| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- ---
- # Deploys the infrastructure modifications needed to support SNOx node installation:
- #
- # - DNS zone files
- # - DNS zone configuration
- # - bastion zone delegation
- # - DHCP server modifications
- #
- # REQUIRES:
- # - variable "node" according to vms structure
- #
- - name: Publish forward DNS zone
- template:
- src: templates/sno.zone.j2
- dest: /var/named/{{ node.cluster }}.example.com.zone
- mode: 0640
- owner: root
- group: named
- notify:
- - reload_named
- - name: Configure DNS to load the published zone
- lineinfile:
- path: /etc/named.conf
- insertafter: "^# BEGIN ANSIBLE MANAGED DNS ZONES$"
- regexp: '^zone "{{ node.cluster }}.example.com"'
- line: 'zone "{{ node.cluster }}.example.com" { type master; file "{{ node.cluster }}.example.com.zone"; allow-update { none; }; };'
- state: present
- notify:
- - reload_named
- - name: Update reverse DNS zone
- lineinfile:
- path: /var/named/50.168.192.in-addr.arpa.zone
- insertafter: "^; BEGIN DYNAMIC 50 rZONE RECORDS$"
- regexp: "^{{ node.ip | regex_replace('^192.168.50.', '') }}"
- line: "{{ node.ip | regex_replace('^192.168.50.', '') }} IN PTR {{ node.name }}.{{ node.cluster }}.example.com."
- state: present
- register: zoneupdate
- #- name: Extract the serial if rzone was updated
- #- name: Bump up the serial if rzone was updated
- # TODO: delegate zone on bastion
- # TODO: make sure DHCP server recognizes us
- ...
|
