mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-18 20:46:26 +02:00
26f289b72b
ansible-lint 6.5.0 complains about:
name: All names should start with an
uppercase letter. (name[casing])
28 lines
1.2 KiB
YAML
28 lines
1.2 KiB
YAML
- name: Install powerdns and geoip
|
|
pacman: name=powerdns,libmaxminddb,geoip,yaml-cpp state=present
|
|
|
|
- name: Install PowerDNS configuration
|
|
template: src={{ item.src }} dest=/etc/powerdns/{{ item.dest }} owner=root group=root mode=0644
|
|
loop:
|
|
- {src: pdns.conf.j2, dest: pdns.conf}
|
|
- {src: geo.yml.j2, dest: geo.yml}
|
|
notify: restart powerdns
|
|
|
|
- name: Create drop-in directory for geoipupdate
|
|
file: path=/etc/systemd/system/geoipupdate.service.d state=directory owner=root group=root mode=0755
|
|
|
|
- name: Install drop-in snippet for geoipupdate
|
|
copy: src=geoipupdate-pdns-reload.conf dest=/etc/systemd/system/geoipupdate.service.d/pdns-reload.conf owner=root group=root mode=0644
|
|
|
|
- name: Open powerdns ipv4 port for monitoring.archlinux.org
|
|
ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
|
|
rich_rule="rule family=ipv4 source address={{ hostvars['monitoring.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8081 accept"
|
|
tags:
|
|
- firewall
|
|
|
|
- name: Open firewall hole
|
|
ansible.posix.firewalld: service=dns permanent=true state=enabled immediate=yes
|
|
|
|
- name: Start and enable powerdns
|
|
systemd: name=pdns.service enabled=yes daemon_reload=yes state=started
|