You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
172 lines
3.8 KiB
172 lines
3.8 KiB
2 years ago
|
- name: install powerdns
|
||
|
community.general.apk:
|
||
|
name: pdns,pdns-openrc,pdns-backend-pgsql
|
||
|
|
||
|
|
||
|
- name: install powerdns docs for db init scripts
|
||
|
community.general.apk:
|
||
|
name: pdns-doc
|
||
|
|
||
|
|
||
|
- name: set powerdns to start on boot
|
||
|
service:
|
||
|
name: pdns
|
||
|
enabled: yes
|
||
|
|
||
|
|
||
|
- name: create config directory
|
||
|
file:
|
||
|
path: /etc/pdns
|
||
|
state: directory
|
||
|
owner: pdns
|
||
|
group: pdns
|
||
|
mode: 0750
|
||
|
|
||
|
|
||
|
- name: create include directory
|
||
|
file:
|
||
|
path: /etc/pdns/custom
|
||
|
state: directory
|
||
|
owner: pdns
|
||
|
group: pdns
|
||
|
mode: 0750
|
||
|
|
||
|
|
||
|
- name: template pdns config
|
||
|
template:
|
||
|
src: custom.j2
|
||
|
dest: /etc/pdns/custom/custom.conf
|
||
|
force: yes
|
||
|
owner: pdns
|
||
|
group: pdns
|
||
|
mode: 0640
|
||
|
|
||
|
|
||
|
- name: add include-dir to default pdns config
|
||
|
lineinfile:
|
||
|
path: /etc/pdns/pdns.conf
|
||
|
line: "include-dir=/etc/pdns/custom"
|
||
|
create: yes
|
||
|
owner: pdns
|
||
|
group: pdns
|
||
|
mode: 0640
|
||
|
|
||
|
- name: remove bad lines from default pdns config
|
||
|
lineinfile:
|
||
|
path: /etc/pdns/pdns.conf
|
||
|
regex: "{{ item }}"
|
||
|
state: absent
|
||
|
loop:
|
||
|
- "^use-logfile="
|
||
|
- "^wildcards="
|
||
|
|
||
|
|
||
|
- block:
|
||
|
- name: check if records table is missing (meaning the db is probably empty)
|
||
|
community.postgresql.postgresql_query:
|
||
|
db: "{{ db_name | mandatory }}"
|
||
|
query: SELECT to_regclass('public.records');
|
||
|
register: db_result
|
||
|
changed_when: False
|
||
|
|
||
|
- name: set db_is_empty fact
|
||
|
set_fact:
|
||
|
db_is_empty: "{{ (db_result.query_result is defined) and (db_result.query_result[0].to_regclass is none) }}"
|
||
|
delegate_to: postgres
|
||
|
|
||
|
|
||
|
|
||
|
- name: fetch script from ns to ansible
|
||
|
fetch:
|
||
|
src: /usr/share/doc/pdns/schema.pgsql.sql
|
||
|
dest: /tmp/
|
||
|
flat: yes
|
||
|
register: fetched
|
||
|
when: db_is_empty
|
||
|
|
||
|
|
||
|
- block:
|
||
|
- name: create temporary file on postgres for holding the script
|
||
|
tempfile:
|
||
|
state: file
|
||
|
register: tf
|
||
|
|
||
|
- name: upload script
|
||
|
copy:
|
||
|
src: "{{ fetched.dest }}"
|
||
|
dest: "{{ tf.path }}"
|
||
|
force: yes
|
||
|
|
||
|
- name: execute script
|
||
|
community.postgresql.postgresql_query:
|
||
|
db: "{{ db_name | mandatory }}"
|
||
|
path_to_script: "{{ tf.path }}"
|
||
|
as_single_query: no
|
||
|
|
||
|
- name: remove temp script
|
||
|
file:
|
||
|
path: "{{ tf.path }}"
|
||
|
state: absent
|
||
|
|
||
|
when: db_is_empty
|
||
|
delegate_to: postgres
|
||
|
|
||
|
|
||
|
- name: remove fetched script
|
||
|
file:
|
||
|
path: "{{ fetched.dest }}"
|
||
|
state: absent
|
||
|
when: db_is_empty
|
||
|
|
||
|
|
||
|
- name: add default zones for all branches (+ root)
|
||
|
command:
|
||
|
cmd: "pdnsutil create-zone {% if item != 'root' %}{{ item }}.{% endif %}{{ corp_tld }} {{ ct_hostname }}.{{ corp_tld }}"
|
||
|
register: res
|
||
|
changed_when: (res.rc == 0) and ("Creating empty zone" in res.stderr)
|
||
|
failed_when: (res.rc != 0) and ("exists already" not in res.stderr)
|
||
|
loop:
|
||
|
"{{ corp_branches | default([]) + ['root'] }}"
|
||
|
|
||
|
|
||
|
- name: prepare list of NS records for subzones
|
||
|
set_fact:
|
||
|
ns_subs: "{{ ns_subs | default([]) + [{ 'zone': item, 'name': '@', 'type': 'NS', 'value': ct_hostname ~ '.' ~ corp_tld }] }}"
|
||
|
loop: "{{ corp_branches | default([]) }}"
|
||
|
|
||
|
|
||
|
- name: ensure NS records in subzones exist
|
||
|
include_tasks: ns_items.yml
|
||
|
loop: "{{ ns_subs | default([]) }}"
|
||
|
|
||
|
|
||
|
- name: ensure NS record in root zone exists
|
||
|
include_tasks: ns_items.yml
|
||
|
vars:
|
||
|
item: { 'zone': 'root', 'name': '@', 'type': 'NS', 'value': "{{ ct_hostname }}.{{ corp_tld }}" }
|
||
|
|
||
|
|
||
|
- name: prepare list of NS delegated records for root zone
|
||
|
set_fact:
|
||
|
ns_delegated: "{{ ns_delegated | default([]) + [{ 'zone': 'root', 'name': item, 'type': 'NS', 'value': ct_hostname ~ '.' ~ corp_tld }] }}"
|
||
|
loop: "{{ corp_branches | default([]) }}"
|
||
|
|
||
|
|
||
|
- name: ensure NS delegated records exist in root zone
|
||
|
include_tasks: ns_items.yml
|
||
|
loop: "{{ ns_delegated | default([]) }}"
|
||
|
|
||
|
|
||
|
- name: rectify all zones
|
||
|
command:
|
||
|
cmd: "pdnsutil rectify-all-zones"
|
||
|
register: res2
|
||
|
changed_when: False
|
||
|
failed_when: res2.rc != 0
|
||
|
|
||
|
|
||
|
- name: start powerdns
|
||
|
service:
|
||
|
name: pdns
|
||
|
state: started
|