feat: Define variables for directories
This commit is contained in:
parent
ae9e8695bf
commit
410825770b
@ -1,6 +1,13 @@
|
|||||||
---
|
---
|
||||||
# defaults file for dnsmasq
|
# defaults file for dnsmasq
|
||||||
|
|
||||||
|
# Directory to deploy configuration
|
||||||
|
dnsmasq_conf_directory: /etc/dnsmasq.d
|
||||||
|
|
||||||
|
# Directory to deploy records files
|
||||||
|
dnsmasq_records_directory: "{{ dnsmasq_conf_directory }}/records"
|
||||||
|
|
||||||
|
# Configuration
|
||||||
dnsmasq_domain: ""
|
dnsmasq_domain: ""
|
||||||
dnsmasq_servers: []
|
dnsmasq_servers: []
|
||||||
dnsmasq_rev_servers: []
|
dnsmasq_rev_servers: []
|
||||||
@ -15,11 +22,11 @@ dnsmasq_host_aliases: []
|
|||||||
dnsmasq_client_filename: "{{ inventory_hostname }}"
|
dnsmasq_client_filename: "{{ inventory_hostname }}"
|
||||||
dnsmasq_client_hostname: "{{ inventory_hostname }} {{ inventory_hostname_short }}"
|
dnsmasq_client_hostname: "{{ inventory_hostname }} {{ inventory_hostname_short }}"
|
||||||
|
|
||||||
# Groupe ansible pour l'enregistrement automatique
|
# Ansible group automatically used in records file
|
||||||
dnsmasq_ansible_group: ""
|
dnsmasq_ansible_group: ""
|
||||||
|
|
||||||
# CIDR du sous-réseau IPv6
|
# IPv6 subnet
|
||||||
dnsmasq_ipv6_subnet: ""
|
dnsmasq_ipv6_subnet: ""
|
||||||
|
|
||||||
# Enregistrement spécifiques
|
# Specific records
|
||||||
dnsmasq_specifics: []
|
dnsmasq_specifics: []
|
||||||
|
|||||||
@ -9,18 +9,18 @@
|
|||||||
become: true
|
become: true
|
||||||
|
|
||||||
- name: Reload dnsmasq.service
|
- name: Reload dnsmasq.service
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd_service:
|
||||||
name: dnsmasq.service
|
name: dnsmasq.service
|
||||||
state: reloaded
|
state: reloaded
|
||||||
become: true
|
become: true
|
||||||
register: dnsmasq_reload
|
register: dnsmasq_reload
|
||||||
|
|
||||||
- name: Reload dnsmasq.service on dns servers
|
- name: Reload dnsmasq.service on dns servers
|
||||||
become: true
|
ansible.builtin.systemd_service:
|
||||||
ansible.builtin.systemd:
|
|
||||||
state: reloaded
|
state: reloaded
|
||||||
name: dnsmasq.service
|
name: dnsmasq.service
|
||||||
when: dnsmasq_reload is undefined
|
when: dnsmasq_reload is undefined
|
||||||
|
become: true
|
||||||
loop: "{{ dnsmasq_hosts }}"
|
loop: "{{ dnsmasq_hosts }}"
|
||||||
delegate_to: "{{ item }}"
|
delegate_to: "{{ item }}"
|
||||||
run_once: true
|
run_once: true
|
||||||
|
|||||||
@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
# tasks file for security
|
# tasks file for dnsmasq
|
||||||
|
|
||||||
- name: Create records directory
|
- name: Create records directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /srv/dnsmasq
|
path: "{{ dnsmasq_records_directory }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: dnsmasq
|
owner: dnsmasq
|
||||||
group: root
|
group: root
|
||||||
@ -12,14 +12,14 @@
|
|||||||
|
|
||||||
- name: Remove old configuration
|
- name: Remove old configuration
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /etc/dnsmasq.d/cache.conf
|
path: "{{ dnsmasq_conf_directory }}/cache.conf"
|
||||||
state: absent
|
state: absent
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
- name: Deploy configuration
|
- name: Deploy configuration
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: dnsmasq.conf.j2
|
src: dnsmasq.conf.j2
|
||||||
dest: /etc/dnsmasq.d/dns.conf
|
dest: "{{ dnsmasq_conf_directory }}/etc/dnsmasq.d/dns.conf"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
@ -29,7 +29,7 @@
|
|||||||
- name: Deploy specific records
|
- name: Deploy specific records
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ role_path }}/templates/records_specific.conf.j2"
|
src: "{{ role_path }}/templates/records_specific.conf.j2"
|
||||||
dest: /srv/dnsmasq/specific.conf
|
dest: "{{ dnsmasq_records_directory }}/specific.conf"
|
||||||
owner: dnsmasq
|
owner: dnsmasq
|
||||||
group: root
|
group: root
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
|
|||||||
@ -1,16 +0,0 @@
|
|||||||
---
|
|
||||||
# tasks file for dnsmasq
|
|
||||||
|
|
||||||
- name: Installer dnsmasq
|
|
||||||
become: true
|
|
||||||
ansible.builtin.package:
|
|
||||||
name: dnsmasq
|
|
||||||
|
|
||||||
- name: Créer le dossier dédié à dnsmasq
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: /srv/dnsmasq
|
|
||||||
state: directory
|
|
||||||
owner: dnsmasq
|
|
||||||
group: root
|
|
||||||
mode: u=rwX,g=rX,o=rX
|
|
||||||
become: true
|
|
||||||
@ -1,7 +1,13 @@
|
|||||||
---
|
---
|
||||||
# tasks file for dnsmasq
|
# tasks file for dnsmasq
|
||||||
|
|
||||||
- name: Install stubby
|
- name: Install dnsmasq
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: dnsmasq
|
||||||
|
when: ansible_facts['pkg_mgr'] == "apt"
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Install dnsmasq
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
argv:
|
argv:
|
||||||
- /usr/bin/rpm-ostree
|
- /usr/bin/rpm-ostree
|
||||||
@ -11,8 +17,16 @@
|
|||||||
- --idempotent
|
- --idempotent
|
||||||
- dnsmasq
|
- dnsmasq
|
||||||
creates: /sysroot/ostree/repo/refs/heads/rpmostree/pkg/dnsmasq
|
creates: /sysroot/ostree/repo/refs/heads/rpmostree/pkg/dnsmasq
|
||||||
|
when: ansible_facts['pkg_mgr'] == "atomic_container"
|
||||||
become: true
|
become: true
|
||||||
notify: Apply installation
|
notify: Apply installation
|
||||||
|
|
||||||
- name: Flush handlers
|
- name: Flush handlers
|
||||||
meta: flush_handlers
|
meta: flush_handlers
|
||||||
|
|
||||||
|
- name: Enable dnsmasq.service
|
||||||
|
ansible.builtin.systemd_service:
|
||||||
|
name: dnsmasq.service
|
||||||
|
masked: false
|
||||||
|
enabled: true
|
||||||
|
become: true
|
||||||
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
- name: Include installation tasks
|
- name: Include installation tasks
|
||||||
ansible.builtin.include_tasks:
|
ansible.builtin.include_tasks:
|
||||||
file: installation-{{ ansible_facts['pkg_mgr'] }}.yml
|
file: installation.yml
|
||||||
|
|
||||||
- name: Import configuration tasks
|
- name: Import configuration tasks
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
|
|||||||
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
# tasks file for security
|
# tasks file for security
|
||||||
|
|
||||||
- name: Deploy records from ansible inventory
|
- name: Deploy records from ansible group
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ role_path }}/templates/records_auto.conf.j2"
|
src: "{{ role_path }}/templates/records_auto.conf.j2"
|
||||||
dest: /srv/dnsmasq/auto-{{ dnsmasq_ansible_group }}.conf
|
dest: "{{ dnsmasq_records_directory }}/auto-{{ dnsmasq_ansible_group }}.conf"
|
||||||
owner: dnsmasq
|
owner: dnsmasq
|
||||||
group: root
|
group: root
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
|
|||||||
@ -1,8 +1,5 @@
|
|||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
# Répondre aux demandes locales uniquement
|
|
||||||
local-service
|
|
||||||
|
|
||||||
# Ne pas transmettre les requêtes avec un nom court (pas FQDN)
|
# Ne pas transmettre les requêtes avec un nom court (pas FQDN)
|
||||||
domain-needed
|
domain-needed
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user