4625f2cb1e
- Update all examples to show new defaults (ignore_dnssec_records, ignore_soa_records, validate_records) - Add verbose output examples throughout documentation - Show global dns_server parameter usage - Remove all references to deprecated parallel_zones parameter - Update QUICK_START.md with new best practices - Update README.md with new feature descriptions - Update module EXAMPLES with verbose flag and current defaults - Update all example playbooks (nsupdate_zone_example.yml, sample_zone_format.yml) - Simplify examples by relying on sensible defaults
126 lines
3.3 KiB
YAML
126 lines
3.3 KiB
YAML
---
|
|
# Example playbook demonstrating nsupdate_zone module usage
|
|
|
|
- name: Manage DNS zones with nsupdate_zone
|
|
hosts: localhost
|
|
gather_facts: false
|
|
|
|
vars:
|
|
# TSIG authentication
|
|
dns_key_name: "nsupdate"
|
|
dns_key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
|
|
|
|
# Example zone records
|
|
example_com_records:
|
|
# Zone apex records
|
|
- record: 'example.com.'
|
|
type: A
|
|
value: 192.168.1.1
|
|
ttl: 3600
|
|
|
|
- record: 'example.com.'
|
|
type: MX
|
|
value:
|
|
- "10 mail1.example.com."
|
|
- "20 mail2.example.com."
|
|
|
|
- record: 'example.com.'
|
|
type: TXT
|
|
value:
|
|
- "v=spf1 mx a include:_spf.google.com ~all"
|
|
- "google-site-verification=abc123"
|
|
|
|
# Subdomains
|
|
- record: www
|
|
type: A
|
|
value:
|
|
- 192.168.1.10
|
|
- 192.168.1.11
|
|
ttl: 300
|
|
|
|
- record: blog
|
|
type: CNAME
|
|
value: www.example.com.
|
|
|
|
- record: mail1
|
|
type: A
|
|
value: 192.168.1.20
|
|
|
|
- record: mail2
|
|
type: A
|
|
value: 192.168.1.21
|
|
|
|
# Wildcard
|
|
- record: '*'
|
|
type: A
|
|
value: 192.168.1.100
|
|
|
|
# Remove old record
|
|
- record: old-server
|
|
type: A
|
|
value: 192.168.1.99
|
|
state: absent
|
|
|
|
tasks:
|
|
- name: Manage example.com zone
|
|
valid.nsupdate_zone.nsupdate_zone:
|
|
key_name: "{{ dns_key_name }}"
|
|
key_secret: "{{ dns_key_secret }}"
|
|
protocol: tcp
|
|
# SOA and DNSSEC records are ignored by default
|
|
ignore_record_patterns:
|
|
- '^_acme-challenge\..*'
|
|
- '^_dnsauth\..*'
|
|
verbose: true # Show per-record actions
|
|
zones:
|
|
- name: example.com
|
|
dns_server: ns1.example.com
|
|
records: "{{ example_com_records }}"
|
|
register: result
|
|
|
|
- name: Display results
|
|
debug:
|
|
var: result
|
|
|
|
- name: Show changes made
|
|
debug:
|
|
msg: |
|
|
Zone: {{ item.zone }}
|
|
Changed: {{ item.changed }}
|
|
Adds: {{ item.changes.adds }}
|
|
Deletes: {{ item.changes.deletes }}
|
|
Updates: {{ item.changes.updates }}
|
|
loop: "{{ result.results }}"
|
|
when: result.results is defined
|
|
|
|
# Example: Manage multiple zones with global dns_server
|
|
- name: Manage multiple zones with shared server
|
|
valid.nsupdate_zone.nsupdate_zone:
|
|
key_name: "{{ dns_key_name }}"
|
|
key_secret: "{{ dns_key_secret }}"
|
|
dns_server: ns1.example.com # Global server for all zones
|
|
verbose: true
|
|
zones:
|
|
- name: example.com
|
|
records:
|
|
- record: 'example.com.'
|
|
type: A
|
|
value: 192.168.1.1
|
|
|
|
- name: example.org
|
|
records:
|
|
- record: 'example.org.'
|
|
type: A
|
|
value: 192.168.2.1
|
|
|
|
- name: example.net
|
|
records:
|
|
- record: 'example.net.'
|
|
type: A
|
|
value: 192.168.3.1
|
|
register: multi_zone_result
|
|
|
|
- name: Show multi-zone results
|
|
debug:
|
|
msg: "Processed {{ multi_zone_result.results | length }} zones, {{ multi_zone_result.results | selectattr('changed', 'equalto', true) | list | length }} changed"
|