infra/ansible-role-powerdns
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-powerdns/README.md
nd e7f8d0071f
updated readme
2020-05-15 11:00:54 +02:00

103 lines
2 KiB
Markdown
Raw Blame History

# PowerDNS
All configuration is to be placed inside the `powerdns` dict.
```
# key:value of config values
config:
"allow-axfr-ips":
- ::1
- 127.0.0.0/8
"bind-config": /etc/powerdns/backends/bind.conf
"config-dir": /etc/powerdns
"daemon": "yes"
"default-ttl": 3600
"guardian": "yes"
"include-dir": "/etc/powerdns/pdns.d"
"launch":
bind: {}
"master": "no"
"reuseport": "yes"
"setgid": pdns
"setuid": pdns
"slave": "no"
"soa-minimum-ttl": 300
"tcp-control-secret": "{{ lookup('password', '/dev/null length=64') }}"
"version-string": "1"
# name: *zonemeta*, define meta data for zones. See below for definition
zonemeta: {}
# defaults for zone metadata, See **zonemeta** for definition.
zonemeta_defaults:
type: native
"allow-query":
- any
"allow-update":
- none
"allow-transfer":
- none
"slaves":
- none
# name: **zone**, define all dns zones. See below for definition.
zones: {}
```
**zonemeta**
```
# Can be master/slave/native
# See https://doc.powerdns.com/authoritative/backends/bind.html#master-slave-native-configuration
type: native
"allow-query":
- any
"allow-update":
- none
"allow-transfer":
- none
"slaves":
- none
```
## zone
The basic format is `<dns path>: { <record type>: [<value>, <value>] }`
It is possible to do short hand notations:
* If there is only a single value for an entry, you can omit the array and use ``<dns path>: { <record type>: <value> }`
* YAML anchors and merges are recommend for situations where a `CNAME` is not possible
* You can use hierachy to shorten paths. If you have `foo.example.com` and `bar.example.com` you could write
```
"example.com.":
foo:
A: 1.1.1.1
bar:
A: 1.1.1.1
```
For the `SOA` record, `##sequence##` is replaced by a generated sqeuence number.
Example for a zone:
```
"example.de":
SOA: "ns.example.de zonefile.example.de ##sequence## 1d 2h 4w 1h"
CAA: 0 issue "letsencrypt.org"
NS:
- ns0.example.de
- ns1.example.de
ns:
CNAME: ns0.example.de.
ns0:
A: 1.1.1.1
AAAA: ::5
git:
A:
- 2.2.2.2
- 3.3.3.3
AAAA: ::6
```
Reference in a new issue View git blame Copy permalink