65 lines
1.5 KiB
YAML
65 lines
1.5 KiB
YAML
---
|
|
|
|
- name: Add dns servers
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNS
|
|
value: '{{ dns_servers[0] }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_dns
|
|
when: dns_servers | length > 0
|
|
|
|
- name: Add dns fallback server
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: FallbackDNS
|
|
value: '{{ dns_servers[1] }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_fallbackdns
|
|
when: dns_servers | length > 1
|
|
|
|
- name: Enable dnssec
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNSSEC
|
|
value: '{{ "yes" if dns_dnssec else "no" }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_dnssec
|
|
|
|
- name: Add search domains
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: Domains
|
|
value: '{{ dns_domains | join(" ") }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_domains
|
|
|
|
- name: Stub listener
|
|
community.general.ini_file:
|
|
path: /etc/systemd/resolved.conf
|
|
section: Resolve
|
|
option: DNSStubListener
|
|
value: '{{ "yes" if dns_stub_listener else "no" }}'
|
|
mode: '0644'
|
|
no_extra_spaces: true
|
|
register: conf_domains
|
|
|
|
- name: Reload systemd-resolved
|
|
ansible.builtin.service:
|
|
name: systemd-resolved
|
|
state: restarted
|
|
enabled: true
|
|
when:
|
|
- conf_dns is changed or
|
|
conf_fallbackdns is changed or
|
|
conf_dnssec is changed or
|
|
conf_domains is changed
|