1.6 KiB
1.6 KiB
opnsense_dns_override
Manages OPNsense Unbound DNS host overrides (A record) and domain forwards via the oxlorg.opnsense collection.
Accepts a list of entries, each specifying either a host override or a forward rule. All tasks delegate to localhost (OPNsense modules are API-based).
Requirements
oxlorg.opnsensecollectionmodule_defaultsforgroup/oxlorg.opnsense.allmust be set at play level (firewall, api_key, api_secret)
Role Variables
| Variable | Default | Description |
|---|---|---|
opnsense_dns_override_entries |
[] |
List of DNS override entries (see below) |
Entry format
Each entry in opnsense_dns_override_entries requires:
| Field | Required | Description |
|---|---|---|
type |
yes | host for Unbound host override, forward for domain forwarding |
value |
yes | Target IP address |
hostname |
host only | Subdomain part (e.g. api.sno) |
domain |
yes | Parent domain for host type, or full domain for forward type |
Example Playbook
- name: Configure OPNsense DNS overrides
hosts: gate.toal.ca
gather_facts: false
connection: local
module_defaults:
group/oxlorg.opnsense.all:
firewall: "{{ opnsense_host }}"
api_key: "{{ opnsense_api_key }}"
api_secret: "{{ opnsense_api_secret }}"
roles:
- role: opnsense_dns_override
opnsense_dns_override_entries:
- hostname: api.sno
domain: openshift.toal.ca
value: 192.168.40.10
type: host
- domain: apps.sno.openshift.toal.ca
value: 192.168.40.10
type: forward
License
MIT
Author
ptoal