From d5077ea553d273fa4ecc85ac46527c78301fc83f Mon Sep 17 00:00:00 2001
From: Felix Stupp <felix.stupp@outlook.com>
Date: Sun, 8 Nov 2020 20:34:46 +0000
Subject: [PATCH] playbooks/dns: Configured hetzner secondaries for
 banananet.work, forumderschan.de

---
 playbooks/dns.yml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/playbooks/dns.yml b/playbooks/dns.yml
index f291e20..abf2675 100644
--- a/playbooks/dns.yml
+++ b/playbooks/dns.yml
@@ -1,11 +1,30 @@
 - name: Configure nvak as dns server
   hosts: nvak.banananet.work
   vars:
+    # Source: https://docs.hetzner.com/dns-console/dns/general/authoritative-name-servers
+    hetzner_authoritatives:
+      - ns1.first-ns.de.
+      - robotns2.second-ns.de.
+      - robotns3.second-ns.com.
+    hetzner_authoritatives_ip:
+      # ns1.first-ns.de.
+      - "213.239.242.238"
+      - "2a01:4f8:0:a101::a:1"
+      # robotns2.second-ns.de.
+      - "213.133.105.6"
+      - "2a01:4f8:d0a:2004::2"
+      # robotns3.second-ns.com.
+      - "193.47.99.3"
+      - "2001:67c:192c::add:a3"
   roles:
     - role: dns/master
       domain: banananet.work
       responsible_mail_name: admin.banananet.work
+      slaves_ip: "{{ hetzner_authoritatives_ip }}"
       entries:
+        # Hetzner NS entries
+        - type: NS
+          data: "{{ hetzner_authoritatives }}"
         # limit CA
         - type: CAA
           data: 0 issue "letsencrypt.org"
@@ -22,10 +41,14 @@
     - role: dns/master
       domain: forumderschan.de
       responsible_mail_name: admin.banananet.work
+      slaves_ip: "{{ hetzner_authoritatives_ip }}"
       entries:
         # Glue record
         - type: NS
           data: ns1.banananet.work.
+        # Hetzner NS entries
+        - type: NS
+          data: "{{ hetzner_authoritatives }}"
         # limit CA
         - type: CAA
           data: 0 issue "letsencrypt.org"