restructure
update readme fix ansible role tags
This commit is contained in:
parent
6502f9c514
commit
7f7ae9b91d
24 changed files with 67 additions and 108 deletions
44
ansible/roles/dnsmasq/files/dnsmasq.conf
Normal file
44
ansible/roles/dnsmasq/files/dnsmasq.conf
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
# Disable /etc/resolv.conf
|
||||
no-resolv
|
||||
# Upstream DNS server
|
||||
server=192.168.30.1
|
||||
# Always serve .dmz locally
|
||||
local=/dmz/
|
||||
# Put all clients in the dmz domain
|
||||
dhcp-fqdn
|
||||
# Don't read /etc/hosts
|
||||
no-hosts
|
||||
# Domain is automatically added to if missing
|
||||
expand-hosts
|
||||
# Domain that is used for DHCP on this network
|
||||
domain=dmz
|
||||
# IPv4 DHCP range
|
||||
dhcp-range=192.168.30.100,192.168.30.200,15m
|
||||
# Predefined DHCP hosts
|
||||
dhcp-host=b8:27:eb:b9:ab:e2,esrom
|
||||
dhcp-host=ca:fe:c0:ff:ee:03,max,192.168.30.3
|
||||
dhcp-host=d8:5e:d3:47:33:6e,lewis
|
||||
# Advertise router
|
||||
dhcp-option=3,192.168.30.1
|
||||
# Always send the IPv6 DNS server address (this machine)
|
||||
dhcp-option=option6:dns-server,[2a02:58:19a:f730::1]
|
||||
# Advertise SLAAC for the given prefix
|
||||
dhcp-range=2a02:58:19a:f730::, ra-stateless, ra-names
|
||||
# Do not advertise default gateway via DHCPv6
|
||||
ra-param=*,0,0
|
||||
# Alias public IP address to local
|
||||
alias=84.245.14.149,192.168.30.3
|
||||
# Override DNS servers for our domains
|
||||
server=/pizzapim.nl/192.168.30.7
|
||||
server=/geokunis2.nl/192.168.30.7
|
||||
server=/pim.kunis.nl/192.168.30.7
|
||||
# Enable extended logging
|
||||
log-dhcp
|
||||
log-queries
|
||||
# Resolve dns.dmz to addresses on main NIC
|
||||
interface-name=hermes.dmz,ens3
|
||||
# Non-conventional port because we also run nsd on this machine
|
||||
port=5353
|
||||
# Override addresses of name servers
|
||||
address=/ns.pizzapim.nl/ns.geokunis2.nl/ns.pim.kunis.nl/192.168.30.7
|
||||
address=/ns.pizzapim.nl/ns.geokunis2.nl/ns.pim.kunis.nl/2a02:58:19a:f730:c8fe:c0ff:feff:ee07
|
||||
18
ansible/roles/dnsmasq/tasks/main.yml
Normal file
18
ansible/roles/dnsmasq/tasks/main.yml
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
- name: Install dnsmasq
|
||||
apt:
|
||||
name: dnsmasq
|
||||
- name: Disable systemd-resolved
|
||||
systemd:
|
||||
name: systemd-resolved
|
||||
enabled: false
|
||||
state: stopped
|
||||
- name: Copy dnsmasq configuration
|
||||
copy:
|
||||
src: "{{ role_path }}/files/dnsmasq.conf"
|
||||
dest: "/etc/dnsmasq.conf"
|
||||
register: config
|
||||
- name: Enable dnsmasq
|
||||
systemd:
|
||||
name: dnsmasq
|
||||
enabled: true
|
||||
state: "{{ 'restarted' if config.changed else 'started' }}"
|
||||
Reference in a new issue