Revert "yaml lint and quoting standardisation for bind role"
This reverts commit 6118dda7c9
.
This commit is contained in:
parent
6118dda7c9
commit
839db42c81
|
@ -2,8 +2,8 @@
|
|||
bind_recursive_server: false
|
||||
bind_authoritative_server: true
|
||||
bind_chroot_set: true
|
||||
bind_chroot_path: '/var/chroot-bind'
|
||||
bind_systemd_service_path: '/etc/systemd/system/bind9.service'
|
||||
bind_statistics_file: '/var/run/named.stats'
|
||||
bind_log_file: '/var/log/bind.log'
|
||||
bind_query_file: '/var/log/bind_queries.log'
|
||||
bind_chroot_path: /var/chroot-bind
|
||||
bind_systemd_service_path: /etc/systemd/system/bind9.service
|
||||
bind_statistics_file: /var/run/named.stats
|
||||
bind_log_file: /var/log/bind.log
|
||||
bind_query_file: /var/log/bind_queries.log
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
---
|
||||
- name: 'reload systemd'
|
||||
command: 'systemctl daemon-reload'
|
||||
- name: reload systemd
|
||||
command: systemctl daemon-reload
|
||||
|
||||
- name: 'restart bind'
|
||||
- name: restart bind
|
||||
service:
|
||||
name: 'bind9'
|
||||
state: 'restarted'
|
||||
name: bind9
|
||||
state: restarted
|
||||
|
||||
- name: 'restart munin-node'
|
||||
- name: restart munin-node
|
||||
service:
|
||||
name: 'munin-node'
|
||||
state: 'restarted'
|
||||
name: munin-node
|
||||
state: restarted
|
||||
|
||||
|
|
|
@ -1,86 +1,84 @@
|
|||
---
|
||||
|
||||
- name: 'packages are installed'
|
||||
- name: package are installed
|
||||
apt:
|
||||
name: '{{ item }}'
|
||||
state: 'present'
|
||||
state: present
|
||||
with_items:
|
||||
- 'bind9'
|
||||
- 'dnstop'
|
||||
- bind9
|
||||
- dnstop
|
||||
|
||||
- name: 'Set bind configuration for recursive server'
|
||||
- name: Set bind configuration for recursive server
|
||||
template:
|
||||
src: 'named.conf.options_recursive.j2'
|
||||
dest: '/etc/bind/named.conf.options'
|
||||
owner: 'bind'
|
||||
group: 'bind'
|
||||
mode: '0644'
|
||||
src: named.conf.options_recursive.j2
|
||||
dest: /etc/bind/named.conf.options
|
||||
owner: bind
|
||||
group: bind
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify: 'restart bind'
|
||||
notify: restart bind
|
||||
when: bind_recursive_server
|
||||
|
||||
- name: 'enable zones.rfc1918 for recursive server'
|
||||
- name: enable zones.rfc1918 for recursive server
|
||||
lineinfile:
|
||||
dest: '/etc/bind/named.conf.local'
|
||||
dest: /etc/bind/named.conf.local
|
||||
line: 'include "/etc/bind/zones.rfc1918";'
|
||||
regexp: 'zones.rfc1918'
|
||||
notify: 'restart bind'
|
||||
regexp: "zones.rfc1918"
|
||||
notify: restart bind
|
||||
when: bind_recursive_server
|
||||
|
||||
- name: 'Set bind configuration for authoritative server'
|
||||
- name: Set bind configuration for authoritative server
|
||||
template:
|
||||
src: 'named.conf.options_authoritative.j2'
|
||||
dest: '/etc/bind/named.conf.options'
|
||||
owner: 'bind'
|
||||
group: 'bind'
|
||||
mode: '0644'
|
||||
src: named.conf.options_authoritative.j2
|
||||
dest: /etc/bind/named.conf.options
|
||||
owner: bind
|
||||
group: bind
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify: 'restart bind'
|
||||
notify: restart bind
|
||||
when: bind_authoritative_server
|
||||
|
||||
- name: 'Create systemd service'
|
||||
- name: Create systemd service
|
||||
template:
|
||||
src: 'bind9.service.j2'
|
||||
src: bind9.service.j2
|
||||
dest: "{{ bind_systemd_service_path }}"
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify:
|
||||
- 'reload systemd'
|
||||
- 'restart bind'
|
||||
- reload systemd
|
||||
- restart bind
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- name: 'touch /var/log/bind.log if non chroot'
|
||||
- name: touch /var/log/bind.log if non chroot
|
||||
file:
|
||||
path: '/var/log/bind.log'
|
||||
owner: 'bind'
|
||||
group: 'adm'
|
||||
mode: '0640'
|
||||
state: 'touch'
|
||||
path: /var/log/bind.log
|
||||
owner: bind
|
||||
group: adm
|
||||
mode: "0640"
|
||||
state: touch
|
||||
when: not bind_chroot_set
|
||||
|
||||
- name: 'touch /var/log/bind_queries.log if non chroot'
|
||||
- name: touch /var/log/bind_queries.log if non chroot
|
||||
file:
|
||||
path: '/var/log/bind_queries.log'
|
||||
owner: 'bind'
|
||||
group: 'adm'
|
||||
mode: '0640'
|
||||
state: 'touch'
|
||||
path: /var/log/bind_queries.log
|
||||
owner: bind
|
||||
group: adm
|
||||
mode: "0640"
|
||||
state: touch
|
||||
when: not bind_chroot_set
|
||||
|
||||
- name: 'send chroot-bind.sh in /root'
|
||||
- name: send chroot-bind.sh in /root
|
||||
copy:
|
||||
src: 'chroot-bind.sh'
|
||||
dest: '/root/chroot-bind.sh'
|
||||
mode: '0700'
|
||||
owner: 'root'
|
||||
src: chroot-bind.sh
|
||||
dest: /root/chroot-bind.sh
|
||||
mode: "0700"
|
||||
owner: root
|
||||
force: true
|
||||
backup: true
|
||||
when: bind_chroot_set
|
||||
|
||||
- name: 'exec chroot-bind.sh'
|
||||
command: '/root/chroot-bind.sh'
|
||||
- name: exec chroot-bind.sh
|
||||
command: "/root/chroot-bind.sh"
|
||||
register: chrootbind_run
|
||||
changed_when: false
|
||||
when: bind_chroot_set
|
||||
|
@ -89,34 +87,34 @@
|
|||
var: chrootbind_run.stdout_lines
|
||||
when: bind_chroot_set and chrootbind_run.stdout != ""
|
||||
|
||||
- name: 'Modify OPTIONS in /etc/default/bind9 for chroot'
|
||||
- name: Modify OPTIONS in /etc/default/bind9 for chroot
|
||||
replace:
|
||||
dest: '/etc/default/bind9'
|
||||
dest: /etc/default/bind9
|
||||
regexp: '^OPTIONS=.*'
|
||||
replace: 'OPTIONS="-u bind -t {{ bind_chroot_path }}"'
|
||||
notify: 'restart bind'
|
||||
notify: restart bind
|
||||
when: bind_chroot_set
|
||||
|
||||
- name: 'logrotate for non chroot bind'
|
||||
- name: logrotate for non chroot bind
|
||||
template:
|
||||
src: 'logrotate_bind'
|
||||
dest: '/etc/logrotate.d/bind9'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
src: logrotate_bind
|
||||
dest: /etc/logrotate.d/bind9
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify: 'restart bind'
|
||||
notify: restart bind
|
||||
when: not bind_chroot_set
|
||||
|
||||
- name: 'logrotate for chroot bind'
|
||||
- name: logrotate for chroot bind
|
||||
template:
|
||||
src: 'logrotate_bind_chroot.j2'
|
||||
dest: '/etc/logrotate.d/bind9'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
src: logrotate_bind_chroot.j2
|
||||
dest: /etc/logrotate.d/bind9
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify: 'restart bind'
|
||||
notify: restart bind
|
||||
when: bind_chroot_set
|
||||
|
||||
- include: 'munin.yml'
|
||||
- include: munin.yml
|
||||
|
|
|
@ -1,23 +1,23 @@
|
|||
---
|
||||
|
||||
- name: 'is Munin present ?'
|
||||
- name: is Munin present ?
|
||||
stat:
|
||||
path: '/etc/munin/plugin-conf.d/munin-node'
|
||||
path: /etc/munin/plugin-conf.d/munin-node
|
||||
check_mode: false
|
||||
register: munin_node_plugins_config
|
||||
tags:
|
||||
- bind
|
||||
- munin
|
||||
|
||||
- name: 'Enable munin plugins for authoritative server'
|
||||
- name: Enable munin plugins for authoritative server
|
||||
file:
|
||||
src: "/usr/share/munin/plugins/{{ item }}"
|
||||
dest: "/etc/munin/plugins/{{ item }}"
|
||||
state: 'link'
|
||||
state: link
|
||||
with_items:
|
||||
- 'bind9'
|
||||
- 'bind9_rndc'
|
||||
notify: 'restart munin-node'
|
||||
- bind9
|
||||
- bind9_rndc
|
||||
notify: restart munin-node
|
||||
when:
|
||||
- bind_authoritative_server
|
||||
- munin_node_plugins_config.stat.exists
|
||||
|
@ -25,15 +25,15 @@
|
|||
- bind
|
||||
- munin
|
||||
|
||||
- name: 'Enable munin plugins for recursive server'
|
||||
- name: Enable munin plugins for recursive server
|
||||
file:
|
||||
src: "/usr/share/munin/plugins/{{ item }}"
|
||||
dest: "/etc/munin/plugins/{{ item }}"
|
||||
state: 'link'
|
||||
state: link
|
||||
with_items:
|
||||
- 'bind9'
|
||||
- 'bind9_rndc'
|
||||
notify: 'restart munin-node'
|
||||
- bind9
|
||||
- bind9_rndc
|
||||
notify: restart munin-node
|
||||
when:
|
||||
- bind_recursive_server
|
||||
- munin_node_plugins_config.stat.exists
|
||||
|
@ -41,15 +41,15 @@
|
|||
- bind
|
||||
- munin
|
||||
|
||||
- name: 'Add munin plugin configuration'
|
||||
- name: Add munin plugin configuration
|
||||
template:
|
||||
src: 'munin-env_bind9.j2'
|
||||
dest: '/etc/munin/plugin-conf.d/bind9'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
src: munin-env_bind9.j2
|
||||
dest: /etc/munin/plugin-conf.d/bind9
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
notify: 'restart munin-node'
|
||||
notify: restart munin-node
|
||||
when: munin_node_plugins_config.stat.exists
|
||||
tags:
|
||||
- bind
|
||||
|
|
Loading…
Reference in a new issue