daniel/ansible-bind9-role
1
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Releases Wiki Activity
Files
28f8ca5c12e45ac07d3d966469d72bd5e3fc60ad
ansible-bind9-role/tasks/main.yml
Daniel Akulenok 28f8ca5c12
Some checks failed
Test / Lint (push) Failing after 7s
Details
Test / Lint (pull_request) Failing after 6s
Details
Test / Test (push) Has been skipped
Details
Test / Test (pull_request) Has been skipped
Details
fix: resolve ansible-lint errors 
- Quote octal file mode values (0640, 0750 -> '0640', '0750')
- Add 'Prepare' name to prepare.yml play
- Fix truthy value in .gitea/workflows/test.yaml (on -> 'on')
- Use role name 'bind9' instead of path in converge.yml
- Move tags to top-level for Deploy and Validate Configuration block
- Remove unnecessary comments to clean up code
- Ensure all YAML and Ansible files pass ansible-lint production profile
2026-01-28 23:20:56 +01:00

103 lines
2.6 KiB
YAML
Raw Blame History

---
# tasks file for bind9
- name: Install bind9
ansible.builtin.apt:
name: "{{ bind9_packages }}"
state: present
cache_valid_time: 3600
tags:
- bind9
- packages
- name: Ensure backup directory exists
ansible.builtin.file:
path: "{{ bind9_backup_dir }}"
state: directory
owner: root
group: root
mode: '0750'
when: bind9_backup_config is defined and bind9_backup_config | bool
- name: Deploy and Validate Configuration
tags:
- bind9
- template
block:
- name: Create backup of current config
ansible.builtin.copy:
src: "{{ bind9_cfgdir }}/{{ item.name }}"
dest: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
remote_src: true
owner: root
group: bind
mode: '0640'
failed_when: false # It's okay if the file doesn't exist yet
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
- name: Template named.conf.generator
ansible.builtin.template:
src: named.conf.generator.j2
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
owner: root
group: bind
mode: '0640'
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
register: _template_result
- name: Validate configuration using named-checkconf
ansible.builtin.command:
cmd: "named-checkconf -z {{ bind9_cfgdir }}/named.conf"
changed_when: false
rescue:
- name: Restore configuration from backup
ansible.builtin.copy:
src: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
dest: "{{ bind9_cfgdir }}/{{ item.name }}"
remote_src: true
owner: root
group: bind
mode: '0640'
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
failed_when: false # Best effort restore
- name: Fail due to invalid configuration
ansible.builtin.fail:
msg: |
Configuration validation failed. Changes have been reverted.
Check the logs for named-checkconf errors.
always:
- name: Remove backup files
ansible.builtin.file:
path: "{{ bind9_cfgdir }}/{{ item.name }}.bak"
state: absent
loop: "{{ bind9_config }}"
loop_control:
label: "{{ item.name }}"
when: bind9_backup_config | bool is false
tags:
- bind9
- template
notify:
- Backup bind config
- Restart bind
- name: Ensure the named service is started
ansible.builtin.service:
name: named
state: started
enabled: true
- name: Print the bind9_config
ansible.builtin.debug:
var: bind9_config
when: bind9_debug_config | bool
Reference in New Issue View Git Blame Copy Permalink