playbooks/dns: Configured hetzner secondaries for banananet.work, forumderschan.de

playbooks/dns.yml

@@ -1,11 +1,30 @@
 - name: Configure nvak as dns server
   hosts: nvak.banananet.work
   vars:
+    # Source: https://docs.hetzner.com/dns-console/dns/general/authoritative-name-servers
+    hetzner_authoritatives:
+      - ns1.first-ns.de.
+      - robotns2.second-ns.de.
+      - robotns3.second-ns.com.
+    hetzner_authoritatives_ip:
+      # ns1.first-ns.de.
+      - "213.239.242.238"
+      - "2a01:4f8:0:a101::a:1"
+      # robotns2.second-ns.de.
+      - "213.133.105.6"
+      - "2a01:4f8:d0a:2004::2"
+      # robotns3.second-ns.com.
+      - "193.47.99.3"
+      - "2001:67c:192c::add:a3"
   roles:
     - role: dns/master
       domain: banananet.work
       responsible_mail_name: admin.banananet.work
+      slaves_ip: "{{ hetzner_authoritatives_ip }}"
       entries:
+        # Hetzner NS entries
+        - type: NS
+          data: "{{ hetzner_authoritatives }}"
         # limit CA
         - type: CAA
           data: 0 issue "letsencrypt.org"
@@ -22,10 +41,14 @@
     - role: dns/master
       domain: forumderschan.de
       responsible_mail_name: admin.banananet.work
+      slaves_ip: "{{ hetzner_authoritatives_ip }}"
       entries:
         # Glue record
         - type: NS
           data: ns1.banananet.work.
+        # Hetzner NS entries
+        - type: NS
+          data: "{{ hetzner_authoritatives }}"
         # limit CA
         - type: CAA
           data: 0 issue "letsencrypt.org"