From 96bca07a45f95e0e23685bac375b2676b4c8b89f Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 11:12:09 +0100 Subject: [PATCH 01/12] fix support for centos 8 --- molecule/pdns-42/molecule.yml | 10 ++++------ molecule/pdns-master/molecule.yml | 10 ++++------ tasks/database-mysql.yml | 26 +++++++++++------------- tasks/main.yml | 11 +++++++++++ tasks/repo-RedHat.yml | 4 +++- tasks/selinux.yml | 14 +++++++++++++ vars/Debian.yml | 5 +++++ vars/RedHat-8.yml | 33 +++++++++++++++++++++++++++++++ vars/RedHat.yml | 5 +++++ 9 files changed, 90 insertions(+), 28 deletions(-) create mode 100644 tasks/selinux.yml create mode 100644 vars/RedHat-8.yml diff --git a/molecule/pdns-42/molecule.yml b/molecule/pdns-42/molecule.yml index ca527df..a713b0e 100644 --- a/molecule/pdns-42/molecule.yml +++ b/molecule/pdns-42/molecule.yml @@ -19,12 +19,10 @@ platforms: image: centos:7 dockerfile_tpl: centos-systemd - # Temporarely disable CentOS 8 due to: - # https://github.com/ansible/ansible/issues/64963 - # - name: centos-8 - # groups: ["pdns"] - # image: centos:8 - # dockerfile_tpl: centos-systemd + - name: centos-8 + groups: ["pdns"] + image: centos:8 + dockerfile_tpl: centos-systemd - name: ubuntu-1804 groups: ["pdns"] diff --git a/molecule/pdns-master/molecule.yml b/molecule/pdns-master/molecule.yml index 0c4302f..fc69084 100644 --- a/molecule/pdns-master/molecule.yml +++ b/molecule/pdns-master/molecule.yml @@ -19,12 +19,10 @@ platforms: image: centos:7 dockerfile_tpl: centos-systemd - # Temporarely disable CentOS 8 due to: - # https://github.com/ansible/ansible/issues/64963 - # - name: centos-8 - # groups: ["pdns"] - # image: centos:8 - # dockerfile_tpl: centos-systemd + - name: centos-8 + groups: ["pdns"] + image: centos:8 + dockerfile_tpl: centos-systemd - name: ubuntu-1804 groups: ["pdns"] diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml index 3cdd4bb..4437e4a 100644 --- a/tasks/database-mysql.yml +++ b/tasks/database-mysql.yml @@ -1,20 +1,9 @@ --- -- name: Install the MySQL dependencies on RedHat +- name: Install the MySQL dependencies package: - name: - - mysql - - MySQL-python + name: "{{ pdns_mysql_packages }}" state: present - when: ansible_os_family == 'RedHat' - -- name: Install the MySQL dependencies on Debian - package: - name: - - default-mysql-client - - python-mysqldb - state: present - when: ansible_os_family == 'Debian' - name: Create the PowerDNS MySQL databases mysql_db: @@ -65,8 +54,15 @@ - name: Define the PowerDNS database MySQL schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql" - when: ansible_distribution_major_version | int >= 7 - or _pdns_running_version is version_compare('4.2.0', '>=') + when: + - ansible_distribution_major_version | int = 7 or _pdns_running_version is version_compare('4.2.0', '>=') + + - name: Define the PowerDNS database MySQL schema file path on RedHat 8 and PowerDNS >= 4.2.0 + set_fact: + _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql/schema.mysql.sql" + when: + - ansible_distribution_major_version | int = 8 + - _pdns_running_version is version_compare('4.2.0', '>=') when: ansible_os_family == 'RedHat' diff --git a/tasks/main.yml b/tasks/main.yml index 87db9a6..dc2658f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,6 +2,11 @@ - name: Include OS-specific variables include_vars: "{{ ansible_os_family }}.yml" + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" tags: - always @@ -38,6 +43,12 @@ tags: - config +- include: selinux.yml + when: ansible_selinux is defined and ansible_selinux.status == 'enabled' + tags: + - selinux + - config + - name: Start and enable the PowerDNS service service: name: "{{ pdns_service_name }}" diff --git a/tasks/repo-RedHat.yml b/tasks/repo-RedHat.yml index cead543..09eaf5f 100644 --- a/tasks/repo-RedHat.yml +++ b/tasks/repo-RedHat.yml @@ -20,7 +20,9 @@ package: name: yum-plugin-priorities state: present - when: ansible_distribution in [ 'CentOS' ] + when: + - ansible_distribution in [ 'CentOS' ] + - ansible_distribution_major_version | int < 8 - name: Add the PowerDNS YUM Repository yum_repository: diff --git a/tasks/selinux.yml b/tasks/selinux.yml new file mode 100644 index 0000000..a7afcec --- /dev/null +++ b/tasks/selinux.yml @@ -0,0 +1,14 @@ +--- +- name: allow mysql connect from pdns in selinux + seboolean: + name: pdns_can_network_connect_db + state: yes + persistent: yes + when: "pdns_mysql_databases_credentials | length > 0" + +- name: allow pdns to bind to udp high ports + seport: + ports: 10000-20000 + proto: udp + setype: dns_port_t + state: present diff --git a/vars/Debian.yml b/vars/Debian.yml index 4e5174d..3d5007e 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -6,6 +6,11 @@ default_pdns_package_name: "pdns-server" # The name of the PowerDNS Authoritative Server debug package default_pdns_debug_symbols_package_name: "pdns-server-dbg" +# Packages needed to install MySQL +pdns_mysql_packages: + - default-mysql-client + - python-mysqldb + # List of PowerDNS Authoritative Server Backends packages on Debian default_pdns_backends_packages: geo: pdns-backend-geo diff --git a/vars/RedHat-8.yml b/vars/RedHat-8.yml new file mode 100644 index 0000000..eeac155 --- /dev/null +++ b/vars/RedHat-8.yml @@ -0,0 +1,33 @@ +--- + +# The name of the PowerDNS Authoritative Server package +default_pdns_package_name: "pdns" + +# Packages needed to install MySQL +pdns_mysql_packages: + - mariadb + - mariadb-server + - mariadb-connector-c + - python3-PyMySQL + - perl-DBD-MySQL + +# The name of the PowerDNS Authoritative Server debug package +default_pdns_debug_symbols_package_name: "pdns-debuginfo" + +# List of PowerDNS Authoritative Server backends packages on RedHat +default_pdns_backends_packages: + geo: pdns-backend-geo + geoip: pdns-backend-geoip + gmysql: pdns-backend-mysql + gpgsql: pdns-backend-postgresql + gsqlite3: pdns-backend-sqlite + ldap: pdns-backend-ldap + lmdb: pdns-backend-lmdb + lua: pdns-backend-lua + mydns: pdns-backend-mydns + pipe: pdns-backend-pipe + remote: pdns-backend-remote + tinydns: pdns-backend-tinydns + +# The directory where the PowerDNS Authoritative Server configuration is located +default_pdns_config_dir: "/etc/pdns" diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 8729d54..5e13780 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -3,6 +3,11 @@ # The name of the PowerDNS Authoritative Server package default_pdns_package_name: "pdns" +# Packages needed to install MySQL +pdns_mysql_packages: + - mysql + - MySQL-python + # The name of the PowerDNS Authoritative Server debug package default_pdns_debug_symbols_package_name: "pdns-debuginfo" From e06fee9ee4da9c9582a3c89fd53357215442b550 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 11:43:32 +0100 Subject: [PATCH 02/12] fix copy pasta mistake --- tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index dc2658f..41302ac 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,7 +2,6 @@ - name: Include OS-specific variables include_vars: "{{ ansible_os_family }}.yml" - include_vars: "{{ item }}" with_first_found: - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}.yml" From 979969f29cb9335844dc68f5ff5bddcb6dc4330d Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 12:09:13 +0100 Subject: [PATCH 03/12] fix wrong var and conditional --- tasks/database-mysql.yml | 4 ++-- tasks/main.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml index 4437e4a..713acf6 100644 --- a/tasks/database-mysql.yml +++ b/tasks/database-mysql.yml @@ -54,8 +54,8 @@ - name: Define the PowerDNS database MySQL schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql" - when: - - ansible_distribution_major_version | int = 7 or _pdns_running_version is version_compare('4.2.0', '>=') + when: ansible_distribution_major_version | int = 7 + or _pdns_running_version is version_compare('4.2.0', '>=') - name: Define the PowerDNS database MySQL schema file path on RedHat 8 and PowerDNS >= 4.2.0 set_fact: diff --git a/tasks/main.yml b/tasks/main.yml index 41302ac..1426acf 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Include OS-specific variables - include_vars: "{{ ansible_os_family }}.yml" + include_vars: "{{ item }}.yml" with_first_found: - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}.yml" From 9223924967684254f2b7c21b0737bdf0fb8b4f04 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 12:29:32 +0100 Subject: [PATCH 04/12] fix suffix in vars --- tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 1426acf..6cfe7d1 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -3,9 +3,9 @@ - name: Include OS-specific variables include_vars: "{{ item }}.yml" with_first_found: - - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" - - "{{ ansible_distribution }}.yml" - - "{{ ansible_os_family }}.yml" + - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}" + - "{{ ansible_distribution }}" + - "{{ ansible_os_family }}" tags: - always From 18e45e20d87b47b42861e4b61ff312d8856f7780 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 12:44:50 +0100 Subject: [PATCH 05/12] fix suffix again --- tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 6cfe7d1..a6b8253 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: Include OS-specific variables - include_vars: "{{ item }}.yml" + include_vars: "{{ item }}" with_first_found: - - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}" - - "{{ ansible_distribution }}" - - "{{ ansible_os_family }}" + - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" tags: - always From 53b812988c4bf2bf0eace0507fe2385a66ee5640 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 17:03:14 +0100 Subject: [PATCH 06/12] fix operand --- tasks/database-mysql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml index 713acf6..f687851 100644 --- a/tasks/database-mysql.yml +++ b/tasks/database-mysql.yml @@ -54,14 +54,14 @@ - name: Define the PowerDNS database MySQL schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql" - when: ansible_distribution_major_version | int = 7 + when: ansible_distribution_major_version | int == 7 or _pdns_running_version is version_compare('4.2.0', '>=') - name: Define the PowerDNS database MySQL schema file path on RedHat 8 and PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql/schema.mysql.sql" when: - - ansible_distribution_major_version | int = 8 + - ansible_distribution_major_version | int == 8 - _pdns_running_version is version_compare('4.2.0', '>=') when: ansible_os_family == 'RedHat' From 08cc6a7a04f75b6e0e6e29782df0150fbfa58888 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 18:51:19 +0100 Subject: [PATCH 07/12] fix sqlite --- tasks/database-sqlite3.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tasks/database-sqlite3.yml b/tasks/database-sqlite3.yml index 28ebd9c..1d97d70 100644 --- a/tasks/database-sqlite3.yml +++ b/tasks/database-sqlite3.yml @@ -36,9 +36,18 @@ args: creates: "{{ item }}" with_items: "{{ pdns_sqlite_databases_locations }}" - when: ansible_distribution_major_version | int >= 7 + when: ansible_distribution_major_version | int == 7 or _pdns_running_version is version_compare('4.2.0', '>=') + - name: Create the PowerDNS SQLite databases on RedHat 8 or PowerDNS >= 4.2.0 + shell: "sqlite3 {{ item }} < /usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql" + args: + creates: "{{ item }}" + with_items: "{{ pdns_sqlite_databases_locations }}" + when: + - ansible_distribution_major_version | int == 8 + - _pdns_running_version is version_compare('4.2.0', '>=') + when: ansible_os_family == "RedHat" - block: From dad09981beb23c3852ccf86e2bffee85debf2dff Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 19:12:52 +0100 Subject: [PATCH 08/12] fix conditionals --- tasks/database-mysql.yml | 5 +++-- tasks/database-sqlite3.yml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml index f687851..a321049 100644 --- a/tasks/database-mysql.yml +++ b/tasks/database-mysql.yml @@ -54,8 +54,9 @@ - name: Define the PowerDNS database MySQL schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql" - when: ansible_distribution_major_version | int == 7 - or _pdns_running_version is version_compare('4.2.0', '>=') + when: + - ansible_distribution_major_version | int == 7 + - _pdns_running_version is version_compare('4.2.0', '>=') - name: Define the PowerDNS database MySQL schema file path on RedHat 8 and PowerDNS >= 4.2.0 set_fact: diff --git a/tasks/database-sqlite3.yml b/tasks/database-sqlite3.yml index 1d97d70..cd81278 100644 --- a/tasks/database-sqlite3.yml +++ b/tasks/database-sqlite3.yml @@ -36,8 +36,9 @@ args: creates: "{{ item }}" with_items: "{{ pdns_sqlite_databases_locations }}" - when: ansible_distribution_major_version | int == 7 - or _pdns_running_version is version_compare('4.2.0', '>=') + when: + - ansible_distribution_major_version | int == 7 + - _pdns_running_version is version_compare('4.2.0', '>=') - name: Create the PowerDNS SQLite databases on RedHat 8 or PowerDNS >= 4.2.0 shell: "sqlite3 {{ item }} < /usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql" From a470179d70b8b40cd88e669ea747cd564cc48e3d Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 19:39:47 +0100 Subject: [PATCH 09/12] chnage back conditionals --- tasks/database-mysql.yml | 5 ++--- tasks/database-sqlite3.yml | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml index a321049..f687851 100644 --- a/tasks/database-mysql.yml +++ b/tasks/database-mysql.yml @@ -54,9 +54,8 @@ - name: Define the PowerDNS database MySQL schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 set_fact: _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql" - when: - - ansible_distribution_major_version | int == 7 - - _pdns_running_version is version_compare('4.2.0', '>=') + when: ansible_distribution_major_version | int == 7 + or _pdns_running_version is version_compare('4.2.0', '>=') - name: Define the PowerDNS database MySQL schema file path on RedHat 8 and PowerDNS >= 4.2.0 set_fact: diff --git a/tasks/database-sqlite3.yml b/tasks/database-sqlite3.yml index cd81278..1d97d70 100644 --- a/tasks/database-sqlite3.yml +++ b/tasks/database-sqlite3.yml @@ -36,9 +36,8 @@ args: creates: "{{ item }}" with_items: "{{ pdns_sqlite_databases_locations }}" - when: - - ansible_distribution_major_version | int == 7 - - _pdns_running_version is version_compare('4.2.0', '>=') + when: ansible_distribution_major_version | int == 7 + or _pdns_running_version is version_compare('4.2.0', '>=') - name: Create the PowerDNS SQLite databases on RedHat 8 or PowerDNS >= 4.2.0 shell: "sqlite3 {{ item }} < /usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql" From 431d7207c7a85093ffd1ddc5bfa25c3132811e98 Mon Sep 17 00:00:00 2001 From: Furragen Date: Sat, 7 Mar 2020 19:59:57 +0100 Subject: [PATCH 10/12] change sqlite db creation --- tasks/database-sqlite3.yml | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/tasks/database-sqlite3.yml b/tasks/database-sqlite3.yml index 1d97d70..476e4f1 100644 --- a/tasks/database-sqlite3.yml +++ b/tasks/database-sqlite3.yml @@ -22,32 +22,31 @@ with_items: "{{ pdns_sqlite_databases_locations }}" - block: - - - name: Create the PowerDNS SQLite databases on RedHat < 7 and PowerDNS < 4.2.0 - shell: "sqlite3 {{ item }} < /usr/share/doc/pdns/schema.sqlite3.sql" - args: - creates: "{{ item }}" - with_items: "{{ pdns_sqlite_databases_locations }}" + - name: Define the PowerDNS SQLite schema file path on RedHat < 7 and PowerDNS < 4.2.0 + set_fact: + _pdns_mysql_schema_file: "/usr/share/doc/pdns/schema.sqlite3.sql" when: ansible_distribution_major_version | int < 7 and _pdns_running_version is version_compare('4.2.0', '<') - - name: Create the PowerDNS SQLite databases on RedHat >= 7 or PowerDNS >= 4.2.0 - shell: "sqlite3 {{ item }} < /usr/share/doc/pdns-backend-sqlite-{{ _pdns_running_version }}/schema.sqlite3.sql" - args: - creates: "{{ item }}" - with_items: "{{ pdns_sqlite_databases_locations }}" + - name: Define the PowerDNS SQLite schema file path on RedHat >= 7 or PowerDNS >= 4.2.0 + set_fact: + _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-sqlite-{{ _pdns_running_version }}/schema.sqlite3.sql" when: ansible_distribution_major_version | int == 7 or _pdns_running_version is version_compare('4.2.0', '>=') - - name: Create the PowerDNS SQLite databases on RedHat 8 or PowerDNS >= 4.2.0 - shell: "sqlite3 {{ item }} < /usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql" - args: - creates: "{{ item }}" - with_items: "{{ pdns_sqlite_databases_locations }}" + - name: Define the PowerDNS SQLite schema file path on RedHat 8 and PowerDNS >= 4.2.0 + set_fact: + _pdns_mysql_schema_file: "/usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql" when: - ansible_distribution_major_version | int == 8 - _pdns_running_version is version_compare('4.2.0', '>=') + - name: Create the PowerDNS SQLite databases on RedHat + shell: "sqlite3 {{ item }} < {{ _pdns_mysql_schema_file }}" + args: + creates: "{{ item }}" + with_items: "{{ pdns_sqlite_databases_locations }}" + when: ansible_os_family == "RedHat" - block: From 8aa0fc6f7a27b70a728df9509a0e2871bcd5d94a Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Tue, 15 Sep 2020 17:55:49 +0200 Subject: [PATCH 11/12] Add CentOS 8 to 4.3 tests --- molecule/pdns-43/molecule.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/molecule/pdns-43/molecule.yml b/molecule/pdns-43/molecule.yml index f058e06..fa454e0 100644 --- a/molecule/pdns-43/molecule.yml +++ b/molecule/pdns-43/molecule.yml @@ -19,12 +19,10 @@ platforms: image: centos:7 dockerfile_tpl: centos-systemd - # Temporarely disable CentOS 8 due to: - # https://github.com/ansible/ansible/issues/64963 - # - name: centos-8 - # groups: ["pdns"] - # image: centos:8 - # dockerfile_tpl: centos-systemd + - name: centos-8 + groups: ["pdns"] + image: centos:8 + dockerfile_tpl: centos-systemd - name: ubuntu-1804 groups: ["pdns"] From cfc7b14df8177ffdb5a2175ff55c48b90b73879c Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Tue, 15 Sep 2020 20:02:59 +0200 Subject: [PATCH 12/12] Add pkg for debian systems that disappeared in the merge --- vars/Debian.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/Debian.yml b/vars/Debian.yml index 3d5007e..3cf0821 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -10,6 +10,7 @@ default_pdns_debug_symbols_package_name: "pdns-server-dbg" pdns_mysql_packages: - default-mysql-client - python-mysqldb + - python3-mysqldb # List of PowerDNS Authoritative Server Backends packages on Debian default_pdns_backends_packages: