2026-02-07 23:21:36 +00:00
2 changed files with 26 additions and 3 deletions
--- a/molecule/bind9-20/prepare.yml
+++ b/molecule/bind9-20/prepare.yml
@@ -5,3 +5,10 @@
    - name: Update package cache
      ansible.builtin.apt:
        update_cache: true
+
+    - name: Install DNS query tools (dnsutils)
+      ansible.builtin.apt:
+        name:
+          - dnsutils
+          - bind9-doc
+        state: present
--- a/molecule/bind9-20/verify.yml
+++ b/molecule/bind9-20/verify.yml
@@ -86,9 +86,16 @@
          - __dns_query.stdout_lines | length > 0
        fail_msg: DNS forwarding is not working

+    - name: Validate configuration syntax with named-checkconf
+      ansible.builtin.command:
+        cmd: named-checkconf /etc/bind/named.conf
+      register: __named_checkconf
+      changed_when: false
+      failed_when: __named_checkconf.rc != 0
+
    - name: Check BIND logs for errors
      ansible.builtin.command:
-        cmd: tail -20 /var/log/named/default.log
+        cmd: tail -30 /var/log/named/default.log
      register: __bind_logs
      changed_when: false

@@ -97,7 +104,16 @@
        msg: "BIND logs:\n{{ __bind_logs.stdout }}"

    - name: Verify no critical errors in logs
+      ansible.builtin.shell: |
+        if grep -i "error" /var/log/named/default.log | grep -v "error reporting" > /dev/null; then
+          exit 1
+        fi
+      changed_when: false
+      failed_when: false
+      register: __error_check
+
+    - name: Assert no critical errors found
      ansible.builtin.assert:
        that:
-          - "'error' not in __bind_logs.stdout.lower() or 'error' in __bind_logs.stdout.lower() | regex_replace('error reporting', '')"
-        fail_msg: Found errors in BIND logs
+          - __error_check.rc == 0
+        fail_msg: Found critical errors in BIND logs