ansible/unbound
ansible/unbound
2
0
Fork 0
Code Issues 1 Pull requests Activity
Ansible role for building DNS servers using Unbound
67 commits 1 branch 0 tags 78 KiB
  • Jinja 100%
Find a file
Simon Cornet 03c25e4aea feat: make defaults configurable
2026-05-06 17:38:44 +02:00
defaults feat: make defaults configurable 2026-05-06 17:38:44 +02:00
handlers fix: quotes 2025-10-25 15:07:27 +02:00
meta chore: rename meta/main.yml to meta/main.yaml 2026-02-16 10:44:28 +01:00
roles feat: use new ansible layout 2025-10-03 11:32:26 +02:00
tasks feat: add retries to apk 2025-12-01 09:32:43 +01:00
templates/unbound feat: make defaults configurable 2026-05-06 17:38:44 +02:00
.ansible-lint feat: initial commit 2025-07-14 14:19:39 +02:00
.gitignore feat: initial commit 2025-07-14 14:19:39 +02:00
.gitlab-ci.yml ci: move gitleaks to component 2026-01-19 17:17:01 +01:00
.markdownlint-cli2.jsonc feat: initial commit 2025-07-14 14:19:39 +02:00
.yamllint fix: remove extra ignore section from yamllint config 2026-02-10 08:51:14 +01:00
AGENTS.md chore: add AGENTS.md for opencode agents 2026-02-16 10:06:22 +01:00
playbook.yaml feat: implement new role layout 2025-11-01 13:26:10 +01:00
readme.md docs: improve readability 2026-05-06 17:03:41 +02:00
renovate.json feat: initial commit 2025-07-14 14:19:39 +02:00

readme.md

Ansible Role: Unbound

Install and configure Unbound DNS server.

Variables

Variable Required Default Description
unbound_upstream_dns No ["8.8.8.8", "1.1.1.1"] Upstream DNS servers
unbound_allow_access Yes [] Networks allowed to query DNS
unbound_zones Yes [] DNS zones to configure

Example

unbound_upstream_dns:
  - "1.1.1.1"
  - "8.8.8.8"

unbound_allow_access:
  - name: "internal-lan"
    network: "10.0.0.0/8"
  - name: "dmz"
    network: "192.168.1.0/24"

unbound_zones:
  - zone: "internal.example.com"
    type: "static"
    records:

      # A records (default type)
      - name: "server1.internal.example.com"
        value: "10.0.1.10"

      # AAAA record
      - name: "server2.internal.example.com"
        type: "AAAA"
        value: "2001:db8::1"

      # CNAME record
      - name: "internal.example.com"
        type: "CNAME"
        value: "server1.internal.example.com"

      # MX record
      - name: "internal.example.com"
        type: "MX"
        priority: 10
        value: "mail.internal.example.com"

      # TXT record
      - name: "internal.example.com"
        type: "TXT"
        value: "v=spf1 include:internal.example.com ~all"

      # SRV record
      - name: "_sip._tcp.internal.example.com"
        type: "SRV"
        priority: 10
        weight: 60
        port: 5060
        value: "server1.internal.example.com"

      # PTR record (manual reverse DNS)
      - name: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"
        type: "PTR"
        value: "server1.internal.example.com"

Supported Record Types

Type Required Fields Description
A (default) name, value IPv4 address record
AAAA name, value, type IPv6 address record
CNAME name, value, type Canonical name
MX name, value, type, priority Mail exchange
TXT name, value, type Text record
SRV name, value, type, priority, weight, port Service locator
PTR name, value, type Pointer record

Reverse DNS

Reverse DNS (PTR) records are automatically generated for IPv4 A records in the following networks:

  • 192.168.x.x/16
  • 10.8.x.x/16
  • 10.0.x.x/16

IPv6 reverse DNS is not auto-generated.
Use manual PTR records in a dedicated zone instead.