home/hermes
Archived
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix zone transfers

Browse source 
fix dns ports
fixate dns server
This commit is contained in:
Pim Kunis 2023-03-20 08:54:04 +01:00
parent 506d39091f
commit e716be6c9c
5 changed files with 19 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ansible/hermes.yml
View file

@ -19,6 +19,10 @@
changed_when: "'..' in cloudinit.stdout" changed_when: "'..' in cloudinit.stdout"
- name: Gather facts - name: Gather facts
setup: setup:
- name: Copy resolv.conf
copy:
src: resolv.conf
dest: /etc/resolv.conf
- name: Update repositories - name: Update repositories
apt: apt:
autoremove: true autoremove: true

1
ansible/resolv.conf Normal file
View file

@ -0,0 +1 @@
nameserver 192.168.30.1

10
ansible/roles/dnsmasq/files/dnsmasq.conf
View file

@ -13,7 +13,7 @@ expand-hosts
# Domain that is used for DHCP on this network # Domain that is used for DHCP on this network
domain=dmz domain=dmz
# IPv4 DHCP range # IPv4 DHCP range
dhcp-range=192.168.30.100,192.168.30.200,infinite dhcp-range=192.168.30.100,192.168.30.200,15m
# Predefined DHCP hosts # Predefined DHCP hosts
dhcp-host=b8:27:eb:b9:ab:e2,esrom dhcp-host=b8:27:eb:b9:ab:e2,esrom
dhcp-host=b4:2e:99:77:1b:da,max,192.168.30.3 dhcp-host=b4:2e:99:77:1b:da,max,192.168.30.3
@ -29,11 +29,13 @@ ra-param=*,0,0
# Alias public IP address to local # Alias public IP address to local
alias=84.245.14.149,192.168.30.3 alias=84.245.14.149,192.168.30.3
# Override DNS servers for our domains # Override DNS servers for our domains
server=/pizzapim.nl/192.168.30.7#5353 server=/pizzapim.nl/192.168.30.7
server=/geokunis2.nl/192.168.30.7#5353 server=/geokunis2.nl/192.168.30.7
server=/pim.kunis.nl/192.168.30.7#5353 server=/pim.kunis.nl/192.168.30.7
# Enable extended logging # Enable extended logging
log-dhcp log-dhcp
log-queries log-queries
# Resolve dns.dmz to addresses on main NIC # Resolve dns.dmz to addresses on main NIC
interface-name=hermes.dmz,ens3 interface-name=hermes.dmz,ens3
# Non-conventional port because we also run nsd on this machine
port=5353

3
ansible/roles/dnsmasq/tasks/main.yml
View file

@ -10,8 +10,9 @@
copy: copy:
src: "{{ role_path }}/files/dnsmasq.conf" src: "{{ role_path }}/files/dnsmasq.conf"
dest: "/etc/dnsmasq.conf" dest: "/etc/dnsmasq.conf"
register: config
- name: Enable dnsmasq - name: Enable dnsmasq
systemd: systemd:
name: dnsmasq name: dnsmasq
enabled: true enabled: true
state: started state: "{{ 'restarted' if config.changed else 'started' }}"

7
ansible/roles/nsd/files/nsd.conf
View file

@ -1,6 +1,6 @@
server: server:
ip-address: ens3 ip-address: ens3
port: 5353 port: 53
server-count: 1 server-count: 1
verbosity: 1 verbosity: 1
hide-version: yes hide-version: yes
@ -15,7 +15,12 @@ zone:
zone: zone:
name: pizzapim.nl name: pizzapim.nl
zonefile: pizzapim.nl zonefile: pizzapim.nl
provide-xfr: 87.253.155.96/27 NOKEY
provide-xfr: 157.97.168.160/27 NOKEY
zone: zone:
name: geokunis2.nl name: geokunis2.nl
zonefile: geokunis2.nl zonefile: geokunis2.nl
provide-xfr: 87.253.155.96/27 NOKEY
provide-xfr: 157.97.168.160/27 NOKEY