source-git / ansible-freeipa

Clone
Source Code
GIT

Blame README-dnsconfig.md

c8 c8s master
  1.   c8s
  2.   README-dnsconfig.md
Blob History Raw
Packit Service 0a38ef 
DNSConfig module
Packit Service 0a38ef 
============
Packit Service 0a38ef
Packit Service 0a38ef 
Description
Packit Service 0a38ef 
-----------
Packit Service 0a38ef
Packit Service 0a38ef 
The dnsconfig module allows to modify global DNS configuration.
Packit Service 0a38ef
Packit Service 0a38ef
Packit Service 0a38ef 
Features
Packit Service 0a38ef 
--------
Packit Service 0a38ef 
* Global DNS configuration
Packit Service 0a38ef
Packit Service 0a38ef
Packit Service 0a38ef 
Supported FreeIPA Versions
Packit Service 0a38ef 
--------------------------
Packit Service 0a38ef
Packit Service 0a38ef 
FreeIPA versions 4.4.0 and up are supported by the ipadnsconfig module.
Packit Service 0a38ef
Packit Service 0a38ef
Packit Service 0a38ef 
Requirements
Packit Service 0a38ef 
------------
Packit Service 0a38ef
Packit Service 0a38ef 
**Controller**
Packit Service 0a38ef 
* Ansible version: 2.8+
Packit Service 0a38ef
Packit Service 0a38ef 
**Node**
Packit Service 0a38ef 
* Supported FreeIPA version (see above)
Packit Service 0a38ef
Packit Service 0a38ef
Packit Service 0a38ef 
Usage
Packit Service 0a38ef 
=====
Packit Service 0a38ef
Packit Service 0a38ef 
Example inventory file
Packit Service 0a38ef
Packit Service 0a38ef 
```ini
Packit Service 0a38ef 
[ipaserver]
Packit Service 0a38ef 
ipaserver.test.local
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Example playbook to set global DNS configuration:
Packit Service 0a38ef
Packit Service 0a38ef 
```yaml
Packit Service 0a38ef 
---
Packit Service 0a38ef 
- name: Playbook to handle global DNS configuration
Packit Service 0a38ef 
  hosts: ipaserver
Packit Service 0a38ef 
  become: true
Packit Service 0a38ef
Packit Service 0a38ef 
  tasks:
Packit Service 0a38ef 
  # Set dnsconfig.
Packit Service 0a38ef 
  - ipadnsconfig:
Packit Service 0a38ef 
      forwarders:
Packit Service 0a38ef 
        - ip_address: 8.8.4.4
Packit Service 0a38ef 
        - ip_address: 2001:4860:4860::8888
Packit Service 0a38ef 
          port: 53
Packit Service 0a38ef 
      forward_policy: only
Packit Service 0a38ef 
      allow_sync_ptr: yes
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Example playbook to ensure a global forwarder, with a custom port, is absent:
Packit Service 0a38ef
Packit Service 0a38ef 
```yaml
Packit Service 0a38ef 
---
Packit Service 0a38ef 
- name: Playbook to handle global DNS configuration
Packit Service 0a38ef 
  hosts: ipaserver
Packit Service 0a38ef 
  become: true
Packit Service 0a38ef
Packit Service 0a38ef 
  tasks:
Packit Service 0a38ef 
  # Ensure global forwarder with a custom port is absent.
Packit Service 0a38ef 
  - ipadnsconfig:
Packit Service 0a38ef 
      forwarders:
Packit Service 0a38ef 
          - ip_address: 2001:4860:4860::8888
Packit Service 0a38ef 
            port: 53
Packit Service 0a38ef 
      state: absent
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Example playbook to disable global forwarders:
Packit Service 0a38ef
Packit Service 0a38ef 
```yaml
Packit Service 0a38ef 
---
Packit Service 0a38ef 
- name: Playbook to disable global DNS forwarders
Packit Service 0a38ef 
  hosts: ipaserver
Packit Service 0a38ef 
  become: true
Packit Service 0a38ef
Packit Service 0a38ef 
  tasks:
Packit Service 0a38ef 
  # Disable global forwarders.
Packit Service 0a38ef 
  - ipadnsconfig:
Packit Service 0a38ef 
      forward_policy: none
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Example playbook to change global forward policy:
Packit Service 0a38ef
Packit Service 0a38ef 
```yaml
Packit Service 0a38ef 
---
Packit Service 0a38ef 
- name: Playbook to change global forward policy
Packit Service 0a38ef 
  hosts: ipaserver
Packit Service 0a38ef 
  become: true
Packit Service 0a38ef
Packit Service 0a38ef 
  tasks:
Packit Service 0a38ef 
  # Disable global forwarders.
Packit Service 0a38ef 
  - ipadnsconfig:
Packit Service 0a38ef 
      forward_policy: first
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Example playbook to disallow synchronization of forward (A, AAAA) and reverse (PTR) records:
Packit Service 0a38ef
Packit Service 0a38ef 
```yaml
Packit Service 0a38ef 
---
Packit Service 0a38ef 
- name: Playbook to disallow reverse synchronization.
Packit Service 0a38ef 
  hosts: ipaserver
Packit Service 0a38ef 
  become: true
Packit Service 0a38ef
Packit Service 0a38ef 
  tasks:
Packit Service 0a38ef 
  # Disable global forwarders.
Packit Service 0a38ef 
  - ipadnsconfig:
Packit Service 0a38ef 
      allow_sync_ptr: no
Packit Service 0a38ef 
```
Packit Service 0a38ef
Packit Service 0a38ef 
Variables
Packit Service 0a38ef 
=========
Packit Service 0a38ef
Packit Service 0a38ef 
ipadnsconfig
Packit Service 0a38ef 
------------
Packit Service 0a38ef
Packit Service 0a38ef 
Variable | Description | Required
Packit Service 0a38ef 
-------- | ----------- | --------
Packit Service 0a38ef 
`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
Packit Service 0a38ef 
`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
Packit Service 0a38ef 
`forwarders` | The list of forwarders dicts. Each `forwarders` dict entry has:| no
Packit Service 0a38ef 
  | `ip_address` - The IPv4 or IPv6 address of the DNS server. | yes
Packit Service 0a38ef 
  | `port` - The custom port that should be used on this server. | no
Packit Service 0a38ef 
`forward_policy` | The global forwarding policy. It can be one of `only`, `first`, or `none`.  | no
Packit Service 0a38ef 
`allow_sync_ptr` | Allow synchronization of forward (A, AAAA) and reverse (PTR) records (bool). | yes
Packit Service 0a38ef 
`state` | The state to ensure. It can be one of `present` or `absent`, default: `present`. | yes
Packit Service 0a38ef
Packit Service 0a38ef
Packit Service 0a38ef 
Authors
Packit Service 0a38ef 
=======
Packit Service 0a38ef
Packit Service 0a38ef 
Rafael Guterres Jeffman

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation