You've already forked role_stubby
feat: Create role
This commit is contained in:
22
defaults/main.yml
Normal file
22
defaults/main.yml
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
---
|
||||||
|
# defaults file for dnsmasq
|
||||||
|
|
||||||
|
stubby_listen_addresses: []
|
||||||
|
# Example:
|
||||||
|
# - 127.0.0.1@53000
|
||||||
|
# - 0::1@53000
|
||||||
|
|
||||||
|
stubby_upstream_recursive_servers: []
|
||||||
|
# Example:
|
||||||
|
# - address_data: 2a0f:fc80::9
|
||||||
|
# tls_port: 853
|
||||||
|
# tls_auth_name: "dns0.eu"
|
||||||
|
# - address_data: 2a0f:fc81::9
|
||||||
|
# tls_port: 853
|
||||||
|
# tls_auth_name: "dns0.eu"
|
||||||
|
# - address_data: 193.110.81.9
|
||||||
|
# tls_port: 853
|
||||||
|
# tls_auth_name: "dns0.eu"
|
||||||
|
# - address_data: 185.253.5.9
|
||||||
|
# tls_port: 853
|
||||||
|
# tls_auth_name: "dns0.eu"
|
15
handlers/main.yml
Normal file
15
handlers/main.yml
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
# handlers file for stubby
|
||||||
|
|
||||||
|
- name: Apply installation
|
||||||
|
ansible.builtin.command:
|
||||||
|
argv:
|
||||||
|
- /usr/bin/rpm-ostree
|
||||||
|
- apply-live
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Restart stubby.service
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: restarted
|
||||||
|
name: stubby.service
|
||||||
|
become: true
|
@@ -1,7 +1,7 @@
|
|||||||
galaxy_info:
|
galaxy_info:
|
||||||
namespace: ykn
|
namespace: ykn
|
||||||
author: pulsar89.5
|
author: pulsar89.5
|
||||||
description: Rôle modèle
|
description: Rôle de déploiement de stubby
|
||||||
|
|
||||||
license: GPL-3.0-or-later
|
license: GPL-3.0-or-later
|
||||||
|
|
||||||
|
9
tasks/configuration.yml
Normal file
9
tasks/configuration.yml
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
# tasks file for stubby
|
||||||
|
|
||||||
|
- name: Deploy configuration
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: stubby.yml.j2
|
||||||
|
dest: /etc/stubby/stubby.yml
|
||||||
|
become: true
|
||||||
|
notify: Restart stubby.service
|
7
tasks/installation.yml
Normal file
7
tasks/installation.yml
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
# tasks file for stubby
|
||||||
|
|
||||||
|
- name: Install stubby
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: stubby
|
||||||
|
become: true
|
10
tasks/main.yml
Normal file
10
tasks/main.yml
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
# tasks file for stubby
|
||||||
|
|
||||||
|
- name: Include installation tasks
|
||||||
|
ansible.builtin.import_tasks:
|
||||||
|
file: installation.yml
|
||||||
|
|
||||||
|
- name: Import configuration tasks
|
||||||
|
ansible.builtin.import_tasks:
|
||||||
|
file: configuration.yml
|
31
templates/stubby.yml.j2
Normal file
31
templates/stubby.yml.j2
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
resolution_type: GETDNS_RESOLUTION_STUB
|
||||||
|
dns_transport_list:
|
||||||
|
- GETDNS_TRANSPORT_TLS
|
||||||
|
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
|
||||||
|
tls_query_padding_blocksize: 128
|
||||||
|
edns_client_subnet_private: 1
|
||||||
|
round_robin_upstreams: 1
|
||||||
|
idle_timeout: 10000
|
||||||
|
|
||||||
|
listen_addresses:
|
||||||
|
{% for address in stubby_listen_addresses %}
|
||||||
|
- {{ address }}
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
upstream_recursive_servers:
|
||||||
|
{% for server in stubby_upstream_recursive_servers %}
|
||||||
|
- address_data: {{ server.address_data }}
|
||||||
|
{% if server.tls_port is defined %}
|
||||||
|
tls_port: {{ server.tls_port }}
|
||||||
|
{% endif %}
|
||||||
|
tls_auth_name: "{{ server.tls_auth_name }}"
|
||||||
|
{% if server.tls_pubkey_pinset is defined %}
|
||||||
|
tls_pubkey_pinset:
|
||||||
|
{% for pubkey in server.tls_pubkey_pinset %}
|
||||||
|
- digest: "{{ pubkey.digest }}"
|
||||||
|
value: {{ pubkey.value }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
Reference in New Issue
Block a user