PowerDNS/pdns-ansible v1.9.0

Version 1.9.0

on GitHub

NEW FEATURES:

• Add configuration for flat files (#79, @sorrowless)
• Allow installation of custom scripts (#210, @zerwes)
• Add support and tests for Rocky Linux and AlmaLinux (#209, @romeroalx)
• Add pdns49 repository and CI (#213, @npmdnl)
• Add pdns50 repository and CI (#247, @npmdnl)
• Add PostgreSQL backend provisioning and Molecule coverage
  (based in #216 @dtrdnk,
  #211 @Exchizz,
  #104 @commonism)
• Add role-level toggles for PostgreSQL backend bootstrap (pdns_pgsql_manage_database, pdns_pgsql_schema_load, pdns_pgsql_schema_on_first_node_only)
• Add role-level SELinux control via pdns_manage_selinux (enabled by default)
• Add service masking support via pdns_service_masked
• Add role verbosity toggle (pdns_verbose) to control redaction of sensitive SQL task logs
• Add architecture-aware APT repository settings for Debian-family systems (pdns_apt_repo_arch map with amd64/arm64)

IMPROVEMENTS:

• Include mysql_schema_file in MySQL import task names (#119, @zerwes)
• Run MySQL database commands on the first node only for clustered setups (#120, @zerwes)
• Remove nolog from backend install while still hiding passwords in logs (#175, @zerwes)
• Update pdns-master CI configuration and replace Ubuntu Bionic with Focal (#207, @romeroalx)
• Update SQLite3 backend defaults (#220, @kleini)
• Fix CI request handling in GitHub Actions (#221, @romeroalx)
• Upgrade CI tests to newer molecule and ansible-core versions (#230, @romeroalx)
• Update examples after variable deprecations (#240, @henkjan)
• Add Deb822 APT repository support on Debian-family systems while keeping legacy apt_repo compatibility
  (based on #242 @l00d3r,
  #246 @joshsol1)
• Bump ansible-lint to 6.18.0 (#190, @dependabot[bot])
• Rework MySQL bootstrap workflow for MySQL 8.4/9 and MariaDB compatibility:
  • socket/TCP selection with pdns_mysql_query_use_socket and pdns_mysql_unix_socket
  • configurable SQL CLI command/flags via pdns_backends_mysql_cmd and pdns_mysql_cli_extra_args
  • auth plugin and password-update controls via pdns_mysql_auth_plugin and pdns_mysql_user_update_password
• Improve PostgreSQL bootstrap workflow with socket/TCP selection and first-node-only execution controls
• Improve SQLite schema detection/import by supporting compressed schemas (.gz, .xz) and additional distro-specific paths
• Improve PowerDNS version detection by parsing both stdout/stderr to handle plugin load noise
• Consolidate OS variable loading order in role (os_family -> distribution -> major-version overrides)
• Standardize service management on ansible.builtin.systemd and apt cache updates through handlers

REMOVED / EOL:

• Drop pdns46 repository (EOL) (#208, @npmdnl)
• Remove EOL CI targets RHEL 7, Debian 10, and Ubuntu 20.04; add Debian 11, Debian 12, and Ubuntu 24.04 (#222, @romeroalx, #243, @romeroalx)
• Drop pdns47 repository (EOL) (#247, @npmdnl)
• Remove deprecated named-schema generation role components (tasks/database-named.yml, templates/named.conf.j2, templates/named.zone.j2)
• Remove version-specific RedHat vars files in favor of consolidated vars/RedHat.yml

BUG FIXES:

• Reorder selinux.yml include to resolve issue #122 (#123, @pixelrebel)
• Add missing closing braces (#172, @arjenz)
• Fix logging for grant access task (#195, @zerwes)
• Fix pdns-os-repos CI tests (#214, @romeroalx)
• Add missing RHEL-family packages required for SELinux support (#218, @vhsantos)
• Move PowerDNS restart logic to handlers (#244, @valiac)
• Exclude local .ansible cache directory from linting (#245, @valiac)
• Fix SELinux DB-connect boolean activation for both MySQL and PostgreSQL backends (including multi-instance backend names)
• Fix MySQL/MariaDB bootstrap on caching_sha2_password by adding required python*-cryptography dependencies in role defaults