feat: systemd, unbound, more packages, dots venv
This commit is contained in:
parent
45076c5231
commit
9c4a6a4341
15 changed files with 291 additions and 48 deletions
32
ansible/roles/dns/tasks/main.yaml
Normal file
32
ansible/roles/dns/tasks/main.yaml
Normal file
|
|
@ -0,0 +1,32 @@
|
|||
- name: Setup unbound config
|
||||
become: true
|
||||
copy:
|
||||
src: "{{ home }}/.dots/config/unbound/unbound.conf"
|
||||
dest: "/etc/unbound/unbound.conf"
|
||||
owner: unbound
|
||||
mode: "u=rwX,g=rX,o="
|
||||
|
||||
- name: Setup unbound control certificates
|
||||
become: true
|
||||
shell: /usr/bin/unbound-control-setup
|
||||
|
||||
- name: Specify resolv configuration to use the local unbound server
|
||||
become: true
|
||||
copy:
|
||||
dest: /etc/resolv.conf
|
||||
content: |
|
||||
nameserver ::1
|
||||
nameserver 127.0.0.1
|
||||
|
||||
- name: Protect resolv
|
||||
become: true
|
||||
file:
|
||||
path: /etc/resolv.conf
|
||||
attributes: '+i'
|
||||
|
||||
- name: Enable unbound service
|
||||
become: true
|
||||
ansible.builtin.systemd_service:
|
||||
name: unbound
|
||||
state: started
|
||||
enabled: true
|
||||
Loading…
Add table
Add a link
Reference in a new issue