2024-05-30 18:28:31 +02:00
|
|
|
- name: Setup unbound config
|
|
|
|
|
become: true
|
2025-10-08 01:18:30 +02:00
|
|
|
template:
|
|
|
|
|
src: "unbound.conf"
|
2024-05-30 18:28:31 +02:00
|
|
|
dest: "/etc/unbound/unbound.conf"
|
|
|
|
|
owner: unbound
|
|
|
|
|
mode: "u=rwX,g=rX,o="
|
|
|
|
|
|
|
|
|
|
- name: Setup unbound control certificates
|
|
|
|
|
become: true
|
|
|
|
|
shell: /usr/bin/unbound-control-setup
|
|
|
|
|
|
|
|
|
|
- name: Specify resolv configuration to use the local unbound server
|
|
|
|
|
become: true
|
|
|
|
|
copy:
|
|
|
|
|
dest: /etc/resolv.conf
|
|
|
|
|
content: |
|
|
|
|
|
nameserver ::1
|
|
|
|
|
nameserver 127.0.0.1
|
|
|
|
|
|
|
|
|
|
- name: Protect resolv
|
|
|
|
|
become: true
|
|
|
|
|
file:
|
|
|
|
|
path: /etc/resolv.conf
|
|
|
|
|
attributes: '+i'
|
|
|
|
|
|
|
|
|
|
- name: Enable unbound service
|
|
|
|
|
become: true
|
|
|
|
|
ansible.builtin.systemd_service:
|
|
|
|
|
name: unbound
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
2024-07-09 12:51:18 +02:00
|
|
|
|
2024-07-10 11:06:57 +02:00
|
|
|
- name: Create unbound configs dir
|
2025-10-08 01:18:30 +02:00
|
|
|
become: true
|
2024-07-10 11:06:57 +02:00
|
|
|
file:
|
|
|
|
|
state: directory
|
|
|
|
|
path: "/etc/unbound/config.d"
|
|
|
|
|
|
2025-10-08 01:18:30 +02:00
|
|
|
# # copy from dots file to the /etc/unbound/config.d the additonal config enabled
|
|
|
|
|
# - name: Setup additonal profile config
|
|
|
|
|
# when: organization is defined and "unbound" in organization_customize
|
|
|
|
|
# become: true
|
|
|
|
|
# copy:
|
|
|
|
|
# src: "{{ home }}/.dots/profiles/{{ organization }}/configs/unbound.conf"
|
|
|
|
|
# dest: "/etc/unbound/config.d/{{ organization }}.conf"
|
2024-07-09 12:51:18 +02:00
|
|
|
|
