effectivelywild.technitium_dns.technitium_dns_set_zone_options module – Set DNS zone options

Note

This module is part of the effectivelywild.technitium_dns collection (version 0.4.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install effectivelywild.technitium_dns.

To use it in a playbook, specify: effectivelywild.technitium_dns.technitium_dns_set_zone_options.

New in effectivelywild.technitium_dns 0.1.0

Synopsis

• Set zone-specific options on a Technitium DNS server.

Parameters

Parameter	Comments
api_port integer	Port for the Technitium DNS API. Defaults to 5380. Default: 5380
api_token string / required	API token for authenticating with the Technitium DNS API
api_url string / required	Base URL for the Technitium DNS API
catalog string	Catalog zone name to register as its member zone (Primary, Stub, Forwarder only)
disabled boolean	Sets if the zone is enabled or disabled Choices: false true
notify string	Notify policy Choices: "None" "ZoneNameServers" "SpecifiedNameServers" "BothZoneAndSpecifiedNameServers" "SeparateNameServersForCatalogAndMemberZones"
notifyNameServers list / elements=string	List of IPs to notify (Primary, Secondary, Forwarder, Catalog only)
notifySecondaryCatalogsNameServers list / elements=string	List of IPs to notify for catalog updates (Catalog only)
overrideCatalogNotify boolean	Override Notify option in the Catalog zone (Primary, Forwarder only) Choices: false true
overrideCatalogQueryAccess boolean	Override Query Access option in the Catalog zone (Primary, Stub, Forwarder only) Choices: false true
overrideCatalogZoneTransfer boolean	Override Zone Transfer option in the Catalog zone (Primary, Forwarder only) Choices: false true
primaryNameServerAddresses list / elements=string	List of IPs or names of the primary name server (Secondary, SecondaryForwarder, SecondaryCatalog, Stub only)
primaryZoneTransferProtocol string	Zone transfer protocol (Secondary, SecondaryForwarder, SecondaryCatalog only) Choices: "Tcp" "Tls" "Quic"
primaryZoneTransferTsigKeyName string	TSIG key name for zone transfer (Secondary, SecondaryForwarder, SecondaryCatalog only)
queryAccess string	Query access policy Choices: "Deny" "Allow" "AllowOnlyPrivateNetworks" "AllowOnlyZoneNameServers" "UseSpecifiedNetworkACL" "AllowZoneNameServersAndUseSpecifiedNetworkACL"
queryAccessNetworkACL list / elements=string	List of network ACL entries for query access (not SecondaryCatalog, only with certain queryAccess set)
update string	Allow dynamic updates Choices: "Deny" "Allow" "AllowOnlyZoneNameServers" "UseSpecifiedNetworkACL" "AllowZoneNameServersAndUseSpecifiedNetworkACL"
updateNetworkACL list / elements=string	List of network ACL entries for update (Primary, Secondary, Forwarder, with certain update set)
updateSecurityPolicies list / elements=dictionary	List of security policies for zone updates (Primary, Forwarder only)
allowedTypes list / elements=string / required	List of allowed DNS record types
domain string / required	Domain pattern for the policy
tsigKeyName string / required	TSIG key name for the policy
validate_certs boolean	Whether to validate SSL certificates when making API requests. Choices: false true ← (default)
validateZone boolean	Enable ZONEMD validation (Secondary only). Choices: false true
zone string / required	The domain name of the zone to set options for.
zoneTransfer string	Zone transfer policy (Primary, Secondary only) Choices: "Deny" "Allow" "AllowOnlyZoneNameServers" "UseSpecifiedNetworkACL" "AllowZoneNameServersAndUseSpecifiedNetworkACL"
zoneTransferNetworkACL list / elements=string	List of network ACL entries for zone transfer (Primary, Secondary, Forwarder, Catalog only, with certain zoneTransfer set)
zoneTransferTsigKeyNames list / elements=string	List of TSIG key names for zone transfer (Primary, Secondary, Forwarder, Catalog only)

See Also

See also

effectivelywild.technitium_dns.technitium_dns_create_zone

Creates DNS Zones

effectivelywild.technitium_dns.technitium_dns_delete_zone

Deletes DNS Zones

effectivelywild.technitium_dns.technitium_dns_sign_zone

Sign a zone with DNSSEC

effectivelywild.technitium_dns.technitium_dns_get_zone_options

Get zone options

effectivelywild.technitium_dns.technitium_dns_enable_zone

Enable a zone

effectivelywild.technitium_dns.technitium_dns_disable_zone

Disable a zone

Examples

- name: Set basic options for primary zone
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
    disabled: false
    zoneTransfer: Allow
    notify: ZoneNameServers

- name: Configure primary zone with restricted access and TSIG keys
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "secure.example.com"
    queryAccess: UseSpecifiedNetworkACL
    queryAccessNetworkACL:
      - "192.168.1.0/24"
      - "10.0.0.0/8"
    zoneTransfer: AllowOnlyZoneNameServers
    zoneTransferTsigKeyNames:
      - "key1.example.com"
      - "key2.example.com"
    update: UseSpecifiedNetworkACL
    updateNetworkACL:
      - "192.168.1.100/32"

- name: Set up secondary zone with custom primary servers
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "secondary.example.com"
    primaryNameServerAddresses:
      - "192.168.1.10"
      - "192.168.1.11"
    primaryZoneTransferProtocol: Tls
    primaryZoneTransferTsigKeyName: "transfer.key"
    validateZone: true
    notify: SpecifiedNameServers
    notifyNameServers:
      - "192.168.1.20"
      - "192.168.1.21"

- name: Configure catalog zone with notification settings
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "catalog.example.com"
    zoneTransfer: UseSpecifiedNetworkACL
    zoneTransferNetworkACL:
      - "192.168.2.0/24"
    notify: SeparateNameServersForCatalogAndMemberZones
    notifySecondaryCatalogsNameServers:
      - "192.168.2.10"
      - "192.168.2.11"

- name: Set update security policies for primary zone
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "dynamic.example.com"
    update: UseSpecifiedNetworkACL
    updateNetworkACL:
      - "192.168.3.0/24"
    updateSecurityPolicies:
      - tsigKeyName: "update.key"
        domain: "dynamic.example.com"
        allowedTypes:
          - "A"
          - "AAAA"
      - tsigKeyName: "update.key"
        domain: "*.dynamic.example.com"
        allowedTypes:
          - "ANY"

- name: Configure zone as catalog member with overrides
  technitium_dns_set_zone_options:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "member.example.com"
    catalog: "catalog.example.com"
    overrideCatalogQueryAccess: true
    overrideCatalogZoneTransfer: true
    queryAccess: AllowOnlyPrivateNetworks
    zoneTransfer: Deny

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
api_response dictionary	Complete raw API response from Technitium DNS Returned: always
response dictionary	The API response payload (empty dict for successful set operations) Returned: always Sample: {}
status string	API response status Returned: always Sample: "ok"
changed boolean	Whether the module made changes Returned: always Sample: true
diff dictionary	Dictionary showing what changed, with current and desired values Returned: when changes are made Sample: {"zoneTransfer": {"current": "AllowOnlyZoneNameServers", "desired": "Allow"}, "zoneTransferNetworkACL": {"current": [], "desired": ["192.168.2.0/24"]}}
failed boolean	Whether the module failed Returned: always Sample: false
msg string	Human readable message describing the result Returned: always Sample: "Zone options set successfully."

Authors

• Frank Muise (@effectivelywild)

Collection links

• Issue Tracker
• Repository (Sources)