--- # These are the temporary tasks needed on various machines before classroom build is finished. - name: Fixes required on utility VM. hosts: utility.lab.example.com become: yes gather_subset: min tasks: - name: Ensure idm is in ocp4.example.com zone. ansible.builtin.lineinfile: path: /var/named/ocp4.example.com.db regex: '^idm[[:space:]]' insertafter: '.*IN NS dns\.ocp4\.example\.com\.$' line: 'idm IN A 192.168.50.40' notify: - fix forward zone serial - restart named - name: Ensure idm is in ocp4.example.com reverse zone. ansible.builtin.lineinfile: path: /var/named/ocp4.example.com.reverse.db regex: '^40[[:space:]]' insertafter: '.*IN NS dns\.ocp4\.example\.com\.$' line: '40 IN PTR idm.ocp4.example.com.' notify: - fix reverse zone serial - restart named - name: Ensure utility allows forwarding traffic from external to public/trusted zones. ansible.builtin.copy: dest: /etc/firewalld/policies/fwd-stud-to-ocp.xml mode: 0644 owner: root group: root content: | notify: - reload utility firewalld handlers: - name: reload utility firewalld ansible.builtin.service: name: firewalld state: reloaded - name: fix forward zone serial ansible.builtin.lineinfile: path: /var/named/ocp4.example.com.db regex: '.*; serial$' line: " {{ ansible_facts['date_time']['year'] }}{{ ansible_facts['date_time']['month'] }}{{ ansible_facts['date_time']['day'] }}00" - name: fix reverse zone serial ansible.builtin.lineinfile: path: /var/named/ocp4.example.com.reverse.db regex: '.*; serial$' line: " {{ ansible_facts['date_time']['year'] }}{{ ansible_facts['date_time']['month'] }}{{ ansible_facts['date_time']['day'] }}00" - name: restart named ansible.builtin.service: name: named state: restarted ...