From 4231743c105c97a0270ecf9dc4136b5c2abda6ec Mon Sep 17 00:00:00 2001
From: Paul Maruhn <paulmaruhn@posteo.de>
Date: Sat, 20 Nov 2021 02:01:13 +0100
Subject: [PATCH] split dns nameserver into different role

---
 playbook.yml                                  |  1 +
 roles/base/files/powerdns/recursor.lua        |  7 -----
 roles/base/tasks/main.yml                     |  6 ++--
 .../files/dnsdist/dnsdist.conf                |  0
 .../files/powerdns/bind.conf                  |  0
 .../files/powerdns/forward-zones.conf         |  0
 .../files/powerdns/pdns.conf                  |  0
 .../files/powerdns/recursor.conf              |  0
 .../files/scripts/update-dns.sh               |  2 +-
 .../files/systemd}/update-ffhl-dns.service    |  0
 .../files/systemd}/update-ffhl-dns.timer      |  0
 roles/ffhl_nameserver/tasks/main.yml          | 15 +++++++++
 .../tasks/powerdns.yml                        | 31 ++++++-------------
 13 files changed, 29 insertions(+), 33 deletions(-)
 delete mode 100644 roles/base/files/powerdns/recursor.lua
 rename roles/{base => ffhl_nameserver}/files/dnsdist/dnsdist.conf (100%)
 rename roles/{base => ffhl_nameserver}/files/powerdns/bind.conf (100%)
 rename roles/{base => ffhl_nameserver}/files/powerdns/forward-zones.conf (100%)
 rename roles/{base => ffhl_nameserver}/files/powerdns/pdns.conf (100%)
 rename roles/{base => ffhl_nameserver}/files/powerdns/recursor.conf (100%)
 rename roles/{base => ffhl_nameserver}/files/scripts/update-dns.sh (94%)
 rename roles/{base/files/etc/systemd/system => ffhl_nameserver/files/systemd}/update-ffhl-dns.service (100%)
 rename roles/{base/files/etc/systemd/system => ffhl_nameserver/files/systemd}/update-ffhl-dns.timer (100%)
 create mode 100644 roles/ffhl_nameserver/tasks/main.yml
 rename roles/{base => ffhl_nameserver}/tasks/powerdns.yml (54%)

diff --git a/playbook.yml b/playbook.yml
index e9a3039..14d4699 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -3,6 +3,7 @@
   become: yes
   roles:
     - base
+    - ffhl_nameserver
 
 - hosts: kaisertor
   become: yes
diff --git a/roles/base/files/powerdns/recursor.lua b/roles/base/files/powerdns/recursor.lua
deleted file mode 100644
index 1d670a5..0000000
--- a/roles/base/files/powerdns/recursor.lua
+++ /dev/null
@@ -1,7 +0,0 @@
--- Debian default Lua configuration file for PowerDNS Recursor
-
--- Load DNSSEC root keys from dns-root-data package.
--- Note: If you provide your own Lua configuration file, consider
--- running rootkeys.lua too.
-dofile("/usr/share/pdns-recursor/lua-config/rootkeys.lua")
-
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index d20097c..5cd6937 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -1,12 +1,12 @@
 ---
 - name: copy base configs
-  tags: [base, etc, apt, powerdns]
+  tags: [base, etc, apt]
   copy:
     src: etc/
     dest: /etc
 
 - name: copy scripts
-  tags: [base, powerdns]
+  tags: [base]
   copy:
     src: scripts/
     dest: /usr/local/lib/ffhl/
@@ -101,8 +101,6 @@
   tags: [network, radvd]
 - include: dhcpd.yml
   tags: [network, dhcp]
-- include: powerdns.yml
-  tags: [powerdns, network]
 
 - include: bird.yml
   tags: [bird]
diff --git a/roles/base/files/dnsdist/dnsdist.conf b/roles/ffhl_nameserver/files/dnsdist/dnsdist.conf
similarity index 100%
rename from roles/base/files/dnsdist/dnsdist.conf
rename to roles/ffhl_nameserver/files/dnsdist/dnsdist.conf
diff --git a/roles/base/files/powerdns/bind.conf b/roles/ffhl_nameserver/files/powerdns/bind.conf
similarity index 100%
rename from roles/base/files/powerdns/bind.conf
rename to roles/ffhl_nameserver/files/powerdns/bind.conf
diff --git a/roles/base/files/powerdns/forward-zones.conf b/roles/ffhl_nameserver/files/powerdns/forward-zones.conf
similarity index 100%
rename from roles/base/files/powerdns/forward-zones.conf
rename to roles/ffhl_nameserver/files/powerdns/forward-zones.conf
diff --git a/roles/base/files/powerdns/pdns.conf b/roles/ffhl_nameserver/files/powerdns/pdns.conf
similarity index 100%
rename from roles/base/files/powerdns/pdns.conf
rename to roles/ffhl_nameserver/files/powerdns/pdns.conf
diff --git a/roles/base/files/powerdns/recursor.conf b/roles/ffhl_nameserver/files/powerdns/recursor.conf
similarity index 100%
rename from roles/base/files/powerdns/recursor.conf
rename to roles/ffhl_nameserver/files/powerdns/recursor.conf
diff --git a/roles/base/files/scripts/update-dns.sh b/roles/ffhl_nameserver/files/scripts/update-dns.sh
similarity index 94%
rename from roles/base/files/scripts/update-dns.sh
rename to roles/ffhl_nameserver/files/scripts/update-dns.sh
index bac9f1d..e921451 100644
--- a/roles/base/files/scripts/update-dns.sh
+++ b/roles/ffhl_nameserver/files/scripts/update-dns.sh
@@ -9,6 +9,6 @@ mkdir -p "$DEST"
 git clone "$REPO" "$DIR"
 git --git-dir="$DIR/.git" --work-tree="$DEST" reset --hard
 
-rm -rf $DIR
+rm -rf "$DIR"
 
 pdns_control reload
diff --git a/roles/base/files/etc/systemd/system/update-ffhl-dns.service b/roles/ffhl_nameserver/files/systemd/update-ffhl-dns.service
similarity index 100%
rename from roles/base/files/etc/systemd/system/update-ffhl-dns.service
rename to roles/ffhl_nameserver/files/systemd/update-ffhl-dns.service
diff --git a/roles/base/files/etc/systemd/system/update-ffhl-dns.timer b/roles/ffhl_nameserver/files/systemd/update-ffhl-dns.timer
similarity index 100%
rename from roles/base/files/etc/systemd/system/update-ffhl-dns.timer
rename to roles/ffhl_nameserver/files/systemd/update-ffhl-dns.timer
diff --git a/roles/ffhl_nameserver/tasks/main.yml b/roles/ffhl_nameserver/tasks/main.yml
new file mode 100644
index 0000000..9b3e0e2
--- /dev/null
+++ b/roles/ffhl_nameserver/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+
+- name: install packages
+  tags: [dns, powerdns]
+  apt:
+    state: latest
+    name:
+      - dnsdist
+      - pdns-recursor
+      - pdns-server
+      - pdns-backend-bind
+
+
+- include: powerdns.yml
+  tags: [powerdns]
diff --git a/roles/base/tasks/powerdns.yml b/roles/ffhl_nameserver/tasks/powerdns.yml
similarity index 54%
rename from roles/base/tasks/powerdns.yml
rename to roles/ffhl_nameserver/tasks/powerdns.yml
index 7478390..f73d355 100644
--- a/roles/base/tasks/powerdns.yml
+++ b/roles/ffhl_nameserver/tasks/powerdns.yml
@@ -1,38 +1,27 @@
 ---
 
-- name: install packages
-  apt:
-    autoremove: yes
-    update_cache: yes
-    state: latest
-    name:
-      - dnsdist
-      - pdns-recursor
-      - pdns-server
-      - pdns-backend-bind
 
-- name: copy powerdns configs
+- name: copy systemd services and timers
   copy:
-    src: powerdns
-    dest: /etc/
+    src: systemd/
+    dest: /etc/systemd/system/
 
 - name: copy dnsdist configs
   copy:
     src: dnsdist
     dest: /etc/
 
-- name: clone dns-repo
-  git:
-    repo: "{{ dns_repo_url }}"
-    dest: /var/local/ffhl-dns
-    accept_hostkey: yes
-    version: HEAD
-
 - name: remove default bind-backend config
   file:
     path: /etc/powerdns/pdns.d/bind.conf
     state: absent
 
+- name: remove old dns repo
+  file:
+    path: /var/local/ffhl-dns
+    state: absent
+
+
 - name: restart powerdns
   systemd:
     daemon_reload: yes
@@ -42,6 +31,6 @@
   with_items:
     - pdns-recursor.service
     - pdns.service
-    - update-ffhl-dns.timer
     - dnsdist.service
+    - update-ffhl-dns.timer
     - update-ffhl-dns.service
-- 
GitLab