--- # Deploys the infrastructure modifications needed to support SNOx node installation: # # - DNS zone files # - DNS zone configuration # - bastion zone delegation # - DHCP server modifications # # REQUIRES: # - variable "node" according to vms structure # - name: Publish forward DNS zone template: src: templates/sno.zone.j2 dest: /var/named/{{ node.cluster }}.example.com.zone mode: 0640 owner: root group: named notify: - reload_named - name: Configure DNS to load the published zone lineinfile: path: /etc/named.conf insertafter: "^# BEGIN ANSIBLE MANAGED DNS ZONES$" regexp: '^zone "{{ node.cluster }}.example.com"' line: 'zone "{{ node.cluster }}.example.com" { type master; file "{{ node.cluster }}.example.com.zone"; allow-update { none; }; };' state: present notify: - reload_named - name: Update reverse DNS zone lineinfile: path: /var/named/50.168.192.in-addr.arpa.zone insertafter: "^; BEGIN DYNAMIC 50 rZONE RECORDS$" regexp: "^{{ node.ip | regex_replace('^192.168.50.', '') }}" line: "{{ node.ip | regex_replace('^192.168.50.', '') }} IN PTR {{ node.name }}.{{ node.cluster }}.example.com." state: present register: zoneupdate # TODO #- name: Extract the serial if rzone was updated #- name: Bump up the serial if rzone was updated - name: Delegate the new zone to utility from bastion delegate_to: bastion.lab.example.com template: src: templates/dnsmasq.conf.j2 dest: /etc/dnsmasq.d/{{ node.cluster }}.conf mode: 0644 owner: root group: root notify: restart_bastion_dnsmasq - name: Make sure DHCP server recognizes us lineinfile: path: /etc/dhcp/dhcpd.conf insertafter: "^# BEGIN ANSIBLE MANAGED DHCP CONFIG$" regexp: "hardware ethernet {{ node.mac | regex_replace('^01-', '') | regex_replace('-', ':') }}" line: 'host {{ node.name }}-{{ node.cluster }} { hardware ethernet {{ node.mac | regex_replace("^01-", "") | regex_replace("-", ":") }}; fixed-address {{ node.ip }}; option host-name "{{ node.name }}.{{ node.cluster }}.example.com."; }' state: present notify: restart_dhcpd ...