jonathan/infra
1
0
Fork 0
Code Actions Activity

init unbound

Browse Source
This commit is contained in:
Jonathan DeMasi
2025-12-28 13:44:10 -07:00
parent cb4b3cd6f1
commit dd0f7b9341
5 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ansible/dns.yaml Normal file
View File

@@ -0,0 +1,6 @@
---
# file: dns.yaml
- hosts: dns
roles:
- common
- unbound

3
ansible/inventories/production/hosts.ini
View File

@@ -1,2 +1,5 @@
[gitea] [gitea]
git.jthan.io git.jthan.io
[dns]
rpi0.home.jthan.io

5
ansible/roles/unbound/handlers/main.yaml Normal file
View File

@@ -0,0 +1,5 @@
- name: Restart nginx
service:
name: unbound
state: restarted

28
ansible/roles/unbound/tasks/main.yaml Normal file
View File

@@ -0,0 +1,28 @@
- name: Install unbound
package:
name: "unbound"
state: present
- name: Enable unbound service
service:
name: unbound
enabled: yes
state: started
- name: Permit traffic in default zone on port 53/udp
ansible.posix.firewalld:
port: 53/udp
source: 192.0.1.0/24
permanent: true
state: enabled
immediate: true
offline: true
- name: Permit traffic in default zone on port 53/tcp
ansible.posix.firewalld:
port: 53/tcp
source: 192.0.1.0/24
permanent: true
state: enabled
immediate: true
offline: true

1
ansible/site.yaml
View File

@@ -2,3 +2,4 @@
# file: site.yaml # file: site.yaml
- import_playbook: webservers.yaml - import_playbook: webservers.yaml
- import_playbook: gitea.yaml - import_playbook: gitea.yaml
- import_playbook: dns.yaml