effectivelywild.technitium_dns.technitium_dns_get_dnssec_properties module – Get DNSSEC properties for a primary zone

Note

This module is part of the effectivelywild.technitium_dns collection (version 1.1.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install effectivelywild.technitium_dns.

To use it in a playbook, specify: effectivelywild.technitium_dns.technitium_dns_get_dnssec_properties.

New in effectivelywild.technitium_dns 0.1.0

Synopsis

  • Retrieve DNSSEC properties for a signed zone.

Parameters

Parameter

Comments

api_port

integer

Port for the Technitium DNS API. Defaults to 5380

Default: 5380

api_token

string / required

API token for authenticating with the Technitium DNS API

api_url

string / required

Base URL for the Technitium DNS API

node

string

The node domain name for which this API call is intended

When unspecified, the current node is used

This parameter can be used only when Clustering is initialized

validate_certs

boolean

Whether to validate SSL certificates when making API requests.

Choices:

  • false

  • true ← (default)

zone

string / required

The name of the primary zone to get DNSSEC properties for.

See Also

See also

effectivelywild.technitium_dns.technitium_dns_sign_zone

Sign a zone (DNSSEC)

effectivelywild.technitium_dns.technitium_dns_unsign_zone

Unsign a zone (DNSSEC)

effectivelywild.technitium_dns.technitium_dns_convert_to_nsec

Convert signed zone from NSEC to NSEC3

effectivelywild.technitium_dns.technitium_dns_convert_to_nsec3

Convert signed zone from NSEC3 to NSEC

Examples

- name: Get DNSSEC properties for example.com
  technitium_dns_get_dnssec_properties:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
  register: result

- debug:
    var: result.dnssec_properties

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Whether the module made changes (always false for get operations)

Returned: always

Sample: false

dnssec_properties

dictionary

DNSSEC properties and configuration for the zone

Contains comprehensive information about DNSSEC signing status, keys, and settings

Returned: always

disabled

boolean

Whether the zone is disabled

Returned: always

dnsKeyTtl

integer

TTL for DNSKEY records in seconds

Returned: always

dnssecPrivateKeys

list / elements=string

List of DNSSEC private keys used for signing

Returned: always

algorithm

string

DNSSEC algorithm name

Returned: always

Sample: "ECDSAP256SHA256"

algorithmNumber

integer

DNSSEC algorithm number

Returned: always

Sample: 13

isRetiring

boolean

Whether the key is being retired

Returned: always

keyTag

integer

Key tag identifier

Returned: always

keyType

string

Type of key (KeySigningKey or ZoneSigningKey)

Returned: always

rolloverDays

integer

Rollover frequency in days

Returned: always

state

string

Current state of the key

Returned: always

stateChangedOn

string

When the key state last changed (ISO timestamp)

Returned: always

stateReadyBy

string

When the key will be ready for next state (ISO timestamp)

Returned: when available

dnssecStatus

string

DNSSEC signing status

Returned: always

Sample: "SignedWithNSEC3"

internal

boolean

Whether the zone is internal

Returned: always

name

string

Zone name

Returned: always

nsec3Iterations

integer

NSEC3 iterations parameter

Returned: when zone uses NSEC3

nsec3SaltLength

integer

NSEC3 salt length parameter

Returned: when zone uses NSEC3

type

string

Zone type

Returned: always

Sample: "Primary"

failed

boolean

Whether the module failed

Returned: always

Sample: false

Authors

  • Frank Muise (@effectivelywild)