2024-05-30 16:28:31 +00:00
|
|
|
- name: Setup unbound config
|
|
|
|
|
become: true
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{ home }}/.dots/config/unbound/unbound.conf"
|
|
|
|
|
dest: "/etc/unbound/unbound.conf"
|
|
|
|
|
owner: unbound
|
|
|
|
|
mode: "u=rwX,g=rX,o="
|
|
|
|
|
|
|
|
|
|
- name: Setup unbound control certificates
|
|
|
|
|
become: true
|
|
|
|
|
shell: /usr/bin/unbound-control-setup
|
|
|
|
|
|
|
|
|
|
- name: Specify resolv configuration to use the local unbound server
|
|
|
|
|
become: true
|
|
|
|
|
copy:
|
|
|
|
|
dest: /etc/resolv.conf
|
|
|
|
|
content: |
|
|
|
|
|
nameserver ::1
|
|
|
|
|
nameserver 127.0.0.1
|
|
|
|
|
|
|
|
|
|
- name: Protect resolv
|
|
|
|
|
become: true
|
|
|
|
|
file:
|
|
|
|
|
path: /etc/resolv.conf
|
|
|
|
|
attributes: '+i'
|
|
|
|
|
|
|
|
|
|
- name: Enable unbound service
|
|
|
|
|
become: true
|
|
|
|
|
ansible.builtin.systemd_service:
|
|
|
|
|
name: unbound
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
2024-07-09 10:51:18 +00:00
|
|
|
|
|
|
|
|
# copy from dots file to the /etc/unbound/config.d the additonal config enabled
|
|
|
|
|
- name: Setup additonal namespaces config
|
2024-07-09 22:07:13 +00:00
|
|
|
when: unbound_profiles is defined
|
2024-07-09 10:51:18 +00:00
|
|
|
become: true
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{ home }}/.dots/config/unbound/profiles/{{ item }}.conf"
|
|
|
|
|
dest: "/etc/unbound/config.d/{{ item }}.conf"
|
|
|
|
|
with_items: "{{ unbound_profiles }}"
|
|
|
|
|
|
