|
|
|
---
|
|
|
|
|
|
|
|
- name: Gain TSIG key to apply DNS record changes
|
|
|
|
tsig_interpreter:
|
|
|
|
path: "{{ global_dns_session_key_path }}"
|
|
|
|
register: tsig_key
|
|
|
|
delegate_to: "{{ dns_system_domain }}"
|
|
|
|
tags:
|
|
|
|
- dns_entries
|
|
|
|
|
|
|
|
- name: Disable debug mode entries
|
|
|
|
nsupdate:
|
|
|
|
state: absent
|
|
|
|
server: "127.0.0.1" # delegated to correct system
|
|
|
|
key_algorithm: "{{ tsig_key.key_algorithm }}"
|
|
|
|
key_name: "{{ tsig_key.key_name }}"
|
|
|
|
key_secret: "{{ tsig_key.key_secret }}"
|
|
|
|
zone: "{{ dns_zone_domain }}"
|
|
|
|
record: "{{ item.domain | default('@') | domain_relative_to(debug_domain) }}."
|
|
|
|
ttl: "{{ item.ttl | default(ttl_default) }}"
|
|
|
|
type: "{{ item.type }}"
|
|
|
|
value: "{{ item.data }}"
|
|
|
|
loop: "{{ entries | dns_entries_interpreter }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.domain | default('@') | domain_relative_to(debug_domain) }} {{ item.type }}"
|
|
|
|
delegate_to: "{{ dns_system_domain }}"
|
|
|
|
when:
|
|
|
|
- delete_debug_dns_entries
|
|
|
|
tags:
|
|
|
|
- dns_entries
|
|
|
|
|
|
|
|
- name: Apply changes in DNS records
|
|
|
|
nsupdate:
|
|
|
|
server: "127.0.0.1" # delegated to correct system
|
|
|
|
key_algorithm: "{{ tsig_key.key_algorithm }}"
|
|
|
|
key_name: "{{ tsig_key.key_name }}"
|
|
|
|
key_secret: "{{ tsig_key.key_secret }}"
|
|
|
|
zone: "{{ dns_zone_domain }}"
|
|
|
|
record: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}."
|
|
|
|
ttl: "{{ item.ttl | default(ttl_default) }}"
|
|
|
|
type: "{{ item.type }}"
|
|
|
|
value: "{{ item.data }}"
|
|
|
|
loop: "{{ entries | dns_entries_interpreter }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}. {{ item.type }}"
|
|
|
|
delegate_to: "{{ dns_system_domain }}"
|
|
|
|
register: dns_entries_task
|
|
|
|
tags:
|
|
|
|
- dns_entries
|
|
|
|
|
|
|
|
- name: Wait for entries to become announced
|
|
|
|
wait_for:
|
|
|
|
timeout: 8
|
|
|
|
when: dns_entries_task.changed
|