Playbook #1973
/home/ssh-gateway/ansible/kuly/install_superDNS.yaml
Execution
Date 18 Sep 2024 10:19:53 +0100
Duration 00:01:14.69
Controller ssh-gw-4.layershift.com
User root
Versions
Ansible 2.16.11
ara 1.7.2 / 1.7.2
Python 3.10.10
Summary
1 Hosts
6 Tasks
6 Results
1 Plays
1 Files
0 Records
remote_user:root check:False tags:all subset:ns1-test.man-1.solus.stage.town

File: /home/ssh-gateway/ansible/kuly/install_superDNS.yaml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
---
- name: Playbook to install SuperDNS PDNS on alma8
  hosts: all
  gather_facts: false
  tasks:
    - name: Add firewall rules
      ansible.builtin.shell: |
        set -o pipefail
        iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
        iptables -A INPUT -p udp -m udp --sport 53 -j ACCEPT
        iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
        iptables -A INPUT -p tcp -m tcp --sport 53 -j ACCEPT
        iptables -A INPUT -s 127.0.0.1 -p tcp -m tcp --dport 8081 -j ACCEPT
      args:
        executable: /bin/bash
      changed_when: false

    - name: Install prerequisite packages
      ansible.builtin.dnf:
        name:
          - epel-release
          - vim
          - wget
          - net-tools
          - bind-utils
        state: latest

    - name: Install MariaDB
      ansible.builtin.shell: |
        set -o pipefail
        dnf -y module reset mariadb
        dnf -y module install mariadb:10.11
        systemctl restart mariadb; systemctl enable mariadb
      args:
        executable: /bin/bash
      changed_when: false

    - name: Secure MariaDB installation
      ansible.builtin.shell: |
        set -o pipefail
        my_root_pass=`pwgen -s 20 | head -1`
        cat > /root/mysql_secure_install.sql << EOF
        ALTER USER 'root'@'localhost' IDENTIFIED BY '$my_root_pass';
        DELETE FROM mysql.user WHERE User='';
        DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
        DROP DATABASE IF EXISTS test;
        DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
        FLUSH PRIVILEGES;
        EOF
        mysql -sfu root < /root/mysql_secure_install.sql; rm -f /root/mysql_secure_install.sql
        echo -e "[mysql]\nuser=\"root\"\npassword=\"$my_root_pass\"" > /root/.my.cnf
      args:
        executable: /bin/bash
      changed_when: false

    - name: Install pdns packages
      ansible.builtin.dnf:
        name:
          - pdns
          - pdns-backend-mysql
          - pdns-tools
        state: latest
    - name: Create powertdns database
      ansible.builtin.shell: |
        set -o pipepfail
        mysql -e "CREATE DATABASE powerdns"
        mysql -e "CREATE USER 'powerdns'@'localhost' IDENTIFIED BY 'Lu6B1jvVEFvU'"
        mysql -e "GRANT ALL PRIVILEGES ON powerdns.* TO 'powerdns'@'localhost'"
        mysql -e "flush privileges"
        mysql powerdns < /usr/share/doc/pdns-backend-mysql/schema.mysql.sql
      args:
        executable: /bin/bash
      changed_when: false