community.general.nsupdate – Manage DNS records.

Note

This plugin is part of the community.general collection (version 1.3.6).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.nsupdate.

Synopsis

  • Create, update and remove DNS records using DDNS updates

Requirements

The below requirements are needed on the host that executes this module.

  • dnspython

Parameters

Parameter Choices/Defaults Comments
key_algorithm
string
    Choices:
  • HMAC-MD5.SIG-ALG.REG.INT
  • hmac-md5 ←
  • hmac-sha1
  • hmac-sha224
  • hmac-sha256
  • hmac-sha384
  • hmac-sha512
Specify key algorithm used by key_secret.
key_name
string
Use TSIG key name to authenticate against DNS server
key_secret
string
Use TSIG key secret, associated with key_name, to authenticate against server
port
string
Default:
53
Use this TCP port when connecting to server.
protocol
string
    Choices:
  • tcp ←
  • udp
Sets the transport protocol (TCP or UDP). TCP is the recommended and a more robust option.
record
string / required
Sets the DNS record to modify. When zone is omitted this has to be absolute (ending with a dot).
server
string / required
Apply DNS modification on this server, specified by IPv4 or IPv6 address.
state
string
    Choices:
  • present ←
  • absent
Manage DNS record.
ttl
string
Default:
3600
Sets the record TTL.
type
string
Default:
"A"
Sets the record type.
value
string
Sets the record value.
zone
string
DNS record will be modified on this zone.
When omitted DNS will be queried to attempt finding the correct zone.
Starting with Ansible 2.7 this parameter is optional.

Examples

- name: Add or modify ansible.example.org A to 192.168.1.1"
  community.general.nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "ansible"
    value: "192.168.1.1"

- name: Add or modify ansible.example.org A to 192.168.1.1, 192.168.1.2 and 192.168.1.3"
  community.general.nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "ansible"
    value: ["192.168.1.1", "192.168.1.2", "192.168.1.3"]

- name: Remove puppet.example.org CNAME
  community.general.nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "puppet"
    type: "CNAME"
    state: absent

- name: Add 1.1.168.192.in-addr.arpa. PTR for ansible.example.org
  community.general.nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    record: "1.1.168.192.in-addr.arpa."
    type: "PTR"
    value: "ansible.example.org."
    state: present

- name: Remove 1.1.168.192.in-addr.arpa. PTR
  community.general.nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    record: "1.1.168.192.in-addr.arpa."
    type: "PTR"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
changed
string
success
If module has modified record
dns_rc
integer
always
dnspython return code

Sample:
4
dns_rc_str
string
always
dnspython return code (string representation)

Sample:
REFUSED
record
string
success
DNS record

Sample:
ansible
ttl
integer
success
DNS record TTL

Sample:
86400
type
string
success
DNS record type

Sample:
CNAME
value
list / elements=string
success
DNS record value(s)

Sample:
192.168.1.1
zone
string
success
DNS record zone

Sample:
example.org.


Authors

  • Loic Blot (@nerzhul)