Revert "yaml lint and quoting standardisation for bind role"

This reverts commit 6118dda7c9.
This commit is contained in:
Patrick Marchand 2019-11-26 11:48:21 -05:00
parent 6118dda7c9
commit 839db42c81
4 changed files with 99 additions and 100 deletions

View File

@ -2,8 +2,8 @@
bind_recursive_server: false
bind_authoritative_server: true
bind_chroot_set: true
bind_chroot_path: '/var/chroot-bind'
bind_systemd_service_path: '/etc/systemd/system/bind9.service'
bind_statistics_file: '/var/run/named.stats'
bind_log_file: '/var/log/bind.log'
bind_query_file: '/var/log/bind_queries.log'
bind_chroot_path: /var/chroot-bind
bind_systemd_service_path: /etc/systemd/system/bind9.service
bind_statistics_file: /var/run/named.stats
bind_log_file: /var/log/bind.log
bind_query_file: /var/log/bind_queries.log

View File

@ -1,13 +1,14 @@
---
- name: 'reload systemd'
command: 'systemctl daemon-reload'
- name: reload systemd
command: systemctl daemon-reload
- name: 'restart bind'
- name: restart bind
service:
name: 'bind9'
state: 'restarted'
name: bind9
state: restarted
- name: 'restart munin-node'
- name: restart munin-node
service:
name: 'munin-node'
state: 'restarted'
name: munin-node
state: restarted

View File

@ -1,86 +1,84 @@
---
- name: 'packages are installed'
- name: package are installed
apt:
name: '{{ item }}'
state: 'present'
state: present
with_items:
- 'bind9'
- 'dnstop'
- bind9
- dnstop
- name: 'Set bind configuration for recursive server'
- name: Set bind configuration for recursive server
template:
src: 'named.conf.options_recursive.j2'
dest: '/etc/bind/named.conf.options'
owner: 'bind'
group: 'bind'
mode: '0644'
src: named.conf.options_recursive.j2
dest: /etc/bind/named.conf.options
owner: bind
group: bind
mode: "0644"
force: true
notify: 'restart bind'
notify: restart bind
when: bind_recursive_server
- name: 'enable zones.rfc1918 for recursive server'
- name: enable zones.rfc1918 for recursive server
lineinfile:
dest: '/etc/bind/named.conf.local'
dest: /etc/bind/named.conf.local
line: 'include "/etc/bind/zones.rfc1918";'
regexp: 'zones.rfc1918'
notify: 'restart bind'
regexp: "zones.rfc1918"
notify: restart bind
when: bind_recursive_server
- name: 'Set bind configuration for authoritative server'
- name: Set bind configuration for authoritative server
template:
src: 'named.conf.options_authoritative.j2'
dest: '/etc/bind/named.conf.options'
owner: 'bind'
group: 'bind'
mode: '0644'
src: named.conf.options_authoritative.j2
dest: /etc/bind/named.conf.options
owner: bind
group: bind
mode: "0644"
force: true
notify: 'restart bind'
notify: restart bind
when: bind_authoritative_server
- name: 'Create systemd service'
- name: Create systemd service
template:
src: 'bind9.service.j2'
src: bind9.service.j2
dest: "{{ bind_systemd_service_path }}"
owner: 'root'
group: 'root'
mode: '0644'
owner: root
group: root
mode: "0644"
force: true
notify:
- 'reload systemd'
- 'restart bind'
- reload systemd
- restart bind
when: ansible_distribution_release == "jessie"
- name: 'touch /var/log/bind.log if non chroot'
- name: touch /var/log/bind.log if non chroot
file:
path: '/var/log/bind.log'
owner: 'bind'
group: 'adm'
mode: '0640'
state: 'touch'
path: /var/log/bind.log
owner: bind
group: adm
mode: "0640"
state: touch
when: not bind_chroot_set
- name: 'touch /var/log/bind_queries.log if non chroot'
- name: touch /var/log/bind_queries.log if non chroot
file:
path: '/var/log/bind_queries.log'
owner: 'bind'
group: 'adm'
mode: '0640'
state: 'touch'
path: /var/log/bind_queries.log
owner: bind
group: adm
mode: "0640"
state: touch
when: not bind_chroot_set
- name: 'send chroot-bind.sh in /root'
- name: send chroot-bind.sh in /root
copy:
src: 'chroot-bind.sh'
dest: '/root/chroot-bind.sh'
mode: '0700'
owner: 'root'
src: chroot-bind.sh
dest: /root/chroot-bind.sh
mode: "0700"
owner: root
force: true
backup: true
when: bind_chroot_set
- name: 'exec chroot-bind.sh'
command: '/root/chroot-bind.sh'
- name: exec chroot-bind.sh
command: "/root/chroot-bind.sh"
register: chrootbind_run
changed_when: false
when: bind_chroot_set
@ -89,34 +87,34 @@
var: chrootbind_run.stdout_lines
when: bind_chroot_set and chrootbind_run.stdout != ""
- name: 'Modify OPTIONS in /etc/default/bind9 for chroot'
- name: Modify OPTIONS in /etc/default/bind9 for chroot
replace:
dest: '/etc/default/bind9'
dest: /etc/default/bind9
regexp: '^OPTIONS=.*'
replace: 'OPTIONS="-u bind -t {{ bind_chroot_path }}"'
notify: 'restart bind'
notify: restart bind
when: bind_chroot_set
- name: 'logrotate for non chroot bind'
- name: logrotate for non chroot bind
template:
src: 'logrotate_bind'
dest: '/etc/logrotate.d/bind9'
owner: 'root'
group: 'root'
mode: '0644'
src: logrotate_bind
dest: /etc/logrotate.d/bind9
owner: root
group: root
mode: "0644"
force: true
notify: 'restart bind'
notify: restart bind
when: not bind_chroot_set
- name: 'logrotate for chroot bind'
- name: logrotate for chroot bind
template:
src: 'logrotate_bind_chroot.j2'
dest: '/etc/logrotate.d/bind9'
owner: 'root'
group: 'root'
mode: '0644'
src: logrotate_bind_chroot.j2
dest: /etc/logrotate.d/bind9
owner: root
group: root
mode: "0644"
force: true
notify: 'restart bind'
notify: restart bind
when: bind_chroot_set
- include: 'munin.yml'
- include: munin.yml

View File

@ -1,23 +1,23 @@
---
- name: 'is Munin present ?'
- name: is Munin present ?
stat:
path: '/etc/munin/plugin-conf.d/munin-node'
path: /etc/munin/plugin-conf.d/munin-node
check_mode: false
register: munin_node_plugins_config
tags:
- bind
- munin
- name: 'Enable munin plugins for authoritative server'
- name: Enable munin plugins for authoritative server
file:
src: "/usr/share/munin/plugins/{{ item }}"
dest: "/etc/munin/plugins/{{ item }}"
state: 'link'
state: link
with_items:
- 'bind9'
- 'bind9_rndc'
notify: 'restart munin-node'
- bind9
- bind9_rndc
notify: restart munin-node
when:
- bind_authoritative_server
- munin_node_plugins_config.stat.exists
@ -25,15 +25,15 @@
- bind
- munin
- name: 'Enable munin plugins for recursive server'
- name: Enable munin plugins for recursive server
file:
src: "/usr/share/munin/plugins/{{ item }}"
dest: "/etc/munin/plugins/{{ item }}"
state: 'link'
state: link
with_items:
- 'bind9'
- 'bind9_rndc'
notify: 'restart munin-node'
- bind9
- bind9_rndc
notify: restart munin-node
when:
- bind_recursive_server
- munin_node_plugins_config.stat.exists
@ -41,15 +41,15 @@
- bind
- munin
- name: 'Add munin plugin configuration'
- name: Add munin plugin configuration
template:
src: 'munin-env_bind9.j2'
dest: '/etc/munin/plugin-conf.d/bind9'
owner: 'root'
group: 'root'
mode: '0644'
src: munin-env_bind9.j2
dest: /etc/munin/plugin-conf.d/bind9
owner: root
group: root
mode: "0644"
force: true
notify: 'restart munin-node'
notify: restart munin-node
when: munin_node_plugins_config.stat.exists
tags:
- bind