feat: Create role

This commit is contained in:
2022-10-03 17:20:34 +02:00
committed by pulsar89.5
parent f8ba73f84d
commit 8823428e33
12 changed files with 275 additions and 6 deletions

50
templates/dnsmasq.conf.j2 Normal file
View File

@@ -0,0 +1,50 @@
# {{ ansible_managed }}
# Listen only on the specified interface(s)
interface={{ dnsmasq_interface }}
# Tells dnsmasq to never forward A or AAAA queries for plain names
domain-needed
# Specifies DNS domains
domain={{ dnsmasq_domain }}
local=/{{ dnsmasq_domain }}/
# Add the domain to simple names
expand-hosts
# Disable negative caching
no-negcache
# Don't read /etc/resolv.conf
no-resolv
# Don't read the hostnames in /etc/hosts
no-hosts
# Specify upstream servers directly
{% for server in dnsmasq_servers %}
server={{ server }}
{% endfor %}
# Specify upstream servers directly (PTR)
{% for server in dnsmasq_rev_servers %}
rev-server={{ server }}
{% endfor %}
# Do not detect and block dns-rebind on queries to these domains
{% for domain in dnsmasq_rebind_domains %}
rebind-domain-ok=/{{ domain }}/
{% endfor %}
# Reject (and log) addresses from upstream nameservers which are in the private ranges
stop-dns-rebind
# Exempt 127.0.0.0/8 and ::1 from rebinding checks
rebind-localhost-ok
# Set the size of dnsmasq's cache
cache-size=4096
# Additional hosts file. Read the specified file as well as /etc/hosts
addn-hosts={{ dnsmasq_records_directory }}

View File

@@ -0,0 +1,12 @@
# {{ ansible_managed }}
{%- for host in groups[dnsmasq_ansible_group] | sort %}
{%- set ipv4 = hostvars[host]['ansible_host'] %}
{%- set ipv6_prefix = dnsmasq_ipv6_subnet | split('/') | first %}
{%- set ipv6_suffix = hostvars[host]['ansible_host'] | split('.') | last %}
{%- set aliases = [host] + hostvars[host].get('dnsmasq_host_aliases', []) %}
## {{ host }}
{{ ipv4 }} {{ aliases | join(' ') }}
{{ ipv6_prefix }}{{ ipv6_suffix }} {{ aliases | join(' ') }}
{% endfor %}

View File

@@ -0,0 +1,9 @@
# {{ ansible_managed }}
{%- for specific in dnsmasq_specifics %}
## {{ specific.hostname }}
{% for ip in specific.ips %}
{{ ip }} {{ specific.hostname }}
{% endfor %}
{% endfor %}

View File

@@ -0,0 +1,4 @@
# {{ ansible_managed }}
[Resolve]
DNSStubListener=no