summaryrefslogtreecommitdiff
path: root/playbooks/roles/labdns
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/roles/labdns')
-rw-r--r--playbooks/roles/labdns/tasks/main.yml8
-rw-r--r--playbooks/roles/labdns/templates/stacks/docker-compose.yml30
-rw-r--r--playbooks/roles/labdns/templates/volumes/unbound/a-records.conf4
-rw-r--r--playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf5
4 files changed, 47 insertions, 0 deletions
diff --git a/playbooks/roles/labdns/tasks/main.yml b/playbooks/roles/labdns/tasks/main.yml
new file mode 100644
index 0000000..20c95f7
--- /dev/null
+++ b/playbooks/roles/labdns/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Deploy labdns
+ ansible.builtin.import_tasks: manage-docker-swarm-service.yml
+ vars:
+ service_name: labdns
+ template_render_dir: "../templates"
+ service_destination_dir: "{{ labdns_base }}"
diff --git a/playbooks/roles/labdns/templates/stacks/docker-compose.yml b/playbooks/roles/labdns/templates/stacks/docker-compose.yml
new file mode 100644
index 0000000..3327c18
--- /dev/null
+++ b/playbooks/roles/labdns/templates/stacks/docker-compose.yml
@@ -0,0 +1,30 @@
+---
+
+services:
+ labdns:
+ image: mvance/unbound:latest
+ ports:
+ - "53:53/udp"
+ - "53:53/tcp"
+ volumes:
+ - {{ labdns_base }}/volumes/unbound/forward-records.conf:/opt/unbound/etc/unbound/forward-records.conf:ro
+ - {{ labdns_base }}/volumes/unbound/a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro
+ environment:
+ - TZ={{ timezone }}
+ - DEPLOYMENT_TIME={{ deployment_time }}
+{% if not homelab_build %}
+ healthcheck:
+ test: ["CMD-SHELL", "drill loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"]
+ retries: 3
+ timeout: 5s
+ start_period: 8s
+{% endif %}
+ deploy:
+ mode: replicated
+ update_config:
+ parallelism: 1
+ failure_action: rollback
+ order: start-first
+ monitor: 25s
+ replicas: 2
+
diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
new file mode 100644
index 0000000..9462aab
--- /dev/null
+++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
@@ -0,0 +1,4 @@
+# {{ domain }}
+{% for service in internal_services %}
+local-data: "{{ service }}.{{ domain }}. A {{ loadbalancer_ip }}"
+{% endfor %}
diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
new file mode 100644
index 0000000..19af327
--- /dev/null
+++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
@@ -0,0 +1,5 @@
+forward-zone:
+ name: "."
+ forward-addr: 1.1.1.1@853#cloudflare-dns.com
+ forward-addr: 1.0.0.1@853#cloudflare-dns.com
+ forward-tls-upstream: yes
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-22 17:53:31 +0000