71 lines
1.7 KiB
YAML
71 lines
1.7 KiB
YAML
---
|
|
- name: Add DNS servers
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNS
|
|
value: '{{ dns_servers[0] }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_dns
|
|
when: dns_servers | length > 0
|
|
|
|
- name: Add DNS fallback server
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: FallbackDNS
|
|
value: '{{ dns_servers[1] }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_fallbackdns
|
|
when: dns_servers | length > 1
|
|
|
|
- name: Enable DNSSEC
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNSSEC
|
|
value: '{{ "yes" if dns_dnssec else "no" }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_dnssec
|
|
|
|
- name: Add search domains
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: Domains
|
|
value: '{{ dns_domains | join(" ") }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_domains
|
|
|
|
- name: stub listener
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNSStubListener
|
|
value: '{{ "yes" if dns_stub_listener else "no" }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_domains
|
|
|
|
- name: Check if systemd-resolve runs
|
|
ansible.builtin.shell: pgrep systemd-resolve
|
|
failed_when: false
|
|
changed_when: false
|
|
register: systemd_resolved_running
|
|
check_mode: false
|
|
|
|
- name: Reload systemd-resolved
|
|
ansible.builtin.systemd:
|
|
name: systemd-resolved
|
|
state: restarted
|
|
when:
|
|
- conf_dns is changed or
|
|
conf_fallbackdns is changed or
|
|
conf_dnssec is changed or
|
|
conf_domains is changed
|
|
- systemd_resolved_running.rc == 0
|