No description
TheRealDarklord
d3b8f6e0d9
Increased the minimal required ansible version. Since all tasks use modules identified by their full qualified name the min version had to be at least `2.10` anyways. It is now set to `2.12` which is the lowest of all own roles. |
||
|---|---|---|
| defaults | ||
| handlers | ||
| meta | ||
| tasks | ||
| templates | ||
| vars | ||
| README.md | ||
therealdarklord.setup_unbound
This role installs unbound with custom ad blocking and custom dns.
Role Variables
| Variable | Type | Default | Description |
|---|---|---|---|
| therealdarklord_setup_unbound_access_list | string[] | [] | list of network ip ranges which can access the dns specific ip or ranges are fine: 192.168.0.1, 192.168.0.0/8 |
| therealdarklord_setup_unbound_block_sources | dictionary[] | [] | list of sources for blocking as dictionaries with the following fields |
| therealdarklord_setup_unbound_block_sources.#.name | string | "" | name of the source |
| therealdarklord_setup_unbound_block_sources.#.source | string | "" | url of the block data |
| therealdarklord_setup_unbound_forward_dns | string[] | [] | list of dns servers to which dns lookups shall be forwarded |
| therealdarklord_setup_unbound_forward_tls | bool | true | flag to enable dns over tls in forward zone (all provided forward dns have to support this) |
| therealdarklord_setup_unbound_mode | string | "install" | mode for setup, possible values are "install" and "remove" |
| therealdarklord_setup_unbound_private_address_list | string[] | [] | list of private etwork ip ranges which will be stripped out from dns responses specific ip or ranges are fine: 192.168.0.1, 192.168.0.0/8 |
| therealdarklord_setup_unbound_private_domain_list | string[] | [] | list of domain names which are allowed to contain private adresses from above list this allows custom resolving of names to private addresses |
| therealdarklord_setup_unbound_resolve_static_list | dictionary[] | [] | list of custom static resolving data, each entry has to be a dictionary with the following fields |
| therealdarklord_setup_unbound_resolve_static_list.#.name | string | "" | name of the zone, e.g. "ex.ample" or "domain.tld" |
| therealdarklord_setup_unbound_resolve_static_list.#.resolve | dictionary[] | [] | list of dictionaries with the following fields |
| therealdarklord_setup_unbound_resolve_static_list.#.resolve.#.name | string | "" | hostname (short, non-fqdn), so instead of "my.domain.tld" just "my" |
| therealdarklord_setup_unbound_resolve_static_list.#.resolve.#.address | string | "" | ip-address to which this hostname shall be resolved |
| therealdarklord_setup_unbound_resolve_static_list.#.resolve.#.add_reverse | bool | no | bool to indicate if this entry shall also be reverse resolved (possible for just one hostname per ip) |
| therealdarklord_setup_unbound_resolve_stub_list | dictionary[] | [] | list of stub resolving data which is resolved by another dns, each entry has to be a dictionary with the following fields |
| therealdarklord_setup_unbound_resolve_stub_list.#.name | string | "" | name of the zone, e.g. "ex.ample" or "domain.tld" |
| therealdarklord_setup_unbound_resolve_stub_list.#.resolve | dictionary | {} | dictionary with the following fields |
| therealdarklord_setup_unbound_resolve_stub_list.#.resolve.addresses | string[] | [] | list of ip addresses of hosts which can resolve this stub-zone |
| therealdarklord_setup_unbound_resolve_stub_list.#.resolve.names | string[] | [] | list of names of hosts which can resolve this stub-zone |
License
BSD
Author Information
Markus Reichardt (https://www.therealdarklord.eu)