--- - name: "PowerDNS setup" hosts: master_nameservers become: true vars: database_name: "/var/lib/powerdns/db.sqlite" pdns_backends: gsqlite3: database: "{{ database_name }}" pdns_sqlite_databases_locations: - "{{ database_name }}" pdns_config: allow-axfr-ips: "{{ axfr_ips }}" server-id: "ns1.m4n5.nl" default-soa-content: "ns1.m4n5.nl. hostmaster.m4n5.nl. 1 3600 600 604800 1800" version-string: "anonymous" primary: true webserver: "yes" pdns_auth_powerdns_repo_49: apt_repo_origin: "repo.powerdns.com" apt_repo: "deb http://repo.powerdns.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }}-auth-49 main" gpg_key: "http://repo.powerdns.com/FD380FBB-pub.asc" gpg_key_id: "9FAAA5577E8FCF62093D036C1B0C6205FD380FBB" yum_repo_baseurl: "http://repo.powerdns.com/centos/$basearch/$releasever/auth-49" yum_debug_symbols_repo_baseurl: "http://repo.powerdns.com/centos/$basearch/$releasever/auth-49/debug" name: "powerdns-auth-49" roles: - { role: PowerDNS.pdns, pdns_install_repo: "{{ pdns_auth_powerdns_repo_49 }}" } tasks: - name: "Add DNS allow rule in ufw" community.general.ufw: rule: allow to_port: "53" protocol: udp when: ufw_status == "enabled" - name: "Add AXFR/IXFR allow rule in ufw" community.general.ufw: rule: allow to_port: "53" protocol: tcp when: ufw_status == "enabled"