nsupdate – Manage DNS records

Synopsis

  • Create, update and remove DNS records using DDNS updates

Requirements

The below requirements are needed on the host that executes this module.

  • dnspython

Parameters

Parameter Choices/Defaults Comments
key_algorithm
-
    Choices:
  • HMAC-MD5.SIG-ALG.REG.INT
  • hmac-md5 ←
  • hmac-sha1
  • hmac-sha224
  • hmac-sha256
  • hmac-sha384
  • hmac-sha512
Specify key algorithm used by key_secret.
key_name
-
Use TSIG key name to authenticate against DNS server
key_secret
-
Use TSIG key secret, associated with key_name, to authenticate against server
port
-
added in 2.5
Default:
53
Use this TCP port when connecting to server.
protocol
-
added in 2.8
    Choices:
  • tcp ←
  • udp
Sets the transport protocol (TCP or UDP). TCP is the recommended and a more robust option.
record
- / required
Sets the DNS record to modify. When zone is omitted this has to be absolute (ending with a dot).
server
- / required
Apply DNS modification on this server.
state
-
    Choices:
  • present ←
  • absent
Manage DNS record.
ttl
-
Default:
3600
Sets the record TTL.
type
-
Default:
"A"
Sets the record type.
value
-
Sets the record value.
zone
-
DNS record will be modified on this zone.
When omitted DNS will be queried to attempt finding the correct zone.
Starting with Ansible 2.7 this parameter is optional.

Examples

- name: Add or modify ansible.example.org A to 192.168.1.1"
  nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "ansible"
    value: "192.168.1.1"

- name: Add or modify ansible.example.org A to 192.168.1.1, 192.168.1.2 and 192.168.1.3"
  nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "ansible"
    value: ["192.168.1.1", "192.168.1.2", "192.168.1.3"]

- name: Remove puppet.example.org CNAME
  nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    zone: "example.org"
    record: "puppet"
    type: "CNAME"
    state: absent

- name: Add 1.1.168.192.in-addr.arpa. PTR for ansible.example.org
  nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    record: "1.1.168.192.in-addr.arpa."
    type: "PTR"
    value: "ansible.example.org."
    state: present

- name: Remove 1.1.168.192.in-addr.arpa. PTR
  nsupdate:
    key_name: "nsupdate"
    key_secret: "+bFQtBCta7j2vWkjPkAFtgA=="
    server: "10.1.1.1"
    record: "1.1.168.192.in-addr.arpa."
    type: "PTR"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
changed
string
success
If module has modified record

dns_rc
integer
always
dnspython return code

Sample:
4
dns_rc_str
string
always
dnspython return code (string representation)

Sample:
REFUSED
record
string
success
DNS record

Sample:
ansible
ttl
integer
success
DNS record TTL

Sample:
86400
type
string
success
DNS record type

Sample:
CNAME
value
list
success
DNS record value(s)

Sample:
192.168.1.1
zone
string
success
DNS record zone

Sample:
example.org.


Status

Authors

  • Loic Blot (@nerzhul)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.