55 lines
1.6 KiB
Markdown
55 lines
1.6 KiB
Markdown
# Ansible Role: Unbound
|
|
|
|
Install and configure [Unbound](https://nlnetlabs.nl/projects/unbound/) DNS server.
|
|
|
|
## Variables
|
|
|
|
| Variable | Required | Default | Description |
|
|
|----------|----------|---------|-------------|
|
|
| `unbound_upstream_dns` | No | `["8.8.8.8", "1.1.1.1"]` | Upstream DNS servers |
|
|
| `unbound_allow_access` | Yes | `[]` | Networks allowed to query DNS |
|
|
| `unbound_zones` | Yes | `[]` | DNS zones to configure |
|
|
|
|
## Example
|
|
|
|
```yaml
|
|
unbound_upstream_dns:
|
|
- "1.1.1.1"
|
|
- "8.8.8.8"
|
|
|
|
unbound_allow_access:
|
|
- name: "internal-lan"
|
|
network: "10.0.0.0/8"
|
|
- name: "dmz"
|
|
network: "192.168.1.0/24"
|
|
|
|
unbound_zones:
|
|
- zone: "internal.example.com"
|
|
type: "static"
|
|
records:
|
|
- name: "server1.internal.example.com"
|
|
value: "10.0.1.10"
|
|
- name: "server2.internal.example.com"
|
|
value: "10.0.1.11"
|
|
- name: "internal.example.com"
|
|
type: "TXT"
|
|
value: "v=spf1 include:internal.example.com ~all"
|
|
- name: "_sip._tcp.internal.example.com"
|
|
type: "SRV"
|
|
priority: 10
|
|
weight: 60
|
|
port: 5060
|
|
value: "server1.internal.example.com"
|
|
```
|
|
|
|
## Supported Record Types
|
|
|
|
| Type | Required Fields | Description |
|
|
|------|----------------|-------------|
|
|
| `A` (default) | `name`, `value` | IPv4 address record |
|
|
| `AAAA` | `name`, `value`, `type` | IPv6 address record |
|
|
| `CNAME` | `name`, `value`, `type` | Canonical name |
|
|
| `MX` | `name`, `value`, `type`, `priority` | Mail exchange |
|
|
| `TXT` | `name`, `value`, `type` | Text record |
|
|
| `SRV` | `name`, `value`, `type`, `priority`, `weight`, `port` | Service locator |
|
|
| `PTR` | `name`, `value`, `type` | Pointer record |
|