🔥: remove nsd completely

roles/nsd/templates/nsd.conf.j2

@@ -1,11 +0,0 @@
-key:
-	name: "{{ nsd_tsig_key_name }}"
-	algorithm: hmac-sha256
-	secret: "{{ tsig_key }}"
-
-server:
-	log-only-syslog: yes
-	hide-version: yes
-	zonesdir: "/etc/nsd/zones"
-
-include: "/etc/nsd/nsd.conf.d/*.conf"

roles/nsd/templates/resignall.sh.j2

@@ -1,17 +0,0 @@
-#!/bin/bash
-
-for i in {{ nsd_default_etc_path }}keys/*/*.ds
-do
-	# Get the different names
-	FILENAME=${i##*/}
-	KEYNAME=${FILENAME/.ds/}
-	DIRPATH=${i/${FILENAME}/}
-	_ZONEFILEPATH=${DIRPATH/keys/zones}
-	ZONEFILEPATH=${_ZONEFILEPATH%/*}.zone
-	_ZONENAME=${_ZONEFILEPATH%/*}
-	ZONENAME=${_ZONENAME##*/}
-
-	cd $DIRPATH
-	sudo -u nsd /usr/bin/ldns-signzone -o ${ZONENAME} -u ${ZONEFILEPATH} ${KEYNAME}
-	/usr/sbin/nsd-control reload ${ZONENAME}
-done

roles/nsd/templates/zone.j2

@@ -1,23 +0,0 @@
-{% set other_server = groups['slave_nsdservers'] if nsd_master else (groups['master_nsdservers'] | first) -%}
-{% set default_ipv4 = hostvars[other_server].ansible_default_ipv4.address -%}
-{% set default_ipv6 = hostvars[other_server].ansible_default_ipv6.address -%}
-zone:
-    name: "{{ item.name }}"
-    zonefile: {{ item.name }}.zone.signed
-    {% if nsd_master -%}
-    {% for server in other_server -%}
-    {% set default_ipv4 = hostvars[server].natted_ipv4 | default(hostvars[server].ansible_default_ipv4.address) -%}
-    {% set default_ipv6 = hostvars[server].ansible_default_ipv6.address -%}
-    notify: {{ default_ipv4 }} {{ nsd_tsig_key_name }}
-    provide-xfr: {{ default_ipv4 }} {{ nsd_tsig_key_name }}
-    notify: {{ default_ipv6 }} {{ nsd_tsig_key_name }}
-    provide-xfr: {{ default_ipv6 }} {{ nsd_tsig_key_name }}
-    {% endfor -%}
-    {% else -%}
-    {% set default_ipv4 = hostvars[other_server].natted_ipv4 | default(hostvars[other_server].ansible_default_ipv4.address) -%}
-    {% set default_ipv6 = hostvars[other_server].ansible_default_ipv6.address -%}
-    allow-notify: {{ default_ipv4 }} {{ nsd_tsig_key_name }}
-    request-xfr: {{ default_ipv4 }} {{ nsd_tsig_key_name }}
-    allow-notify: {{ default_ipv6 }} {{ nsd_tsig_key_name }}
-    request-xfr: {{ default_ipv6 }} {{ nsd_tsig_key_name }}
-    {% endif -%}

roles/nsd/templates/zones/libertus.eu.zone.j2

@@ -1,33 +0,0 @@
-$TTL 86400
-@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue "letsencrypt.org"
-@		IN MX 1 mail.dmz.mateu.be.
-@		IN A 82.66.135.228
-@		IN AAAA 2a01:e0a:9bd:2811::10
-@		3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all"
-@		3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all"
-_dmarc		3600 IN TXT "v=DMARC1; p=reject; rua=mailto:report@mateu.be; adkim=s; aspf=s"
-dkim._domainkey		3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB"
-_jabber._tcp		IN SRV 0 0 5269 jabber.dmz.mateu.be.
-_xmpp-client._tcp		IN SRV 0 0 5222 jabber.dmz.mateu.be.
-_xmpp-server._tcp		IN SRV 0 0 5269 jabber.dmz.mateu.be.
-_xmppconnect		IN TXT "_xmpp-client-xbosh=https://xmpp.libertus.eu/http-bind"
-altsrv		IN CNAME ks3370405.kimsufi.com.
-p		IN MX 1 mail.dmz.mateu.be.
-p		3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all"
-p		3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all"
-_dmarc.p		3600 IN TXT "v=DMARC1; p=reject; rua=mailto:report@mateu.be; adkim=s; aspf=s"
-dkim._domainkey.p		3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB"
-{{ web_hostname_block }}

roles/nsd/templates/zones/mateu.be.zone.j2

@@ -1,103 +0,0 @@
-$TTL 86400
-@		IN	SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server | regex_replace('^([a-z0-9-]+)\\.', '\\1-v4.') }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue "letsencrypt.org"
-@		IN MX 1 mail.dmz.mateu.be.
-@		3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all"
-@		3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all"
-_dmarc		3600 IN TXT "v=DMARC1; p=reject; rua=mailto:report@mateu.be; adkim=s; aspf=s"
-dkim._domainkey		3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB"
-libertus.eu._report._dmarc		3600 IN TXT "v=DMARC1;"
-nintendojo.fr._report._dmarc		3600 IN TXT "v=DMARC1;"
-p.libertus.eu._report._dmarc		3600 IN TXT "v=DMARC1;"
-altsrv		IN CNAME ks3370405.kimsufi.com.
-backup		IN A 10.233.212.60
-baybay-ponay		IN AAAA 2a01:e0a:9bd:2810:9e6b:ff:fe13:ef88
-bt.dmz		IN A 82.66.135.228
-bt.dmz		IN AAAA 2a01:e0a:9bd:2811::3
-ciol		IN A 109.190.68.133
-derdriu		IN A 10.233.212.77
-dns1.dmz		IN A 82.66.135.228
-dns1-v4.dmz		IN A 82.66.135.228
-dns1.dmz		IN AAAA 2a01:e0a:9bd:2811::16
-dns1-v6.dmz		IN AAAA 2a01:e0a:9bd:2811::16
-dom		IN A 10.233.212.15
-dom.dmz		IN A 82.66.135.228
-dom.dmz		IN AAAA 2a01:e0a:9bd:2811::15
-emerandon.st		IN CNAME altsrv
-enbarr.dmz		IN AAAA 2a01:e0a:9bd:2811::50
-es1.dmz		IN A 82.66.135.228
-es1.dmz		IN AAAA 2a01:e0a:9bd:2811::21
-evse		IN A 10.233.211.198
-fc		IN A 10.233.211.194
-frederica.dmz		IN A 82.66.135.228
-frederica.dmz		IN AAAA 2a01:e0a:9bd:2811::60
-ftp		IN A 10.233.212.14
-ftp.dmz		IN A 82.66.135.228
-ftp.dmz		IN AAAA 2a01:e0a:9bd:2811::14
-garage1.dmz		IN A 82.66.135.228
-garage1.dmz		IN AAAA 2a01:e0a:9bd:2811::11
-garreg-mach		IN A 10.233.212.66
-haproxy.dmz		IN A 82.66.135.228
-haproxy.dmz		IN AAAA 2a01:e0a:9bd:2811::2
-imprimante		IN A 10.233.212.94
-jabber.dmz		IN A 82.66.135.228
-jabber.dmz		IN AAAA 2a01:e0a:9bd:2811::10
-k3sn0.dmz		IN A 82.66.135.228
-k3sn0.dmz		IN AAAA 2a01:e0a:9bd:2811::40
-k3sn1.dmz		IN A 82.66.135.228
-k3sn1.dmz		IN AAAA 2a01:e0a:9bd:2811::41
-k3sn2.dmz		IN A 82.66.135.228
-k3sn2.dmz		IN AAAA 2a01:e0a:9bd:2811::42
-machinbox		IN A 82.66.135.228
-machinbox		IN AAAA 2a01:e0a:9bd:2810::1
-mail-relay		IN A 37.187.5.75
-mail.dmz		IN A 82.66.135.228
-mail.dmz		IN AAAA 2a01:e0a:9bd:2811::4
-mailalt		IN CNAME altsrv
-masto1.dmz		IN A 82.66.135.228
-masto1.dmz		IN AAAA 2a01:e0a:9bd:2811::19
-memcardprogc	IN A 10.233.211.199
-munin.dmz		IN A 82.66.135.228
-munin.dmz		IN AAAA 2a01:e0a:9bd:2811::12
-nfs		IN A 10.233.212.60
-nsd-master1.ext		IN A 51.158.245.194
-nsd-master1-v4.ext		IN A 51.158.245.194
-nsd-master1.ext		IN AAAA 2001:bc8:5090:79b:dc00:ff:fe25:ad75
-nsd-master1-v6.ext		IN AAAA 2001:bc8:5090:79b:dc00:ff:fe25:ad75
-patoche.ext		IN A 51.159.156.201
-patoche.ext		IN AAAA 2001:bc8:1210:2efc:dc00:ff:fe4e:ef53
-pt1.dmz		IN A 82.66.135.228
-pt1.dmz		IN AAAA 2a01:e0a:9bd:2811::20
-pt-runner1.ext		IN AAAA 2001:bc8:1d90:b77:dc00:ff:fe17:bc83
-rb		IN A 194.156.203.253
-rc		IN A 10.233.211.195
-sachetpa.st		IN CNAME altsrv
-serenor.dmz		IN A 82.66.135.228
-serenor.dmz		IN AAAA 2a01:e0a:9bd:2811::59
-syslog.dmz		IN AAAA 2a01:e0a:9bd:2811::8
-unifi.dmz		IN A 82.66.135.228
-unifi.dmz		IN AAAA 2a01:e0a:9bd:2811::13
-veretcle.st		IN CNAME altsrv
-voice1.dmz		IN A 82.66.135.228
-voice1.dmz		IN AAAA 2a01:e0a:9bd:2811::7
-voice3.dmz		IN A 82.66.135.228
-voice3.dmz		IN AAAA 2a01:e0a:9bd:2811::9
-web1.dmz		IN A 82.66.135.228
-web1.dmz		IN AAAA 2a01:e0a:9bd:2811::5
-web2.dmz		IN A 82.66.135.228
-web2.dmz		IN AAAA 2a01:e0a:9bd:2811::6
-web3.dmz		IN A 82.66.135.228
-web3.dmz		IN AAAA 2a01:e0a:9bd:2811::17
-{{ web_hostname_block }}

roles/nsd/templates/zones/nintendojo.fr.zone.j2

@@ -1,25 +0,0 @@
-$TTL 86400
-@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue "letsencrypt.org"
-@		IN MX 1 mail.dmz.mateu.be.
-@		IN A 82.66.135.228
-@		IN AAAA 2a01:e0a:9bd:2811::6
-@		3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all"
-@		3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all"
-@		3600 IN TXT "google-site-verification=rIe1fnrQnv-E1H8qsMtEIhM4XYUqCELshWH9pHkwPBI"
-_dmarc		3600 IN TXT "v=DMARC1; p=reject; rua=mailto:report@mateu.be; adkim=s; aspf=s"
-dkim._domainkey		3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB"
-mumble		IN CNAME voice1.dmz.mateu.be.
-{{ web_hostname_block }}

roles/nsd/templates/zones/nintendojofr.com.zone.j2

@@ -1,22 +0,0 @@
-$TTL 86400
-@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue "letsencrypt.org"
-@		IN MX 0 .
-@		IN A 82.66.135.228
-@		IN AAAA 2a01:e0a:9bd:2811::6
-@		IN TXT "v=spf1 -all"
-@		IN TXT "spf2.0/mfrom -all"
-_dmarc		IN TXT "v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;"
-{{ web_hostname_block }}

roles/nsd/templates/zones/parking.zone.j2

@@ -1,19 +0,0 @@
-$TTL 86400
-@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue ";"
-@		IN MX 0 .
-@		IN TXT "v=spf1 -all"
-@		IN TXT "spf2.0/mfrom -all"
-_dmarc		IN TXT "v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;"

roles/nsd/templates/zones/sebicomics.com.zone.j2

@@ -1,23 +0,0 @@
-$TTL 86400
-@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
-				{{ dns_serial }}; timestamp serial number
-				28800; Refresh
-				7200; Retry
-				864000; Expire
-				86400; Min TTL
-			)
-
-{% for server in groups['nsdservers'] %}
-@		IN NS {{ server }}.
-{% endfor %}
-
-$ORIGIN {{ item.name }}.
-@		IN CAA 0 issue "letsencrypt.org"
-@		IN A 82.66.135.228
-@		IN AAAA 2a01:e0a:9bd:2811::17
-@		IN MX 0 .
-@		3600 IN TXT	"v=spf1 -all"
-@		3600 IN TXT	"spf2.0/mfrom -all"
-_dmarc		3600 IN TXT	"v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;"
-@		3600 IN TXT	"google-site-verification=Ptj7up6CWDNVy_AQjKrJf9yY08Tu7OTE30XIgG-ISGU"
-{{ web_hostname_block }}