From eb632a8f2c7f3eb28094ccfa40035cc1d45d781f Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Mon, 18 May 2020 12:38:03 +0200 Subject: [PATCH] dns/master: Store mapping of domain to host in public_keys --- group_vars/all/vars.yml | 2 ++ playbooks/local.yml | 1 + roles/dns/master/defaults/main.yml | 2 ++ roles/dns/master/tasks/main.yml | 9 +++++++++ 4 files changed, 14 insertions(+) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 2626e38..8edb7ce 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -35,6 +35,8 @@ global_socket_directory: "/var/run" global_credentials_directory: "credentials" global_public_key_directory: "public_keys" +global_dns_list_directory: "{{ global_public_key_directory }}/dns" + global_ssh_key_directory: "{{ global_public_key_directory }}/ssh" global_ssh_host_key_directory: "{{ global_ssh_key_directory }}/hosts" diff --git a/playbooks/local.yml b/playbooks/local.yml index b6f5c37..fc77082 100644 --- a/playbooks/local.yml +++ b/playbooks/local.yml @@ -15,6 +15,7 @@ loop: - "{{ global_credentials_directory }}" - "{{ global_public_key_directory }}" + - "{{ global_dns_list_directory }}" - "{{ global_ssh_key_directory }}" - "{{ global_ssh_host_key_directory }}" - "{{ global_wireguard_private_directory }}" diff --git a/roles/dns/master/defaults/main.yml b/roles/dns/master/defaults/main.yml index 21f07c0..0fc3905 100644 --- a/roles/dns/master/defaults/main.yml +++ b/roles/dns/master/defaults/main.yml @@ -8,6 +8,8 @@ database_file: "{{ domain_directory }}/{{ zones_environment_database_name }}" keys_directory: "{{ domain_directory }}/keys" domain_environment_directory: "{{ zones_environment_directory }}/{{ domain }}" +dns_list_file: "{{ global_dns_list_directory }}/{{ domain }}" + dnssec_algorithm: "RSASHA512" dnssec_key_length: "4096" diff --git a/roles/dns/master/tasks/main.yml b/roles/dns/master/tasks/main.yml index 84025f6..8038b26 100644 --- a/roles/dns/master/tasks/main.yml +++ b/roles/dns/master/tasks/main.yml @@ -1,5 +1,14 @@ --- +- name: Store mapping for dns server in local list + copy: + content: "{{ inventory_hostname }}\n" + dest: "{{ dns_list_file }}" + owner: "{{ local_user }}" + group: "{{ local_user }}" + mode: "u=rw,g=r,o=" + delegate_to: localhost + - name: Create zone directory writeable file: path: "{{ domain_directory }}"