add names for public interfaces, add apt-cacher-ng role
diff --git a/cord-single-playbook.yml b/cord-single-playbook.yml
index 1abd9d3..0e28450 100644
--- a/cord-single-playbook.yml
+++ b/cord-single-playbook.yml
@@ -17,6 +17,7 @@
roles:
- common-prep
- cloudlab-prep
+ - apt-cacher-ng
- name: DNS Server Setup
hosts: head
diff --git a/roles/apt-cacher-ng/defaults/main.yml b/roles/apt-cacher-ng/defaults/main.yml
new file mode 100644
index 0000000..f54e9cc
--- /dev/null
+++ b/roles/apt-cacher-ng/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+# apt-cacher-ng/defaults/main.yml
+
+apt_cacher_ip: 127.0.0.1
+apt_cacher_port: 3142
+
diff --git a/roles/apt-cacher-ng/handlers/main.yml b/roles/apt-cacher-ng/handlers/main.yml
new file mode 100644
index 0000000..cdc9735
--- /dev/null
+++ b/roles/apt-cacher-ng/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+# apt-cacher-ng/handlers/main.yml
+
+- name: restart apt-cacher-ng
+ service:
+ name=apt-cacher-ng
+ state=restarted
diff --git a/roles/apt-cacher-ng/tasks/main.yml b/roles/apt-cacher-ng/tasks/main.yml
new file mode 100644
index 0000000..a8b9d90
--- /dev/null
+++ b/roles/apt-cacher-ng/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+# roles/apt-cacher-ng/tasks
+
+- name: Install apt-cacher-ng with apt
+ apt:
+ name={{ item }}
+ update_cache=yes
+ cache_valid_time=3600
+ with_items:
+ - apt-cacher-ng
+
+- name: Configure apt-cacher-ng to pass through ssl repos
+ when: apt_ssl_sites is defined
+ lineinfile:
+ 'dest=/etc/apt-cacher-ng/acng.conf
+ insertafter="^# PassThroughPattern"
+ regexp="^PassThroughPattern"
+ line="PassThroughPattern: ({{ apt_ssl_sites | join(\"|\")}}):443$"'
+ notify:
+ restart apt-cacher-ng
+
+- name: Configure local system to use apt-cacher-ng
+ template:
+ src=02apt-cacher-ng.j2
+ dest=/etc/apt/apt.conf.d/02apt-cacher-ng
+ mode=0644 owner=root group=root
+
diff --git a/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2 b/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2
new file mode 100644
index 0000000..b07ba88
--- /dev/null
+++ b/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2
@@ -0,0 +1 @@
+Acquire::http { Proxy "http://{{ apt_cacher_ip }}:{{ apt_cacher_port }}"; };
diff --git a/roles/dns-nsd/templates/zone.forward.j2 b/roles/dns-nsd/templates/zone.forward.j2
index f5f8d4e..895d8a3 100644
--- a/roles/dns-nsd/templates/zone.forward.j2
+++ b/roles/dns-nsd/templates/zone.forward.j2
@@ -11,16 +11,24 @@
3600 ; Expire [1hr]
60 ; Min TTL [1m]
)
-
+
; Name Servers
{% for ns in item.ns %}
IN NS {{ ns.name ~ '.' ~ item.name }}.
{% endfor %}
-
-{% set nodes = vars[item.nodelist] %}
-
;A and CNAME records
+{% if name_on_public_interface is defined %}
+{{ name_on_public_interface }} IN A {{ ansible_default_ipv4.address }}
+{% endif %}
+{% if item.aliases is defined %}
+{% for alias in item.aliases %}
+{{ alias.name }} IN CNAME {{ alias.dest }}
+{% endfor %}
+{% endif %}
+
+; Set from list of nodes
+{% set nodes = vars[item.nodelist] %}
{% for node in nodes %}
{{ node.name }} IN A {{ item.ipv4_first_octets ~ "." ~ node.ipv4_last_octet }}
{% if node.aliases is defined %}
diff --git a/vars/cord.yml b/vars/cord.yml
index 8474e00..24710ef 100644
--- a/vars/cord.yml
+++ b/vars/cord.yml
@@ -23,6 +23,12 @@
ns:
- { name: ns1 }
nodelist: head_vm_list
+ aliases:
+ - { name: "ns1" , dest: "head" }
+ - { name: "ns" , dest: "head" }
+ - { name: "apt-cache" , dest: "head" }
+
+name_on_public_interface: head
# If true, unbound listens on the head node's `ansible_default_ipv4` interface
unbound_listen_on_default: True