Tag all DNS steps

There are some cases where I do not want to run DNS-related steps. For instance, when setting up a new server, which should replace an existing one, it is necessary to skip the DNS steps until the server has been fully migrated and I am ready to switch the hot/cold sides. Therefore, tag all DNS steps. This allows them to be skipped during ansible playbook execution using --skip-tags dns.
author: Matthew Fennell <matthew@fennell.dev> 2026-01-10 15:39:31 +0000
committer: Matthew Fennell <matthew@fennell.dev> 2026-01-10 15:39:31 +0000
commit: f3a0496912c4ceb9d2032946bb0e31525f50a613 (patch)
tree: 3061d5ce748758a84c6d999d0eb031db321671a1
parent: fa86d5476e8714e74a526046d86f0a2d6096293b (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/playbook.yaml b/playbook.yaml
index 2fbaa56..d4db5da 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -89,6 +89,8 @@
    - name: Take note of DANE hash
      ansible.builtin.set_fact:
       dane_hash: "{{ dane_result.stdout }}"
+     tags:
+      - dns
 
    - name: Ensure common records exist
      ansible.builtin.uri:
@@ -144,6 +146,8 @@
           tlsa_selector: "1"
           tlsa_matching: "1"
      delegate_to: localhost
+     tags:
+      - dns
 
    - name: Ensure non-transport records exist
      ansible.builtin.uri:
@@ -199,6 +203,8 @@
           tlsa_matching: "1"
      delegate_to: localhost
      when: not is_transport_server
+     tags:
+      - dns
 
    # We specifically use apt instead of the more general package module here,
    # because we want to ensure the cache is updated before we try and install
author	Matthew Fennell <matthew@fennell.dev>	2026-01-10 15:39:31 +0000
committer	Matthew Fennell <matthew@fennell.dev>	2026-01-10 15:39:31 +0000
commit	f3a0496912c4ceb9d2032946bb0e31525f50a613 (patch)
tree	3061d5ce748758a84c6d999d0eb031db321671a1
parent	fa86d5476e8714e74a526046d86f0a2d6096293b (diff)