feat: Create role

2022-10-03 17:20:34 +02:00
parent f8ba73f84d
commit 9134f68038
12 changed files with 276 additions and 6 deletions
--- a/templates/dnsmasq.conf.j2
+++ b/templates/dnsmasq.conf.j2
@@ -0,0 +1,50 @@
+# {{ ansible_managed }}
+
+# Listen only on the specified interface(s)
+interface={{ dnsmasq_interface }}
+
+# Tells dnsmasq to never forward A or AAAA queries for plain names
+domain-needed
+
+# Specifies DNS domains
+domain={{ dnsmasq_domain }}
+local=/{{ dnsmasq_domain }}/
+
+# Add the domain to simple names
+expand-hosts
+
+# Disable negative caching
+no-negcache
+
+# Don't read /etc/resolv.conf
+no-resolv
+
+# Don't read the hostnames in /etc/hosts
+no-hosts
+
+# Specify upstream servers directly
+{% for server in dnsmasq_servers %}
+server={{ server }}
+{% endfor %}
+
+# Specify upstream servers directly (PTR)
+{% for server in dnsmasq_rev_servers %}
+rev-server={{ server }}
+{% endfor %}
+
+# Do not detect and block dns-rebind on queries to these domains
+{% for domain in dnsmasq_rebind_domains %}
+rebind-domain-ok=/{{ domain }}/
+{% endfor %}
+
+# Reject (and log) addresses from upstream nameservers which are in the private ranges
+stop-dns-rebind
+
+# Exempt 127.0.0.0/8 and ::1 from rebinding checks
+rebind-localhost-ok
+
+# Set the size of dnsmasq's cache
+cache-size=4096
+
+# Additional hosts file. Read the specified file as well as /etc/hosts
+addn-hosts={{ dnsmasq_records_directory }}
--- a/templates/records_auto.conf.j2
+++ b/templates/records_auto.conf.j2
@@ -0,0 +1,12 @@
+# {{ ansible_managed }}
+
+{%- for host in groups[dnsmasq_ansible_group] | sort %}
+{%- set ipv4 = hostvars[host]['ansible_host'] %}
+{%- set ipv6_prefix = dnsmasq_ipv6_subnet | split('/') | first %}
+{%- set ipv6_suffix = hostvars[host]['ansible_host'] | split('.') | last %}
+{%- set aliases = [host] + hostvars[host].get('dnsmasq_host_aliases', []) %}
+
+## {{ host }}
+{{ ipv4 }} {{ aliases | join(' ') }}
+{{ ipv6_prefix }}{{ ipv6_suffix }} {{ aliases | join(' ') }}
+{% endfor %}
--- a/templates/records_specific.conf.j2
+++ b/templates/records_specific.conf.j2
@@ -0,0 +1,10 @@
+# {{ ansible_managed }}
+
+{%- for specific in dnsmasq_specifics %}
+{%- set aliases = specific.aliases | default([]) %}
+
+## {{ specific.hostname }}
+{% for ip in specific.ips %}
+{{ ip }} {{ ([specific.hostname] + aliases) | join(' ') }}
+{% endfor %}
+{% endfor %}
--- a/templates/stub-listener.conf.j2
+++ b/templates/stub-listener.conf.j2
@@ -0,0 +1,4 @@
+# {{ ansible_managed }}
+
+[Resolve]
+DNSStubListener=no