From 318531c9a4a3fd2c9ac13809f7067a1fe27ae65b Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Fri, 2 Oct 2020 11:06:41 +0200 Subject: [PATCH 1/2] Remove 4.0 and 4.1, as they are EOL --- vars/main.yml | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/vars/main.yml b/vars/main.yml index ee1cc1b..f1583c5 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -11,24 +11,6 @@ pdns_rec_powerdns_repo_master: yum_debug_symbols_repo_baseurl: "https://repo.powerdns.com/centos/$basearch/$releasever/rec-master/debug" name: "powerdns-rec-master" -pdns_rec_powerdns_repo_40: - apt_repo_origin: "repo.powerdns.com" - apt_repo: "deb [arch=amd64] https://repo.powerdns.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }}-rec-40 main" - gpg_key: "https://repo.powerdns.com/FD380FBB-pub.asc" - gpg_key_id: "9FAAA5577E8FCF62093D036C1B0C6205FD380FBB" - yum_repo_baseurl: "https://repo.powerdns.com/centos/$basearch/$releasever/rec-40" - yum_debug_symbols_repo_baseurl: "https://repo.powerdns.com/centos/$basearch/$releasever/rec-40/debug" - name: "powerdns-rec-40" - -pdns_rec_powerdns_repo_41: - apt_repo_origin: "repo.powerdns.com" - apt_repo: "deb [arch=amd64] https://repo.powerdns.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }}-rec-41 main" - gpg_key: "https://repo.powerdns.com/FD380FBB-pub.asc" - gpg_key_id: "9FAAA5577E8FCF62093D036C1B0C6205FD380FBB" - yum_repo_baseurl: "https://repo.powerdns.com/centos/$basearch/$releasever/rec-41" - yum_debug_symbols_repo_baseurl: "https://repo.powerdns.com/centos/$basearch/$releasever/rec-41/debug" - name: "powerdns-rec-41" - pdns_rec_powerdns_repo_42: apt_repo_origin: "repo.powerdns.com" apt_repo: "deb [arch=amd64] https://repo.powerdns.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }}-rec-42 main" From f7205613cb7dac1121cc30859a5c49a65f6066ab Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Fri, 2 Oct 2020 11:18:53 +0200 Subject: [PATCH 2/2] Update Readme --- README.md | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e65563a..e09cc4b 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ An Ansible role created by the folks behind PowerDNS to setup the [PowerDNS Recu ## Requirements -An Ansible 2.2 or higher installation. +An Ansible 2.7 or higher installation. ## Dependencies @@ -32,17 +32,17 @@ By default, the PowerDNS Recursor is installed from the software repositories co - { role: PowerDNS.pdns_recursor, pdns_rec_install_repo: "{{ pdns_rec_powerdns_repo_master }}" } -# Install the PowerDNS Recursor from the '4.1.x' official repository +# Install the PowerDNS Recursor from the '4.3.x' official repository - hosts: pdns-recursors roles: - { role: PowerDNS.pdns_recursor, - pdns_rec_install_repo: "{{ pdns_rec_powerdns_repo_41 }}" } + pdns_rec_install_repo: "{{ pdns_rec_powerdns_repo_43 }}" } -# Install the PowerDNS Recursor from the '4.2.x' official repository +# Install the PowerDNS Recursor from the '4.4.x' official repository - hosts: pdns-recursors roles: - { role: PowerDNS.pdns_recursor, - pdns_rec_install_repo: "{{ pdns_rec_powerdns_repo_42 }}" } + pdns_rec_install_repo: "{{ pdns_rec_powerdns_repo_44 }}" } ``` The examples above, show how to install the PowerDNS Recursor from the official PowerDNS repositories @@ -206,6 +206,23 @@ Allow traffic from multiple networks and set some custom ulimits overriding the - { role: PowerDNS.pdns_recursor } ``` +Allow traffic from multiple networks and set some custom ulimits overriding the default systemd service, +but keeping in the default overrides from this role. This is recommended when using PowerDNS 4.3 and up. + +```yaml +- hosts: pdns-recursors + vars: + pdns_rec_config: + allow-from: + - "198.51.100.0/24" + - "203.0.113.53/24" + local-address: "203.0.113.53:5300" + pdns_rec_service_overrides: '{{ default_pdns_rec_service_overrides | combine({"LimitNOFILE": 10000})' + roles: + - { role: PowerDNS.pdns_recursor } +``` + + Forward queries for corp.example.net to a nameserver on localhost and queries for foo.example to other nameservers: ```yaml @@ -235,7 +252,7 @@ To test all the scenarios run To run a custom molecule command - $ tox -e py27-ansible22 -- molecule test -s pdns-rec-42 + $ tox -e py36-ansible28 -- molecule test -s pdns-rec-42 ## License