working dns

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-02 02:10:54 -0500
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-02 02:10:54 -0500
commit: 1f9f2b7608d3915d2f8a3a556db19c27040d3a4d (patch)
tree: e3efd09f152de0392ec493111f07be1080830c26 /roles
parent: c0ed0a948fd574208a44b2cfb5f944cf45efca29 (diff)
download: oldinfra-1f9f2b7608d3915d2f8a3a556db19c27040d3a4d.tar.gz
oldinfra-1f9f2b7608d3915d2f8a3a556db19c27040d3a4d.zip
4 files changed, 45 insertions, 7 deletions
diff --git a/roles/dnscommon/tasks/main.yml b/roles/dnscommon/tasks/main.yml
index ce1bb66..c7547d7 100644
--- a/roles/dnscommon/tasks/main.yml
+++ b/roles/dnscommon/tasks/main.yml
@@ -1,6 +1,8 @@
 ---
 - name: install BIND
   apt: name=bind9 state=latest
+- name: install BIND-utils
+  apt: name=bind9-utils state=latest
 
 - name: copy named.conf.options
   copy:
diff --git a/roles/nameservers/tasks/main.yml b/roles/nameservers/tasks/main.yml
index 7f13ebd..e078c00 100644
--- a/roles/nameservers/tasks/main.yml
+++ b/roles/nameservers/tasks/main.yml
@@ -1,21 +1,40 @@
 ---
+
+## PRIMARY
+
 - name: create named.conf.local for primary
   template:
     src: ../templates/named.conf.local.primary.j2
     dest: /etc/bind/named.conf.local
+    owner: bind
+    group: bind
   when: inventory_hostname in groups['dnsprimary']
 
+- name: create /etc/bind/zones if not exist
+  ansible.builtin.file:
+    path: /etc/bind/zones
+    state: directory
+    owner: bind
+    group: bind
+
 - name: create primary zone files for primary
   template:
     src: "../templates/{{ item.zone_file }}.j2"
-    dest: "/etc/bind/{{ item.zone_file }}"
+    dest: "/etc/bind/zones/{{ item.zone_file }}"
+    owner: bind
+    group: bind
   with_items: "{{ dns_zones }}"
   when: inventory_hostname in groups['dnsprimary']
 
+
+## REPLICA
+
 - name: create named.conf.local for replica
   template:
     src: ../templates/named.conf.local.replica.j2
     dest: /etc/bind/named.conf.local
+    owner: bind
+    group: bind
   when: inventory_hostname in groups['dnsreplica']
 
 - name: restart bind9
diff --git a/roles/nameservers/templates/db.simponic.xyz.j2 b/roles/nameservers/templates/db.simponic.xyz.j2
index ff38293..d219beb 100644
--- a/roles/nameservers/templates/db.simponic.xyz.j2
+++ b/roles/nameservers/templates/db.simponic.xyz.j2
@@ -1,7 +1,7 @@
 $TTL    604800
 @       IN      SOA     {{ dns_primary_hostname }}.simponic.xyz. admin.simponic.xyz. (
-                              5         ; Serial
-                         604800         ; Refresh
+                     1704161086         ; Serial
+                          86400         ; Refresh
                           86400         ; Retry
                         2419200         ; Expire
                          604800 )       ; Negative Cache TTL
@@ -15,6 +15,23 @@ simponic.xyz.    IN      NS      {{ dns_replica_hostname }}.simponic.xyz.
 {{ dns_primary_hostname }}             IN      A      {{ dns_primary_ip }}
 {{ dns_replica_hostname }}             IN      A      {{ dns_replica_ip }}
 
-; Other A records
-@               IN      A       129.123.76.14
-www             IN      A       129.123.76.14
+;; A Records
+mail.simponic.xyz.	1	IN	A	192.3.248.205
+simponic.xyz.	1	IN	A	129.123.76.14
+
+;; CNAME Records
+s1._domainkey.simponic.xyz.	1	IN	CNAME	s1.domainkey.u25709709.wl210.sendgrid.net.
+s2._domainkey.simponic.xyz.	1	IN	CNAME	s2.domainkey.u25709709.wl210.sendgrid.net.
+static.simponic.xyz.	1	IN	CNAME	simponic.xyz.
+www.simponic.xyz.	1	IN	CNAME	simponic.xyz.
+
+;; MX Records
+simponic.xyz.	1	IN	MX	10 mail.simponic.xyz.
+
+;; TXT Records
+_acme-challenge.simponic.xyz.	1	IN	TXT	"6GcrSuBAj8pNKqiCBWUIONRJjbDVtOizadBDGngW4-U"
+_acme-challenge.simponic.xyz.	1	IN	TXT	"IErMxNBY3v1Wc3RV06khZXKDC1f9EObYHSXETK5ZKYE"
+_acme-challenge.simponic.xyz.	1	IN	TXT	"3jWQSVbU-SdebeymX58bir5kEHG1dVHRXYE-P_4Qao8"
+_acme-challenge.simponic.xyz.	1	IN	TXT	"LXaVBwQCanWKF4cNxzPHHPM9N-kkjhn8_4r6RsveBqs"
+dkim._domainkey.simponic.xyz.	1	IN	TXT	"v=DKIM1; p=  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNWLcbrcGq0z8f0fSmxLbfK/Q/ZwmnPyJEfljS2VuDIm7DUXahHIFtB8hfZ/WAocoirb8kUHTvTAgmUOXPpNxTDve3tV9S+CBBYHH2c9XBsuaZn/Vi0TR5vbBDuISmlXT6k+2cdq0LO+PYRwJI65t/JWTR5fQlCmVgxbI5gwDYFRZC0Nl5gEwuKw7pdEJg4Pymyox" "i" "zcikaGk/plXj6BDvv9pK1q8Wa+QPIkuBPFvsEh3KSApMP1p5thzHFaeNyCn5PuYEvbgkal0722px6GvYfR2W/APNRztbmWVewXH6kEWCgOYMkmWiYYLgEwz62rq2SzszP1rrl3WjVi26916wIDAQAB"
+simponic.xyz.	1	IN	TXT	"v=spf1 mx ip4:192.3.248.205 ~all"
diff --git a/roles/nameservers/templates/named.conf.local.primary.j2 b/roles/nameservers/templates/named.conf.local.primary.j2
index 0234278..44665e6 100644
--- a/roles/nameservers/templates/named.conf.local.primary.j2
+++ b/roles/nameservers/templates/named.conf.local.primary.j2
@@ -1,7 +1,7 @@
 {% for zone in dns_zones %}
 zone "{{ zone.zone_name }}" {
     type master;
-    file "/etc/bind/{{ zone.zone_file }}";
+    file "/etc/bind/zones/{{ zone.zone_file }}";
     allow-transfer { {{ dns_replica_ip }}; };
 };
 {% endfor %}
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-02 02:10:54 -0500
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-02 02:10:54 -0500
commit	1f9f2b7608d3915d2f8a3a556db19c27040d3a4d (patch)
tree	e3efd09f152de0392ec493111f07be1080830c26 /roles
parent	c0ed0a948fd574208a44b2cfb5f944cf45efca29 (diff)
download	oldinfra-1f9f2b7608d3915d2f8a3a556db19c27040d3a4d.tar.gz oldinfra-1f9f2b7608d3915d2f8a3a556db19c27040d3a4d.zip