132 lines
3.1 KiB
YAML
132 lines
3.1 KiB
YAML
---
|
|
|
|
- hosts: dyndnsservers
|
|
user: root
|
|
|
|
tasks:
|
|
- include_vars: vars.yaml
|
|
|
|
- name: Run the equivalent of "apt-get update"
|
|
apt:
|
|
update_cache: yes
|
|
|
|
- name: Install the version '1.14.2' of package "nginx" and allow potential downgrades
|
|
apt:
|
|
name: nginx=1.18.0-6.1
|
|
state: present
|
|
allow_downgrade: yes
|
|
|
|
- name: write nginx.conf
|
|
action: template src=templates/nginx.conf dest=/etc/nginx/nginx.conf
|
|
|
|
- name: Install bind9 packages
|
|
apt:
|
|
pkg:
|
|
- bind9
|
|
- python3-dnspython
|
|
- dnsutils
|
|
|
|
- name: Ensure group bind exists
|
|
ansible.builtin.group:
|
|
name: bind
|
|
state: present
|
|
|
|
- name: Create peach-dyndns user and add to bind group
|
|
ansible.builtin.user:
|
|
name: peach-dyndns
|
|
shell: /bin/bash
|
|
system: true
|
|
groups: bind
|
|
append: yes
|
|
|
|
- name: Create peach-dyndns-server service
|
|
template:
|
|
src: templates/peach-dyndns-server.service
|
|
dest: /lib/systemd/system/peach-dyndns-server.service
|
|
|
|
- name: Copy /etc/bind/named.conf
|
|
template:
|
|
src: "templates/named.conf"
|
|
dest: /etc/bind/named.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- reload bind9
|
|
|
|
- name: Copy /etc/sudoers.d/bindctl
|
|
template:
|
|
src: "templates/bindctl"
|
|
dest: /etc/sudoers.d/bindctl
|
|
owner: root
|
|
group: root
|
|
mode: 0655
|
|
notify:
|
|
- reload bind9
|
|
|
|
- name: Copy /usr/bin/reloadbind
|
|
ansible.builtin.copy:
|
|
src: templates/reloadbind
|
|
dest: /usr/bin/reloadbind
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Copy /usr/bin/peach-dyndns-server
|
|
ansible.builtin.copy:
|
|
src: files/peach-dyndns-server
|
|
dest: /usr/bin/peach-dyndns-server
|
|
owner: peach-dyndns
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: create dyndns working directory
|
|
file:
|
|
path: /srv/peach-dynddns-server
|
|
state: directory
|
|
|
|
- name: Create dynserver nginx site conf
|
|
template:
|
|
src: "templates/dynserver_nginx.conf"
|
|
dest: /etc/nginx/sites-enabled/dynserver.conf
|
|
notify:
|
|
- reload nginx
|
|
|
|
- name: Touch keys file
|
|
ansible.builtin.file:
|
|
path: /etc/bind/dyn.peachcloud.org.keys
|
|
state: touch
|
|
mode: "u=rw,g=rw"
|
|
|
|
- name: Recursively set permissions for /etc/bind
|
|
ansible.builtin.file:
|
|
path: /etc/bind
|
|
state: directory
|
|
recurse: yes
|
|
owner: root
|
|
group: bind
|
|
mode: 'u+rwX,g+rwX'
|
|
|
|
- name: start peach-dyndns-server
|
|
systemd: state=started name=peach-dyndns-server daemon_reload=yes
|
|
|
|
- name: start bind9
|
|
systemd: state=started name=bind9 daemon_reload=yes
|
|
|
|
- name: start nginx
|
|
systemd: state=started name=nginx daemon_reload=yes
|
|
|
|
|
|
handlers:
|
|
|
|
- name: reload bind9
|
|
service: name=bind9 state=reloaded
|
|
|
|
- name: reload peach-dyndns-server
|
|
service: name=peach-dyndns-server state=reloaded
|
|
|
|
- name: reload nginx
|
|
service: name=nginx state=reloaded
|
|
|
|
|