[AETHER-1000]
Allow reverse DNS lookups to work
NOTE: requires change in syntax used to define a zone - dns_zones no
longer works, must use dns_forward_zones/dns_reverse_zones
Fix multiplatform support
Change-Id: Ibd416b2da8853bc0b25ddec1774ddf9a9e1bf898
diff --git a/tasks/OpenBSD.yml b/tasks/OpenBSD.yml
index e64f33f..e067aa9 100644
--- a/tasks/OpenBSD.yml
+++ b/tasks/OpenBSD.yml
@@ -4,4 +4,8 @@
# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0
-# nothing to do here, OpenBSD already has NSD installed in base
+# NSD installed in base
+
+- name: Set unbound arguments for use with service module
+ set_fact:
+ nsd_arguments: "-c /var/nsd/etc/nsd.conf"
diff --git a/tasks/main.yml b/tasks/main.yml
index d6a9af6..2d28754 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -38,21 +38,28 @@
owner: root
group: "{{ nsd_groupname }}"
validate: "nsd-checkzone {{ item.key }} %s"
- with_dict: "{{ dns_zones }}"
+ with_dict: "{{ dns_forward_zones }}"
notify:
- reload-nsd
-# - name: Create DNS reverse zonefiles from template
-# template:
-# src: zone.reverse.j2
-# dest: "{{ nsd_zones_dir }}/{{ item.key }}.reverse"
-# mode: 0644
-# owner: root
-# group: "{{ nsd_groupname }}"
-# validate: "nsd-checkzone {{ item.value.ip_range | unbound_revdns }} %s"
-# with_dict: "{{ dns_zones }}"
-# notify:
-# - reload-nsd
+- name: Create DNS reverse zonefiles from template
+ template:
+ src: zone.reverse.j2
+ dest: "{{ nsd_zones_dir }}/{{ item.key | ipaddr('network') }}.reverse"
+ mode: 0644
+ owner: root
+ group: "{{ nsd_groupname }}"
+ validate: "nsd-checkzone {{ item.key | unbound_revdns }} %s"
+ with_dict: "{{ dns_reverse_zones }}"
+ notify:
+ - reload-nsd
+
+- name: Enable and start nsd
+ service:
+ name: "{{ nsd_service }}"
+ enabled: true
+ state: started
+ arguments: "{{ nsd_arguments | default(omit) }}"
- name: Flush handlers as listen addresses can conflict with unbound
meta: flush_handlers