-
Notifications
You must be signed in to change notification settings - Fork 183
/
verify.yml
105 lines (93 loc) · 5.24 KB
/
verify.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
---
- name: Verify
hosts: all
gather_facts: false
tasks:
# Only collect network facts to reduce setup time
- name: Gathering Facts
setup:
gather_subset:
- 'network'
- name: Set local_dns variable for dig
set_fact:
local_dns: "{{ '@' + ansible_default_ipv4.address }}"
- name: IPv4 Forward lookups
assert:
that:
- lookup('dig', 'ns1.acme-inc.com', local_dns ) == '10.11.0.1'
- lookup('dig', 'ns2.acme-inc.com', local_dns) == '10.11.0.2'
- lookup('dig', 'srv001.acme-inc.com', local_dns) == '10.11.1.1'
- lookup('dig', 'srv002.acme-inc.com', local_dns) == '10.11.1.2'
- lookup('dig', 'mail001.acme-inc.com', local_dns) == '10.11.2.1'
- lookup('dig', 'mail002.acme-inc.com', local_dns) == '10.11.2.2'
- lookup('dig', 'mail003.acme-inc.com', local_dns) == '10.11.2.3'
- lookup('dig', 'srv010.acme-inc.com', local_dns) == '10.11.0.10'
- lookup('dig', 'srv011.acme-inc.com', local_dns) == '10.11.0.11'
- lookup('dig', 'srv012.acme-inc.com', local_dns) == '10.11.0.12'
- lookup('dig', 'srv001.example.com', local_dns) == '192.0.2.1'
- lookup('dig', 'srv002.example.com', local_dns) == '192.0.2.2'
- lookup('dig', 'mail001.example.com', local_dns) == '192.0.2.10'
- name: IPv4 Reverse lookups
assert:
that:
- lookup('dig', '10.11.0.1/PTR', local_dns) == 'ns1.acme-inc.com.'
- lookup('dig', '10.11.0.2/PTR', local_dns) == 'ns2.acme-inc.com.'
- lookup('dig', '10.11.1.1/PTR', local_dns) == 'srv001.acme-inc.com.'
- lookup('dig', '10.11.1.2/PTR', local_dns) == 'srv002.acme-inc.com.'
- lookup('dig', '10.11.2.1/PTR', local_dns) == 'mail001.acme-inc.com.'
- lookup('dig', '10.11.2.2/PTR', local_dns) == 'mail002.acme-inc.com.'
- lookup('dig', '10.11.2.3/PTR', local_dns) == 'mail003.acme-inc.com.'
- lookup('dig', '10.11.0.10/PTR', local_dns) == 'srv010.acme-inc.com.'
- lookup('dig', '10.11.0.11/PTR', local_dns) == 'srv011.acme-inc.com.'
- lookup('dig', '10.11.0.12/PTR', local_dns) == 'srv012.acme-inc.com.'
- lookup('dig', '192.0.2.1/PTR', local_dns) == 'srv001.example.com.'
- lookup('dig', '192.0.2.2/PTR', local_dns) == 'srv002.example.com.'
- lookup('dig', '192.0.2.10/PTR', local_dns) == 'mail001.example.com.'
- name: IPv4 Alias lookups
assert:
that:
- lookup('dig', 'www.acme-inc.com', local_dns) == '10.11.1.1'
- lookup('dig', 'mysql.acme-inc.com', local_dns) == '10.11.1.2'
- lookup('dig', 'smtp.acme-inc.com', local_dns) == '10.11.2.1'
- lookup('dig', 'mail-in.acme-inc.com', local_dns) == '10.11.2.1'
- lookup('dig', 'imap.acme-inc.com', local_dns) == '10.11.2.3'
- lookup('dig', 'mail-out.acme-inc.com', local_dns) == '10.11.2.3'
- lookup('dig', 'www.example.com', local_dns) == '192.0.2.1'
- name: IPv6 Forward lookups
assert:
that:
- lookup('dig', 'srv001.acme-inc.com/AAAA', local_dns) == '2001:db8::1'
- lookup('dig', 'srv002.acme-inc.com/AAAA', local_dns) == '2001:db8::2'
- lookup('dig', 'mail001.acme-inc.com/AAAA', local_dns) == '2001:db8::d:1'
- lookup('dig', 'mail002.acme-inc.com/AAAA', local_dns) == '2001:db8::d:2'
- lookup('dig', 'mail003.acme-inc.com/AAAA', local_dns) == '2001:db8::d:3'
- lookup('dig', 'srv001.example.com/AAAA', local_dns) == '2001:db9::1'
- name: IPv6 Reverse lookups
assert:
that:
- lookup('dig', '2001:db8::1/PTR', local_dns) == 'srv001.acme-inc.com.'
- lookup('dig', '2001:db8::2/PTR', local_dns) == 'srv002.acme-inc.com.'
- lookup('dig', '2001:db8::d:1/PTR', local_dns) == 'mail001.acme-inc.com.'
- lookup('dig', '2001:db8::d:2/PTR', local_dns) == 'mail002.acme-inc.com.'
- lookup('dig', '2001:db8::d:3/PTR', local_dns) == 'mail003.acme-inc.com.'
- lookup('dig', '2001:db8::d:3/PTR', local_dns) == 'mail003.acme-inc.com.'
- lookup('dig', '2001:db9::1/PTR', local_dns) == 'srv001.example.com.'
- name: NS records lookup
assert:
that:
- lookup('dig', 'acme-inc.com/NS', local_dns).split(',') | sort | join(',') == 'ns1.acme-inc.com.,ns2.acme-inc.com.'
- lookup('dig', 'example.com/NS', local_dns).split(',') | sort | join(',') == 'ns1.acme-inc.com.,ns2.acme-inc.com.'
- name: MX records lookup
assert:
that:
- lookup('dig', 'acme-inc.com/MX', local_dns).split(',') | sort | join(',') == '10 mail001.acme-inc.com.,20 mail002.acme-inc.com.'
- lookup('dig', 'example.com/MX', local_dns).split(',') | sort | join(',') == '10 mail001.example.com.'
- name: Service records lookup
assert:
that:
- lookup('dig', '_ldap._tcp.acme-inc.com/SRV', local_dns) == '0 100 88 srv010.acme-inc.com.'
- name: TXT records lookup
assert:
that:
- lookup('dig', '_kerberos.acme-inc.com/TXT', local_dns) == 'KERBEROS.ACME-INC.COM'
- lookup('dig', 'acme-inc.com/TXT', local_dns).split(',') | sort | join(',') == 'more text,some text'