diff options
| author | Elizabeth Hunt <elizabeth.hunt@simponic.xyz> | 2024-01-01 20:23:23 -0500 |
|---|---|---|
| committer | Elizabeth Hunt <elizabeth.hunt@simponic.xyz> | 2024-01-01 20:23:23 -0500 |
| commit | c0ed0a948fd574208a44b2cfb5f944cf45efca29 (patch) | |
| tree | aff8726464a32d1567c0cd8e5a10263976a0cc65 /roles/dnscommon | |
| parent | 64e3ad7da4884c5c36f2e30a5af1f74c88208ff8 (diff) | |
| download | oldinfra-c0ed0a948fd574208a44b2cfb5f944cf45efca29.tar.gz oldinfra-c0ed0a948fd574208a44b2cfb5f944cf45efca29.zip | |
first dns setup checkpoint
Diffstat (limited to 'roles/dnscommon')
| -rw-r--r-- | roles/dnscommon/files/named.conf.options | 12 | ||||
| -rw-r--r-- | roles/dnscommon/tasks/main.yml | 28 |
2 files changed, 40 insertions, 0 deletions
diff --git a/roles/dnscommon/files/named.conf.options b/roles/dnscommon/files/named.conf.options new file mode 100644 index 0000000..c788257 --- /dev/null +++ b/roles/dnscommon/files/named.conf.options @@ -0,0 +1,12 @@ +options { + directory "/var/cache/bind"; + + recursion no; + allow-transfer { none; }; + + allow-query { any; }; + + auth-nxdomain no; # conform to RFC1035 + + listen-on-v6 { any; }; +}; diff --git a/roles/dnscommon/tasks/main.yml b/roles/dnscommon/tasks/main.yml new file mode 100644 index 0000000..ce1bb66 --- /dev/null +++ b/roles/dnscommon/tasks/main.yml @@ -0,0 +1,28 @@ +--- +- name: install BIND + apt: name=bind9 state=latest + +- name: copy named.conf.options + copy: + src: ../files/named.conf.options + dest: /etc/bind/named.conf.options + owner: bind + group: bind + mode: 0644 + +- name: restart & enable BIND + service: name=named state=restarted enabled=yes + +- name: allow dns from everywhere via udp + ufw: + rule: allow + port: '53' + proto: udp +- name: allow dns from everywhere via tcp + ufw: + rule: allow + port: '53' + proto: tcp + +- name: restart ufw + service: name=ufw state=restarted enabled=yes |