ansible/unbound
ansible/unbound
2
0
Fork 0
Code Issues 1 Pull requests Activity
unbound/readme.md

2.7 KiB
Raw Blame History

Ansible Role: Unbound

Install and configure Unbound DNS server.

Variables

Variable Required Default Description
unbound_upstream_dns No ["8.8.8.8", "1.1.1.1"] Upstream DNS servers
unbound_allow_access Yes [] Networks allowed to query DNS
unbound_zones Yes [] DNS zones to configure

Example

unbound_upstream_dns:
  - "1.1.1.1"
  - "8.8.8.8"

unbound_allow_access:
  - name: "internal-lan"
    network: "10.0.0.0/8"
  - name: "dmz"
    network: "192.168.1.0/24"

unbound_zones:
  - zone: "internal.example.com"
    type: "static"
    records:

      # A records (default type)
      - name: "server1.internal.example.com"
        value: "10.0.1.10"

      # AAAA record
      - name: "server2.internal.example.com"
        type: "AAAA"
        value: "2001:db8::1"

      # CNAME record
      - name: "internal.example.com"
        type: "CNAME"
        value: "server1.internal.example.com"

      # MX record
      - name: "internal.example.com"
        type: "MX"
        priority: 10
        value: "mail.internal.example.com"

      # TXT record
      - name: "internal.example.com"
        type: "TXT"
        value: "v=spf1 include:internal.example.com ~all"

      # SRV record
      - name: "_sip._tcp.internal.example.com"
        type: "SRV"
        priority: 10
        weight: 60
        port: 5060
        value: "server1.internal.example.com"

      # PTR record (manual reverse DNS)
      - name: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"
        type: "PTR"
        value: "server1.internal.example.com"

Supported Record Types

Type Required Fields Description
A (default) name, value IPv4 address record
AAAA name, value, type IPv6 address record
CNAME name, value, type Canonical name
MX name, value, type, priority Mail exchange
TXT name, value, type Text record
SRV name, value, type, priority, weight, port Service locator
PTR name, value, type Pointer record

Reverse DNS

Reverse DNS (PTR) records are automatically generated for IPv4 A records in the following networks:

  • 192.168.x.x/16
  • 10.8.x.x/16
  • 10.0.x.x/16

IPv6 reverse DNS is not auto-generated. Use manual PTR records in a dedicated zone instead:

- zone: "8.b.d.0.1.0.0.2.ip6.arpa"
  type: "static"
  records:
    - name: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"
      type: "PTR"
      value: "server1.internal.example.com"