#!/usr/bin/env ansible-playbook --- # Deploy recursive DNS cache server - hosts: dns_recursive roles: - bind-recursive # Deploy authoritative DNS server - hosts: dns_authoritative vars: certbot_dns_secret: "{{ vault_certbot_dns_secret }}" certbot_adm_dns_secret: "{{ vault_certbot_adm_dns_secret }}" bind: masters: "{{ query('ldap', 'role', 'dns-primary') }}" slaves: "{{ query('ldap', 'role', 'dns-secondary') }}" zones: "{{ (lookup('re2oapi', 'dnszones') + query('ldap', 'zones')) | unique }}" reverse: "{{ lookup('re2oapi', 'dnsreverse') }}" roles: - bind-authoritative - hosts: dns_auth_master vars: re2o: server: re2o.adm.crans.org service_user: "{{ vault_re2o_service_user }}" service_password: "{{ vault_re2o_service_password }}" roles: - dns