dubzland.bind9.bind9_server role – Installs and configures the Bind9 DNS server.

Note

This role is part of the dubzland.bind9 collection (version 0.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install dubzland.bind9.

To use it in a playbook, specify: dubzland.bind9.bind9_server.

Entry point main – Installs and configures the Bind9 DNS server.

Synopsis

  • Installs the bind9 server package

  • Creates and applies the server configuration

Parameters

Parameter

Comments

bind9_server_acls

list / elements=dictionary

List of ACLs to be configured

matches

list / elements=string / required

Addresses to match on this ACL

name

string / required

Name of the ACL

bind9_server_cache_dir

path / required

Directory to contain cached (slave) zone files

bind9_server_controls

list / elements=dictionary

List of rndc control channels.

address

string

allow

list / elements=string / required

control_type

string / required

Choices:

  • "inet"

  • "unix"

keys

list / elements=string

port

integer

bind9_server_enabled

boolean / required

Should bind9 be enabled after install

Choices:

  • false

  • true

bind9_server_forwarders

list / elements=string

Upstream servers to forward queries to

bind9_server_include_default_rndc_key

boolean / required

Should the system-generated rndc.key file be included?

Choices:

  • false

  • true

bind9_server_keys

list / elements=dictionary

List of TSIG keys to be installed and included.

algorithm

string / required

Algorithm used to generate the key

Choices:

  • "hmac-md5"

  • "hmac-sha1"

  • "hmac-sha224"

  • "hmac-sha256"

  • "hmac-sha384"

  • "hmac-sha512"

name

string / required

Key name (file name with `.key` appended)

secret

string / required

TSIG key data

bind9_server_keys_dir

path / required

Directory where TSIG keys will be stored

bind9_server_listeners_ipv4

list / elements=string

Local IPv4 addresses the server should bind to.

bind9_server_listeners_ipv6

list / elements=string

Local IPv6 addresses the server should bind to.

bind9_server_options

dictionary

Global server options

allow_new_zones

boolean

Choices:

  • false

  • true

allow_query

list / elements=string

allow_query_cache

list / elements=string

allow_query_cache_on

list / elements=string

allow_query_on

list / elements=string

allow_recursion

list / elements=string

allow_recursion_on

list / elements=string

allow_transfer

dictionary

matches

list / elements=string / required

port

integer

transport

string

allow_update

list / elements=string

allow_update_forwarding

list / elements=string

also_notify

dictionary

ipv4_addresses

list / elements=dictionary

address

string / required

port

integer

ipv6_addresses

list / elements=dictionary

address

string / required

port

integer

key

string

port

integer

servers

list / elements=string

tls

string

boolean

Choices:

  • false

  • true

attach_cache

string

auth_nxdomain

boolean

Choices:

  • false

  • true

automatic_interface_scan

boolean

Choices:

  • false

  • true

bindkeys_file

string

blackhole

list / elements=string

dnssec_validation

string

Choices:

  • "yes"

  • "no"

  • "auto"

keep_response_order

list / elements=string

request_ixfr

boolean

Choices:

  • false

  • true

bind9_server_servers

list / elements=dictionary

Upstream server configuration.

host

string / required

IP address of the upstream server being configured.

keys

list / elements=string / required

RNDC keys previously defined to associate with this server.

bind9_server_zone_dir

path / required

Path to store authoritative zone files

bind9_server_zones

list / elements=dictionary

List of zones directly processed by this server

file

path

File on disk containing zone data

masters

list / elements=string

Primary nameservers for this zone

name

string / required

Name of this zone (and its filename)

primaries

list / elements=string

Primary nameservers for this zone

type

string / required

Type of zone being processed

Choices:

  • "master"

  • "primary"

  • "slave"

  • "secondary"

  • "mirror"

  • "hint"

  • "stub"

  • "static-stub"

  • "forward"

  • "redirect"

  • "delegation-only"

zone_options

dictionary

allow_query

list / elements=string

allow_query_on

list / elements=string

allow_transfer

list / elements=string

allow_update

list / elements=string

notify

string

Choices:

  • "explicit"

  • "master-only"

  • "primary-only"

  • "yes"

  • "no"