From f85a150e2502a9ec65eed2a3ae8bb04292208e67 Mon Sep 17 00:00:00 2001 From: alex Date: Sat, 4 Apr 2026 16:30:35 +0300 Subject: [PATCH] =?UTF-8?q?=D0=97=D0=B0=D0=B3=D1=80=D1=83=D0=B7=D0=B8?= =?UTF-8?q?=D1=82=D1=8C=20=D1=84=D0=B0=D0=B9=D0=BB=D1=8B=20=D0=B2=20=C2=AB?= =?UTF-8?q?provisioning=C2=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- provisioning/named.dns.lab.limit | 19 +++++++ provisioning/named.dns.lab.rev | 16 ++++++ provisioning/named.newdns.lab | 20 ++++++++ provisioning/named.zonetransfer.key | 4 ++ provisioning/playbook.yml | 78 +++++++++++++++++++++++++++++ 5 files changed, 137 insertions(+) create mode 100644 provisioning/named.dns.lab.limit create mode 100644 provisioning/named.dns.lab.rev create mode 100644 provisioning/named.newdns.lab create mode 100644 provisioning/named.zonetransfer.key create mode 100644 provisioning/playbook.yml diff --git a/provisioning/named.dns.lab.limit b/provisioning/named.dns.lab.limit new file mode 100644 index 0000000..938426b --- /dev/null +++ b/provisioning/named.dns.lab.limit @@ -0,0 +1,19 @@ +$TTL 3600 +$ORIGIN dns.lab. +@ IN SOA ns01.dns.lab. root.dns.lab. ( + 2711201407 ; serial + 3600 ; refresh (1 hour) + 600 ; retry (10 minutes) + 86400 ; expire (1 day) + 600 ; minimum (10 minutes) + ) + + IN NS ns01.dns.lab. + IN NS ns02.dns.lab. + +; DNS Servers +ns01 IN A 192.168.50.10 +ns02 IN A 192.168.50.11 + +;web1 +web1 IN A 192.168.50.15 diff --git a/provisioning/named.dns.lab.rev b/provisioning/named.dns.lab.rev new file mode 100644 index 0000000..3926824 --- /dev/null +++ b/provisioning/named.dns.lab.rev @@ -0,0 +1,16 @@ +$TTL 3600 +$ORIGIN 50.168.192.in-addr.arpa. +50.168.192.in-addr.arpa. IN SOA ns01.dns.lab. root.dns.lab. ( + 2711201407 ; serial + 3600 ; refresh (1 hour) + 600 ; retry (10 minutes) + 86400 ; expire (1 day) + 600 ; minimum (10 minutes) + ) + + IN NS ns01.dns.lab. + IN NS ns02.dns.lab. + +; DNS Servers +10 IN PTR ns01.dns.lab. +11 IN PTR ns02.dns.lab. diff --git a/provisioning/named.newdns.lab b/provisioning/named.newdns.lab new file mode 100644 index 0000000..7d7a4f9 --- /dev/null +++ b/provisioning/named.newdns.lab @@ -0,0 +1,20 @@ +$TTL 3600 +$ORIGIN newdns.lab. +@ IN SOA ns01.newdns.lab. root.newdns.lab. ( + 2711201407 ; serial + 3600 ; refresh (1 hour) + 600 ; retry (10 minutes) + 86400 ; expire (1 day) + 600 ; minimum (10 minutes) + ) + + IN NS ns01.newdns.lab. + IN NS ns02.newdns.lab. + +; DNS Servers +ns01 IN A 192.168.50.10 +ns02 IN A 192.168.50.11 + +;www +www IN A 192.168.50.15 +www IN A 192.168.50.20 diff --git a/provisioning/named.zonetransfer.key b/provisioning/named.zonetransfer.key new file mode 100644 index 0000000..d222c35 --- /dev/null +++ b/provisioning/named.zonetransfer.key @@ -0,0 +1,4 @@ +key "zonetransfer.key" { + algorithm hmac-md5; + secret "SB4Db9pJomyKxTNynlAq/g=="; +}; diff --git a/provisioning/playbook.yml b/provisioning/playbook.yml new file mode 100644 index 0000000..7ece0d5 --- /dev/null +++ b/provisioning/playbook.yml @@ -0,0 +1,78 @@ +--- +- hosts: all + become: yes + tasks: + + - name: update centos repo + shell: | + sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/CentOS* + sed -i s/^#.*baseurl=http/baseurl=http/g /etc/yum.repos.d/CentOS* + sed -i s/^mirrorlist=http/#mirrorlist=http/g /etc/yum.repos.d/CentOS* + + - name: install packages + yum: name={{ item }} state=latest + with_items: + - bind + - bind-utils + - ntp + + - name: copy transferkey to all servers and the client + copy: src=named.zonetransfer.key dest=/etc/named.zonetransfer.key owner=root group=named mode=0644 + +- hosts: ns01 + become: yes + tasks: + - name: copy named.conf + copy: src=master-named.conf dest=/etc/named.conf owner=root group=named mode=0640 + - name: copy zones + copy: src={{ item }} dest=/etc/named/ owner=root group=named mode=0660 + with_fileglob: + - named.d* + - named.new* + - name: copy resolv.conf to the servers + copy: src=servers-resolv.conf dest=/etc/resolv.conf owner=root group=root mode=0644 + + - name: set /etc/named permissions + file: path=/etc/named owner=root group=named mode=0670 + + - name: SELinux /etc/named + file: + path: /etc/named + setype: named_zone_t + recurse: yes + + - name: ensure named is running and enabled + service: name=named state=restarted enabled=yes + + + +- hosts: ns02 + become: yes + tasks: + - name: copy named.conf + copy: src=slave-named.conf dest=/etc/named.conf owner=root group=named mode=0640 + - name: copy resolv.conf to the servers + copy: src=servers-resolv.conf dest=/etc/resolv.conf owner=root group=root mode=0644 + + - name: set /etc/named permissions + file: path=/etc/named owner=root group=named mode=0670 + + - name: SELinux /etc/named + file: + path: /etc/named + setype: named_zone_t + recurse: yes + + - name: ensure named is running and enabled + service: name=named state=restarted enabled=yes + + +- hosts: client + become: yes + tasks: + - name: copy resolv.conf to the client + copy: src=client-resolv.conf dest=/etc/resolv.conf owner=root group=root mode=0644 + - name: copy rndc conf file + copy: src=rndc.conf dest=/home/vagrant/rndc.conf owner=vagrant group=vagrant mode=0644 + - name: copy motd to the client + copy: src=client-motd dest=/etc/motd owner=root group=root mode=0644