From c0ed0a948fd574208a44b2cfb5f944cf45efca29 Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <elizabeth.hunt@simponic.xyz>
Date: Mon, 1 Jan 2024 20:23:23 -0500
Subject: first dns setup checkpoint

---
 roles/dnscommon/tasks/main.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 roles/dnscommon/tasks/main.yml

(limited to 'roles/dnscommon/tasks')

diff --git a/roles/dnscommon/tasks/main.yml b/roles/dnscommon/tasks/main.yml
new file mode 100644
index 0000000..ce1bb66
--- /dev/null
+++ b/roles/dnscommon/tasks/main.yml
@@ -0,0 +1,28 @@
+---
+- name: install BIND
+  apt: name=bind9 state=latest
+
+- name: copy named.conf.options
+  copy:
+    src: ../files/named.conf.options
+    dest: /etc/bind/named.conf.options
+    owner: bind
+    group: bind
+    mode: 0644
+
+- name: restart & enable BIND
+  service: name=named state=restarted enabled=yes
+
+- name: allow dns from everywhere via udp
+  ufw:
+    rule: allow
+    port: '53'
+    proto: udp
+- name: allow dns from everywhere via tcp
+  ufw:
+    rule: allow
+    port: '53'
+    proto: tcp
+
+- name: restart ufw
+  service: name=ufw state=restarted enabled=yes
-- 
cgit v1.2.3-70-g09d2