[Pdns-users] RFC: Ansible module for PowerDNS Auth zone management

Kevin P. Fleming kevin at km6g.us
Sun Mar 22 16:25:29 UTC 2020


The PowerDNS team publishes an Ansible role for installing and
configuring the PowerDNS Auth server itself, but I wanted to go one
step further, and ensure that each of my servers has the proper list
of zones and that those zones are configured properly. This is
especially important when adding zones to a hidden primary+public
secondaries configuration.

I found one Ansible module which does some of this work, but the
implementation wasn't really something I was happy about, so I've
created an initial version of a new one. This new module uses the
'Bravado' Python package to communicate with the Auth server API,
which makes the code easy to understand and improve. Along the way
I've found a few places where the API could be corrected or improved
(and those PRs have been merged so they'll be in version 4.4).

Anyone who is interested, take a look at the repo here:

https://github.com/kpfleming/ansible-pdns-auth-zone

Feedback is more than welcome in the repo and on this list. I'm going
to continue adding features to support the zones I'm managing, but I
don't use DNSSEC yet so I haven't considered how those features will
be supported in the module.

I'll be adding a second module to manage metadata entries associated
with zones in the next few days too, and presumably we'll need one for
TSIG keys and some of the other configurable elements of the server.


More information about the Pdns-users mailing list