ansible/unbound
ansible/unbound
2
0
Fork 0
Code Issues 1 Pull requests Activity
Ansible role for building DNS servers using Unbound
68 commits 1 branch 0 tags 78 KiB
  • Jinja 100%
Find a file
Simon Cornet e430d6cb00
All checks were successful
ci/woodpecker/push/linting Pipeline was successful
Details
ci: migrate from gitlab ci to woodpecker
2026-05-15 14:13:49 +02:00
.woodpecker ci: migrate from gitlab ci to woodpecker 2026-05-15 14:13:49 +02:00
defaults feat: make defaults configurable 2026-05-06 17:38:44 +02:00
handlers fix: quotes 2025-10-25 15:07:27 +02:00
meta chore: rename meta/main.yml to meta/main.yaml 2026-02-16 10:44:28 +01:00
roles ci: migrate from gitlab ci to woodpecker 2026-05-15 14:13:49 +02:00
tasks feat: add retries to apk 2025-12-01 09:32:43 +01:00
templates/unbound feat: make defaults configurable 2026-05-06 17:38:44 +02:00
.ansible-lint ci: migrate from gitlab ci to woodpecker 2026-05-15 14:13:49 +02:00
.gitignore feat: initial commit 2025-07-14 14:19:39 +02:00
.markdownlint-cli2.jsonc ci: migrate from gitlab ci to woodpecker 2026-05-15 14:13:49 +02:00
.yamllint fix: remove extra ignore section from yamllint config 2026-02-10 08:51:14 +01:00
AGENTS.md chore: add AGENTS.md for opencode agents 2026-02-16 10:06:22 +01:00
playbook.yaml feat: implement new role layout 2025-11-01 13:26:10 +01:00
readme.md ci: migrate from gitlab ci to woodpecker 2026-05-15 14:13:49 +02:00
renovate.json feat: initial commit 2025-07-14 14:19:39 +02:00

readme.md

Ansible Role: Unbound

Install and configure Unbound DNS server.

Variables

Variable Required Default Description
unbound_upstream_dns No ["8.8.8.8", "1.1.1.1"] Upstream DNS servers
unbound_allow_access Yes [] Networks allowed to query DNS
unbound_zones Yes [] DNS zones to configure

Example

unbound_upstream_dns:
  - "1.1.1.1"
  - "8.8.8.8"

unbound_allow_access:
  - name: "internal-lan"
    network: "10.0.0.0/8"
  - name: "dmz"
    network: "192.168.1.0/24"

unbound_zones:
  - zone: "internal.example.com"
    type: "static"
    records:

      # A records (default type)
      - name: "server1.internal.example.com"
        value: "10.0.1.10"

      # AAAA record
      - name: "server2.internal.example.com"
        type: "AAAA"
        value: "2001:db8::1"

      # CNAME record
      - name: "internal.example.com"
        type: "CNAME"
        value: "server1.internal.example.com"

      # MX record
      - name: "internal.example.com"
        type: "MX"
        priority: 10
        value: "mail.internal.example.com"

      # TXT record
      - name: "internal.example.com"
        type: "TXT"
        value: "v=spf1 include:internal.example.com ~all"

      # SRV record
      - name: "_sip._tcp.internal.example.com"
        type: "SRV"
        priority: 10
        weight: 60
        port: 5060
        value: "server1.internal.example.com"

      # PTR record (manual reverse DNS)
      - name: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa"
        type: "PTR"
        value: "server1.internal.example.com"

Supported Record Types

Type Required Fields Description
A (default) name, value IPv4 address record
AAAA name, value, type IPv6 address record
CNAME name, value, type Canonical name
MX name, value, type, priority Mail exchange
TXT name, value, type Text record
SRV name, value, type, priority, weight, port Service locator
PTR name, value, type Pointer record

Reverse DNS

Reverse DNS (PTR) records are automatically generated for IPv4 A records in the following networks:

  • 192.168.x.x/16
  • 10.8.x.x/16
  • 10.0.x.x/16

IPv6 reverse DNS is not auto-generated.
Use manual PTR records in a dedicated zone instead.