From 4b97c64f947662cd4e2c233a51114c1ff3a9815c Mon Sep 17 00:00:00 2001
From: Niklas Yann Wettengel <niyawe@niyawe.de>
Date: Fri, 17 Mar 2017 22:35:38 +0100
Subject: updated setup_fastd playbook

added features:
 - install_bind
 - install_dhcp
 - install_fastd
 - setup_batman
---
 roles/install_bind/tasks/main.yml          | 24 +++++++++
 roles/install_bind/templates/named.conf.j2 | 78 ++++++++++++++++++++++++++++++
 2 files changed, 102 insertions(+)
 create mode 100644 roles/install_bind/tasks/main.yml
 create mode 100644 roles/install_bind/templates/named.conf.j2

(limited to 'roles/install_bind')

diff --git a/roles/install_bind/tasks/main.yml b/roles/install_bind/tasks/main.yml
new file mode 100644
index 0000000..31a833c
--- /dev/null
+++ b/roles/install_bind/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: install bind
+  pacman:
+      name: bind
+      state: present
+
+- name: create named zone backup folder
+  file:
+      path: /var/named/bak
+      state: directory
+      owner: named
+      group: named
+
+- name: bind config
+  template:
+      src: named.conf.j2
+      dest: /etc/named.conf
+  register: named_conf
+
+- name: reload bind
+  when: named_conf.changed
+  systemd:
+      name: named.service
+      state: reloaded
diff --git a/roles/install_bind/templates/named.conf.j2 b/roles/install_bind/templates/named.conf.j2
new file mode 100644
index 0000000..ac2f9bd
--- /dev/null
+++ b/roles/install_bind/templates/named.conf.j2
@@ -0,0 +1,78 @@
+// vim:set ts=4 sw=4 et:
+
+options {
+    directory "/var/named";
+    pid-file "/run/named/named.pid";
+
+    dnssec-enable yes;
+    dnssec-validation yes;
+    dnssec-lookaside auto;
+
+    auth-nxdomain no;    # conform to RFC1035
+
+    listen-on-v6 { {{ bat0_ipv6 }}; };
+    listen-on port 53 { 127.0.0.1; {{ bat0_ipv4 }}; };
+
+    allow-recursion { 127.0.0.1; 10.222.0.0/16; 2a01:198:70a:ff::/64; };
+    allow-transfer { none; };
+    allow-update { none; };
+
+    //forwarders {
+    //    85.214.20.141;
+    //    213.73.91.35;
+    //};
+
+    version none;
+    hostname none;
+    server-id none;
+};
+
+zone "localhost" IN {
+    type master;
+    file "localhost.zone";
+};
+
+zone "0.0.127.in-addr.arpa" IN {
+    type master;
+    file "127.0.0.zone";
+};
+
+zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
+    type master;
+    file "localhost.ip6.zone";
+};
+
+zone "255.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
+zone "0.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
+zone "." IN {
+    type hint;
+    file "root.hint";
+};
+
+zone "ffmyk" IN {
+    type slave;
+    file "bak/ffmyk.zone";
+    allow-query { any; };
+    masters { 10.222.100.1; };
+};
+
+//logging {
+//    channel xfer-log {
+//        file "/var/log/named.log";
+//            print-category yes;
+//            print-severity yes;
+//            severity info;
+//        };
+//        category xfer-in { xfer-log; };
+//        category xfer-out { xfer-log; };
+//        category notify { xfer-log; };
+//};
+
-- 
cgit v1.2.3-54-g00ecf