Skip to content

Commit

Permalink
feat(resolved): add role
Browse files Browse the repository at this point in the history
  • Loading branch information
@lukaslihotzki-f
lukaslihotzki-f committed Oct 9, 2024
1 parent 66ef482 commit b6421aa
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 0 deletions.
4 changes: 4 additions & 0 deletions roles/systemd_resolved/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
systemd_resolved_dns_servers:
- 1.1.1.1
- 9.9.9.9
6 changes: 6 additions & 0 deletions roles/systemd_resolved/handlers/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
- name: Restart resolved
ansible.builtin.systemd:
name: systemd-resolved
state: restarted
listen: restart resolved
34 changes: 34 additions & 0 deletions roles/systemd_resolved/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
- name: Install resolved
ansible.builtin.package:
name: systemd-resolved

- name: Configure DNS server
ansible.builtin.lineinfile:
path: /etc/systemd/resolved.conf
regexp: '^#?DNS='
insertafter: [Resolve]
line: 'DNS={{ systemd_resolved_dns_servers | join(" ") }}'
notify: restart resolved

- name: Enable DNSSEC
ansible.builtin.lineinfile:
path: /etc/systemd/resolved.conf
regexp: '^#?DNSSEC='
insertafter: [Resolve]
line: DNSSEC=yes
notify: restart resolved

- name: Enable resolved
ansible.builtin.systemd:
name: systemd-resolved
masked: false
enabled: true
state: started

- name: Use resolved
ansible.builtin.file:
src: /run/systemd/resolve/stub-resolv.conf
dest: /etc/resolv.conf
state: link
force: true

0 comments on commit b6421aa

Please sign in to comment.