Tip

Check out the repository on GitHub

Report missing/incorrect information or broken links

DNS - Unbound - Forwarding

STATE: stable

TESTS: Playbook

API Docs: Core - Unbound

Service Docs: Unbound

Definition

Definition

Parameter	Type	Required	Default	Aliases	Comment
domain	string	false	-	dom, d	Domain of the host. All queries for this domain will be forwarded to the nameserver specified. Leave empty to catch all queries and forward them to the nameserver
target	string	true	-	server, srv, tgt	Server to forward the dns queries to
port	string	false	53	p	DNS port of the target server
reload	boolean	false	true	-	If the running config should be reloaded on change - this may take some time. For mass-managing items you might want to reload it ‘manually’ after all changes are done => using the ansibleguy.opnsense.reload module.

For basic parameters see: Basic

Info

This module manages DNS-Forwardings that can be found in the WEB-UI menu: ‘Services - Unbound DNS - Query Forwardings’

Mass-Manage

If you are mass-managing DNS records or using DNS-Blocklists - you might want to disable reload: false on single module-calls!

This takes a long time, as the service gets reloaded every time!

You might want to reload it ‘manually’ after all changes are done => using the ansibleguy.opnsense.reload module

Warning

Unbound service actions like reload can take long. Please be aware of the possible downtime!

You may also need to increase the module timeout.

Examples

- hosts: localhost
  gather_facts: no
  module_defaults:
    group/ansibleguy.opnsense.all:
      firewall: 'opnsense.template.ansibleguy.net'
      api_credential_file: '/home/guy/.secret/opn.key'

    ansibleguy.opnsense.list:
      target: 'unbound_forward'

  tasks:
    - name: Example
      ansibleguy.opnsense.unbound_forward:
        domain: 'dot.template.ansibleguy.net'
        target: '1.1.1.1'
        # port: 53
        # verify: 'dot.template.ansibleguy.net'
        # state: 'present'
        # reload: true
        # enabled: true
        # debug: false

    - name: Adding
      ansibleguy.opnsense.unbound_forward:
        domain: 'dot.template.ansibleguy.net'
        target: '1.1.1.1'

    - name: Listing
      ansibleguy.opnsense.list:
      #  target: 'unbound_forward'
      register: existing_entries

    - name: Printing DNS-Forwardings
      ansible.builtin.debug:
        var: existing_entries.data