move from pizzapim.nl to pim.kunis.nl

2023-02-08 08:27:30 +01:00 · 2023-02-08 08:27:30 +01:00 · 1bd61091a1
commit 1bd61091a1
parent 4d8f9e816c
26 changed files with 66 additions and 101 deletions
--- a/roles/nsd/files/nsd.conf
+++ b/roles/nsd/files/nsd.conf
@ -18,3 +18,7 @@ zone:
        zonefile: geokunis2.nl.signed
        provide-xfr: 87.253.155.96/27 NOKEY
        provide-xfr: 157.97.168.160/27 NOKEY
+
+zone:
+	name: pim.kunis.nl
+	zonefile: pim.kunis.nl
--- a/roles/nsd/files/zones/pim.kunis.nl
+++ b/roles/nsd/files/zones/pim.kunis.nl
@ -0,0 +1,22 @@
+$ORIGIN pim.kunis.nl.
+$TTL 60
+
+pim.kunis.nl.	IN 	SOA	ns.pim.kunis.nl. pim.kunis.nl. 2023020701 1800 3600 1209600 3600
+
+			NS	ns.pim.kunis.nl.
+			A	84.245.14.149
+			AAAA	2a02:58:19a:f730:b62e:99ff:fe77:1bda
+			TXT	"v=spf1 ~all"
+
+_dmarc		IN	TXT	"v=DMARC1; p=reject; aspf=s; adkim=s; rua=mailto:wpux1bq8@ag.eu.dmarcian.com;"
+
+www		IN	A	84.245.14.149
+			AAAA	2a02:58:19a:f730:b62e:99ff:fe77:1bda
+ns		IN	A	84.245.14.149
+			AAAA	2a02:58:19a:f730:b62e:99ff:fe77:1bda
+
+social		IN	CNAME	www.pim.kunis.nl.
+dav		IN	CNAME	www.pim.kunis.nl.
+git		IN	CNAME	www.pim.kunis.nl.
+meet            IN      CNAME   www.pim.kunis.nl.
+rss             IN      CNAME   www.pim.kunis.nl.
--- a/roles/nsd/tasks/main.yml
+++ b/roles/nsd/tasks/main.yml
@ -42,24 +42,25 @@
    cmd: "ldns-keygen -a ED25519 {{ item.item | basename }}"
    chdir: /etc/nsd/keys
  register: create_zsk
-  when: not item.stat.exists
+  when: not item.stat.exists and (item.item | basename) in sign_zones
  with_items: "{{ zsks_exists.results }}"
 - name: Rename ZSK key
  command:
    cmd: "mv {{ item.stdout }}.key K{{ item.item.item | basename }}.zsk.key"
    chdir: /etc/nsd/keys
-  when: item.changed
+  when: item.changed and (item.item | basename) in sign_zones
  with_items: "{{ create_zsk.results }}"
 - name: Rename ZSK private key
  command:
    cmd: "mv {{ item.stdout }}.private K{{ item.item.item | basename }}.zsk.private"
    chdir: /etc/nsd/keys
-  when: item.changed
+  when: item.changed and (item.item | basename) in sign_zones
  with_items: "{{ create_zsk.results }}"
 - name: Sign zones
  command:
    cmd: "ldns-signzone {{ item | basename }} /etc/nsd/keys/K{{ item | basename }}.zsk /etc/nsd/keys/K{{ item | basename }}.ksk"
    chdir: /etc/nsd/zones
+  when: (item | basename) in sign_zones
  with_fileglob:
    - "{{ role_path }}/files/zones/*"
 - name: Restart NSD
--- a/roles/nsd/vars/main.yml
+++ b/roles/nsd/vars/main.yml
@ -0,0 +1,3 @@
+sign_zones:
+  - geokunis2.nl
+  - pizzapim.nl