diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-05-03 20:52:54 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-05-03 21:29:25 -0700 |
| commit | 7106b304324b3a7c4dc5fa25432f08041cbc41cb (patch) | |
| tree | cac71c9d85ba0045a735a4709573634c52f38e03 /playbooks/roles/labdns | |
| parent | ae2d222ab5423bef0fc136e0aee2b4243db03b17 (diff) | |
| download | infra-7106b304324b3a7c4dc5fa25432f08041cbc41cb.tar.gz infra-7106b304324b3a7c4dc5fa25432f08041cbc41cb.zip | |
Move to unbound
Diffstat (limited to 'playbooks/roles/labdns')
4 files changed, 47 insertions, 0 deletions
diff --git a/playbooks/roles/labdns/tasks/main.yml b/playbooks/roles/labdns/tasks/main.yml new file mode 100644 index 0000000..20c95f7 --- /dev/null +++ b/playbooks/roles/labdns/tasks/main.yml @@ -0,0 +1,8 @@ +--- + +- name: Deploy labdns + ansible.builtin.import_tasks: manage-docker-swarm-service.yml + vars: + service_name: labdns + template_render_dir: "../templates" + service_destination_dir: "{{ labdns_base }}" diff --git a/playbooks/roles/labdns/templates/stacks/docker-compose.yml b/playbooks/roles/labdns/templates/stacks/docker-compose.yml new file mode 100644 index 0000000..3327c18 --- /dev/null +++ b/playbooks/roles/labdns/templates/stacks/docker-compose.yml @@ -0,0 +1,30 @@ +--- + +services: + labdns: + image: mvance/unbound:latest + ports: + - "53:53/udp" + - "53:53/tcp" + volumes: + - {{ labdns_base }}/volumes/unbound/forward-records.conf:/opt/unbound/etc/unbound/forward-records.conf:ro + - {{ labdns_base }}/volumes/unbound/a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro + environment: + - TZ={{ timezone }} + - DEPLOYMENT_TIME={{ deployment_time }} +{% if not homelab_build %} + healthcheck: + test: ["CMD-SHELL", "drill loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"] + retries: 3 + timeout: 5s + start_period: 8s +{% endif %} + deploy: + mode: replicated + update_config: + parallelism: 1 + failure_action: rollback + order: start-first + monitor: 25s + replicas: 2 + diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf new file mode 100644 index 0000000..9462aab --- /dev/null +++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf @@ -0,0 +1,4 @@ +# {{ domain }} +{% for service in internal_services %} +local-data: "{{ service }}.{{ domain }}. A {{ loadbalancer_ip }}" +{% endfor %} diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf new file mode 100644 index 0000000..19af327 --- /dev/null +++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf @@ -0,0 +1,5 @@ +forward-zone: + name: "." + forward-addr: 1.1.1.1@853#cloudflare-dns.com + forward-addr: 1.0.0.1@853#cloudflare-dns.com + forward-tls-upstream: yes |