effectivelywild.technitium_dns.technitium_dns_update_nsec3_parameters module – Update NSEC3 Parameters

Note

This module is part of the effectivelywild.technitium_dns collection (version 1.1.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install effectivelywild.technitium_dns.

To use it in a playbook, specify: effectivelywild.technitium_dns.technitium_dns_update_nsec3_parameters.

New in effectivelywild.technitium_dns 0.2.1

Synopsis

  • Updates the iteration and salt length parameters for NSEC3 on a signed DNS zone.

  • The zone must already be signed with DNSSEC and using NSEC3.

Parameters

Parameter

Comments

api_port

integer

Port for the Technitium DNS API. Defaults to 5380

Default: 5380

api_token

string / required

API token for authentication

api_url

string / required

Base URL for the Technitium DNS API

iterations

integer

The number of iterations to use for hashing

Default value is 0 when not specified

Default: 0

node

string

The node domain name for which this API call is intended

When unspecified, the current node is used

This parameter can be used only when Clustering is initialized

salt_length

integer

The length of salt in bytes to use for hashing

Default value is 0 when not specified

Default: 0

validate_certs

boolean

Whether to validate SSL certificates when making API requests.

Choices:

  • false

  • true ← (default)

zone

string / required

The name of the primary zone to update NSEC3 parameters for

See Also

See also

effectivelywild.technitium_dns.technitium_dns_sign_zone

Sign a zone with DNSSEC

effectivelywild.technitium_dns.technitium_dns_convert_to_nsec3

Convert signed zone from NSEC to NSEC3

effectivelywild.technitium_dns.technitium_dns_get_dnssec_properties

Get DNSSEC properties for a zone

Examples

- name: Update NSEC3 parameters with custom iterations and salt length
  technitium_dns_update_nsec3_parameters:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
    iterations: 10
    salt_length: 8

- name: Reset NSEC3 parameters to defaults
  technitium_dns_update_nsec3_parameters:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
    iterations: 0
    salt_length: 0

- name: Update only iterations parameter
  technitium_dns_update_nsec3_parameters:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
    iterations: 5

- name: Update NSEC3 parameters on a specific cluster node
  technitium_dns_update_nsec3_parameters:
    api_url: "http://localhost"
    api_token: "myapitoken"
    zone: "example.com"
    iterations: 10
    salt_length: 8
    node: "node1.cluster.example.com"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

api_response

dictionary

Full API response from Technitium DNS server

Returned: always

Sample: {"status": "ok"}

changed

boolean

Whether the module made changes

Returned: always

Sample: true

failed

boolean

Whether the module failed

Returned: always

Sample: false

msg

string

Human readable message describing the result

Returned: always

Sample: "NSEC3 parameters updated for zone 'example.com'"

Authors

  • Frank Muise (@effectivelywild)