From a468044c0337d1a2ac0dab2ce3efc4ad766f81a3 Mon Sep 17 00:00:00 2001 From: Mitchell Riedstra Date: Tue, 16 Dec 2025 23:02:49 -0500 Subject: Rework the NSD role to support more operating systems with minimal effort and duplication --- tasks/main.yml | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 6 deletions(-) (limited to 'tasks/main.yml') diff --git a/tasks/main.yml b/tasks/main.yml index ebb9733..158eb6f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,88 @@ --- -- name: Include Linux tasks - include_tasks: linux.yml - when: ansible_facts['system'].lower() == "linux" -- name: Include OpenBSD Tasks - include_tasks: openbsd.yml - when: ansible_facts['system'].lower() == "openbsd" +- name: 'Include OpenBSD vars' + include_vars: 'openbsd.yml' + when: is_openbsd +- name: 'Check for runit' + set_fact: + use_runit: true + when: is_alpine or is_voidlinux or is_deb +- name: 'VoidLinux: Install NSD' + xbps: + state: present + name: nsd + when: is_voidlinux +- name: 'Alpine: Install NSD' + apk: + state: present + name: nsd + when: is_alpine +- name: 'RHEL: Install epel' + yum: + state: present + name: epel-release + when: is_rhel +- name: 'RHEL: Install NSD' + yum: + state: present + name: nsd + when: is_rhel +- name: 'debian: Install NSD' + apt: + state: present + name: nsd + when: is_deb +- name: Install nsd.conf + template: + src: nsd/nsd.conf + dest: '{{nsd_conf}}' +- name: Ensure zone dir exists + file: + path: '{{zone_dir}}' + owner: '{{zone_owner}}' + group: '{{zone_group}}' + state: directory +- name: Install zone files + template: + src: 'zones/{{item}}' + dest: '{{zone_dir}}/{{item}}.zone' + validate: 'nsd-checkzone {{item}} %s' + owner: '{{zone_owner}}' + group: '{{zone_group}}' + mode: 0640 + loop: "{{nsd_zones}}" + notify: + - Restart NSD +- name: 'runit: create service directory' + file: + state: directory + path: /etc/sv/nsd + mode: '0755' + when: use_runit +- name: 'runit: Install service command' + template: + src: nsd/run.j2 + dest: /etc/sv/nsd/run + mode: '755' + when: use_runit +- name: 'runit: Install supervise symlink' + file: + state: link + force: yes + src: /run/supervise.nsd + dest: /etc/sv/nsd/supervise + follow: false + when: use_runit +- name: 'runit: Enable NSD' + file: + src: /etc/sv/nsd + dest: /var/service/nsd + owner: root + group: root + state: link + when: use_runit +- name: Enable NSD + service: + name: nsd + state: started + enabled: true + when: 'not use_runit' -- cgit v1.2.3