44 lines
1.1 KiB
YAML
44 lines
1.1 KiB
YAML
- name: Install systemd-resolved
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- systemd-resolved
|
|
state: present
|
|
update_cache: true
|
|
become: true
|
|
|
|
- name: Copy systemd config
|
|
ansible.builtin.copy:
|
|
src: systemd-resolved.conf
|
|
dest: /etc/systemd/resolved.conf
|
|
mode: "0644"
|
|
owner: "root"
|
|
group: "root"
|
|
become: true
|
|
register: systemd_resolved_config
|
|
|
|
- name: Enable systemd-resolved and (re)start
|
|
ansible.builtin.systemd_service:
|
|
name: systemd-resolved.service
|
|
state: "{{ 'restarted' if systemd_resolved_config.changed else 'started' }}"
|
|
enabled: true
|
|
daemon_reload: true
|
|
become: true
|
|
register: systemd_resolved_started
|
|
|
|
- name: Restart other dns-related services
|
|
ansible.builtin.systemd_service:
|
|
name: "{{ item }}.service"
|
|
state: restarted
|
|
daemon_reload: true
|
|
become: true
|
|
when: systemd_resolved_started.changed # noqa: no-handler TODO can we add a handler here?
|
|
loop:
|
|
- tailscaled
|
|
|
|
- name: Create resolv.conf symlink
|
|
ansible.builtin.file:
|
|
src: /run/systemd/resolve/stub-resolv.conf
|
|
dest: /etc/resolv.conf
|
|
force: true
|
|
state: link
|
|
become: true
|