main.yml new file mode 100644 index 00000000..1edd8b8a --- /dev/null +++ b/library/roles/bind-nameserver/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- import_tasks: deb-nameserver.yml + when: ansible_distribution_file_variety == "Debian" + +- import_tasks: deb-caching-nameserver.yml + when: + - ansible_distribution_file_variety == "Debian" + - bind_caching_nameserver diff --git a/library/roles/bind-caching-server/templates/named.conf.options.j2 b/library/roles/bind-nameserver/templates/named.conf.caching-nameserver.options.j2 similarity index 100% rename from library/roles/bind-caching-server/templates/named.conf.options.j2 rename to library/roles/bind-nameserver/templates/named.conf.caching-nameserver.options.j2