DNS Integration

This commit is contained in:
Stefan Hoffmann 2016-05-28 12:26:12 +02:00
parent 3e4b83d964
commit 2ce8651c26
2 changed files with 18 additions and 36 deletions

View File

@ -4,18 +4,3 @@ zone "fftdf" {
type master; type master;
file "/etc/bind/fftdf/db.fftdf"; file "/etc/bind/fftdf/db.fftdf";
}; };
zone "nodes.fftdf" {
type master;
file "/etc/bind/fftdf/db.nodes.fftdf";
};
zone "188.10.in-addr.arpa" {
type master;
file "/etc/bind/fftdf/db.188.10";
};
zone "5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa" {
type master;
file "/etc/bind/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa";
};

View File

@ -3,13 +3,12 @@
# ansible troisdorf4 -u root -m raw -a "apt-get update && apt-get install python -y" # ansible troisdorf4 -u root -m raw -a "apt-get update && apt-get install python -y"
- name: Install Freifunk Troisdorf super node - name: Install Freifunk Troisdorf super node
# hosts: FreifunkSupernodesL2TP
hosts: '{{ target }}' hosts: '{{ target }}'
sudo: False sudo: False
user: root user: root
gather_facts: False gather_facts: False
vars: vars:
snversion: master_v3.0.15 snversion: master_v3.0.14
batmanversion: v2015.2 batmanversion: v2015.2
common_required_packages: common_required_packages:
- git - git
@ -57,10 +56,10 @@
- tunneldigger.service - tunneldigger.service
- tunneldigger-backup.service - tunneldigger-backup.service
broker_cfg: broker_cfg:
- l2tp_broker-backup.cfg - l2tp_broker.cfg-backup.j2
- l2tp_broker.cfg - l2tp_broker.cfg.j2
# bind_zone_fftdf: bind_zone_fftdf:
# - named.conf.fftdf - named.conf.fftdf
check_gw_script: check_gw_script:
- keepalive.sh - keepalive.sh
authorized_keys: authorized_keys:
@ -76,8 +75,6 @@
raw: "sed -i '/deb cdrom/c\\#' /etc/apt/sources.list" raw: "sed -i '/deb cdrom/c\\#' /etc/apt/sources.list"
- name: Make this server ansible compatible - name: Make this server ansible compatible
raw: "apt-get update && apt-get install python -y" raw: "apt-get update && apt-get install python -y"
# - name: Add backport repo to source list #target: /etc/apt/sources.list.d
# apt_repository: repo='deb http://http.debian.net/debian jessie-backports main' state=present
- name: Update apt cache - name: Update apt cache
apt: update_cache=yes apt: update_cache=yes
- name: Gathering facts - name: Gathering facts
@ -130,17 +127,14 @@
shell: > shell: >
apt-get install linux-headers-$(uname -r) -y apt-get install linux-headers-$(uname -r) -y
when: aptupdates.changed when: aptupdates.changed
# Install Batman-adv and batctl #
- name: Get batman-adv - name: Get batman-adv
git: repo=https://git.open-mesh.org/batman-adv.git git: repo=https://git.open-mesh.org/batman-adv.git
dest=/tmp/batman-adv dest=/tmp/batman-adv
when: aptupdates.changed when: aptupdates.changed
register: getbatman register: getbatman
# - name: Get batman-adv no rebrotcast patch
# get_url: url=http://map.freifunk-moehne.de/stuff/1001-batman-adv-introduce-no_rebroadcast-option.patch dest=/tmp/batman-adv/1001-batman-adv-introduce-no_rebroadcast-option.patch
# when: getbatman.changed
- name: Install batman-adv - name: Install batman-adv
shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && make && make install shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && make && make install
# shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && git apply 1001-batman-adv-introduce-no_rebroadcast-option.patch && make && make install
when: getbatman.changed when: getbatman.changed
- name: Get batctl - name: Get batctl
git: repo=http://git.open-mesh.org/batctl.git git: repo=http://git.open-mesh.org/batctl.git
@ -150,8 +144,8 @@
- name: Install batctl - name: Install batctl
shell: cd /tmp/batctl && git checkout {{ batmanversion }} && make && make install shell: cd /tmp/batctl && git checkout {{ batmanversion }} && make && make install
when: getbatctl.changed when: getbatctl.changed
# Install Tunneldigger #
- name: Get Tunneldigger - name: Get Tunneldigger
# git: repo=https://github.com/wlanslovenija/tunneldigger.git
git: repo=https://github.com/ffrl/tunneldigger.git git: repo=https://github.com/ffrl/tunneldigger.git
dest=/srv/tunneldigger dest=/srv/tunneldigger
register: tunneldigger register: tunneldigger
@ -165,7 +159,7 @@
pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/ pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/
when: tunneldigger.changed when: tunneldigger.changed
- name: Copy l2tp broker config template - name: Copy l2tp broker config template
template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444 template: src=./files/{{ item }} dest=/srv/ owner=root group=root mode=0444
with_items: broker_cfg with_items: broker_cfg
when: tunneldigger.changed when: tunneldigger.changed
- name: Copy tunneldigger script template - name: Copy tunneldigger script template
@ -175,8 +169,8 @@
copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500 copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500
with_items: tunneldigger_scripts with_items: tunneldigger_scripts
when: tunneldigger.changed when: tunneldigger.changed
- name: Copy tunneldigger service template - name: Copy tunneldigger service file
copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444 copy: src=./files/{{ item }} dest=/etc/systemd/system/ owner=root group=root mode=0444
with_items: tunneldigger_service with_items: tunneldigger_service
when: tunneldigger.changed when: tunneldigger.changed
- name: Tunneldigger reload - name: Tunneldigger reload
@ -184,7 +178,6 @@
with_items: with_items:
- systemctl daemon-reload - systemctl daemon-reload
- systemctl enable tunneldigger.service - systemctl enable tunneldigger.service
- systemctl enable tunneldigger-backup.service
when: tunneldigger.changed when: tunneldigger.changed
- name: Copy logrotate config - name: Copy logrotate config
copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500 copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500
@ -253,13 +246,17 @@
- name: SSH authorized_keys - name: SSH authorized_keys
copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400 copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400
with_items: authorized_keys with_items: authorized_keys
# - name: Copy secondary zone file
# copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644
# with_items: bind_zone_fftdf
- name: Bind9, activate fftdf zone - name: Bind9, activate fftdf zone
lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/named.conf.fftdf";' state=present lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/fftdf/fftdf.conf";' state=present
- name: Copy option template - name: Copy option template
template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644 template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644
- name: Create fftdf directory
file: path=/etc/bind/fftdf state=directory
- name: Copy FFTDF Zones
copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644
with_items:
- fftdf.conf
- db.fftdf
- name: Copy radvd config template - name: Copy radvd config template
template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444 template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444
- name: Interface configuration with ffrl gre tunnel - name: Interface configuration with ffrl gre tunnel