source-git / ansible-freeipa

Clone
Source Code
GIT

Blame README-dnsconfig.md

c8 c8s master
  1.   dd17a3c0b7b438c230173dbb879e73e191a307cd
  2.   README-dnsconfig.md
Blob History Raw
Packit Service 0f71a7 
DNSConfig module
Packit Service 0f71a7 
============
Packit Service 0f71a7
Packit Service 0f71a7 
Description
Packit Service 0f71a7 
-----------
Packit Service 0f71a7
Packit Service 0f71a7 
The dnsconfig module allows to modify global DNS configuration.
Packit Service 0f71a7
Packit Service 0f71a7
Packit Service 0f71a7 
Features
Packit Service 0f71a7 
--------
Packit Service 0f71a7 
* Global DNS configuration
Packit Service 0f71a7
Packit Service 0f71a7
Packit Service 0f71a7 
Supported FreeIPA Versions
Packit Service 0f71a7 
--------------------------
Packit Service 0f71a7
Packit Service 0f71a7 
FreeIPA versions 4.4.0 and up are supported by the ipadnsconfig module.
Packit Service 0f71a7
Packit Service 0f71a7
Packit Service 0f71a7 
Requirements
Packit Service 0f71a7 
------------
Packit Service 0f71a7
Packit Service 0f71a7 
**Controller**
Packit Service 0f71a7 
* Ansible version: 2.8+
Packit Service 0f71a7
Packit Service 0f71a7 
**Node**
Packit Service 0f71a7 
* Supported FreeIPA version (see above)
Packit Service 0f71a7
Packit Service 0f71a7
Packit Service 0f71a7 
Usage
Packit Service 0f71a7 
=====
Packit Service 0f71a7
Packit Service 0f71a7 
Example inventory file
Packit Service 0f71a7
Packit Service 0f71a7 
```ini
Packit Service 0f71a7 
[ipaserver]
Packit Service 0f71a7 
ipaserver.test.local
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Example playbook to set global DNS configuration:
Packit Service 0f71a7
Packit Service 0f71a7 
```yaml
Packit Service 0f71a7 
---
Packit Service 0f71a7 
- name: Playbook to handle global DNS configuration
Packit Service 0f71a7 
  hosts: ipaserver
Packit Service 0f71a7 
  become: true
Packit Service 0f71a7
Packit Service 0f71a7 
  tasks:
Packit Service 0f71a7 
  # Set dnsconfig.
Packit Service 0f71a7 
  - ipadnsconfig:
Packit Service 0f71a7 
      forwarders:
Packit Service 0f71a7 
        - ip_address: 8.8.4.4
Packit Service 0f71a7 
        - ip_address: 2001:4860:4860::8888
Packit Service 0f71a7 
          port: 53
Packit Service 0f71a7 
      forward_policy: only
Packit Service 0f71a7 
      allow_sync_ptr: yes
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Example playbook to ensure a global forwarder, with a custom port, is absent:
Packit Service 0f71a7
Packit Service 0f71a7 
```yaml
Packit Service 0f71a7 
---
Packit Service 0f71a7 
- name: Playbook to handle global DNS configuration
Packit Service 0f71a7 
  hosts: ipaserver
Packit Service 0f71a7 
  become: true
Packit Service 0f71a7
Packit Service 0f71a7 
  tasks:
Packit Service 0f71a7 
  # Ensure global forwarder with a custom port is absent.
Packit Service 0f71a7 
  - ipadnsconfig:
Packit Service 0f71a7 
      forwarders:
Packit Service 0f71a7 
          - ip_address: 2001:4860:4860::8888
Packit Service 0f71a7 
            port: 53
Packit Service 0f71a7 
      state: absent
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Example playbook to disable global forwarders:
Packit Service 0f71a7
Packit Service 0f71a7 
```yaml
Packit Service 0f71a7 
---
Packit Service 0f71a7 
- name: Playbook to disable global DNS forwarders
Packit Service 0f71a7 
  hosts: ipaserver
Packit Service 0f71a7 
  become: true
Packit Service 0f71a7
Packit Service 0f71a7 
  tasks:
Packit Service 0f71a7 
  # Disable global forwarders.
Packit Service 0f71a7 
  - ipadnsconfig:
Packit Service 0f71a7 
      forward_policy: none
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Example playbook to change global forward policy:
Packit Service 0f71a7
Packit Service 0f71a7 
```yaml
Packit Service 0f71a7 
---
Packit Service 0f71a7 
- name: Playbook to change global forward policy
Packit Service 0f71a7 
  hosts: ipaserver
Packit Service 0f71a7 
  become: true
Packit Service 0f71a7
Packit Service 0f71a7 
  tasks:
Packit Service 0f71a7 
  # Disable global forwarders.
Packit Service 0f71a7 
  - ipadnsconfig:
Packit Service 0f71a7 
      forward_policy: first
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Example playbook to disallow synchronization of forward (A, AAAA) and reverse (PTR) records:
Packit Service 0f71a7
Packit Service 0f71a7 
```yaml
Packit Service 0f71a7 
---
Packit Service 0f71a7 
- name: Playbook to disallow reverse synchronization.
Packit Service 0f71a7 
  hosts: ipaserver
Packit Service 0f71a7 
  become: true
Packit Service 0f71a7
Packit Service 0f71a7 
  tasks:
Packit Service 0f71a7 
  # Disable global forwarders.
Packit Service 0f71a7 
  - ipadnsconfig:
Packit Service 0f71a7 
      allow_sync_ptr: no
Packit Service 0f71a7 
```
Packit Service 0f71a7
Packit Service 0f71a7 
Variables
Packit Service 0f71a7 
=========
Packit Service 0f71a7
Packit Service 0f71a7 
ipadnsconfig
Packit Service 0f71a7 
------------
Packit Service 0f71a7
Packit Service 0f71a7 
Variable | Description | Required
Packit Service 0f71a7 
-------- | ----------- | --------
Packit Service 0f71a7 
`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
Packit Service 0f71a7 
`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
Packit Service 0f71a7 
`forwarders` | The list of forwarders dicts. Each `forwarders` dict entry has:| no
Packit Service 0f71a7 
  | `ip_address` - The IPv4 or IPv6 address of the DNS server. | yes
Packit Service 0f71a7 
  | `port` - The custom port that should be used on this server. | no
Packit Service 0f71a7 
`forward_policy` | The global forwarding policy. It can be one of `only`, `first`, or `none`.  | no
Packit Service 0f71a7 
`allow_sync_ptr` | Allow synchronization of forward (A, AAAA) and reverse (PTR) records (bool). | yes
Packit Service 0f71a7 
`state` | The state to ensure. It can be one of `present` or `absent`, default: `present`. | yes
Packit Service 0f71a7
Packit Service 0f71a7
Packit Service 0f71a7 
Authors
Packit Service 0f71a7 
=======
Packit Service 0f71a7
Packit Service 0f71a7 
Rafael Guterres Jeffman

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation