From 88756850d1a5cb28b897bdcc9337fcb6977aad0b Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Sun, 31 Mar 2019 19:45:52 +0200 Subject: space_server: named: use named instead of unbound This reverts commit 3b795796bd03488a385f3ad42b10b8c0d61282c1, "space_server: unbound: use unbound instad of bind". Unlike unbound, bind supports synthesizing DNS64 answers only for certain clients, so only requests from the Labitat NAT64 network will get DNS64 answers. --- roles/space_server/tasks/main.yml | 4 +-- roles/space_server/tasks/named.yml | 55 ++++++++++++++++++++++++++++++++++++ roles/space_server/tasks/unbound.yml | 41 --------------------------- 3 files changed, 57 insertions(+), 43 deletions(-) create mode 100644 roles/space_server/tasks/named.yml delete mode 100644 roles/space_server/tasks/unbound.yml (limited to 'roles/space_server/tasks') diff --git a/roles/space_server/tasks/main.yml b/roles/space_server/tasks/main.yml index bfa3bc6..374a8b6 100644 --- a/roles/space_server/tasks/main.yml +++ b/roles/space_server/tasks/main.yml @@ -28,8 +28,8 @@ - import_tasks: radius.yml tags: radius when: radius_passwords is defined -- import_tasks: unbound.yml - tags: unbound +- import_tasks: named.yml + tags: named - import_tasks: tayga.yml tags: tayga - import_tasks: avahi.yml diff --git a/roles/space_server/tasks/named.yml b/roles/space_server/tasks/named.yml new file mode 100644 index 0000000..143e8f0 --- /dev/null +++ b/roles/space_server/tasks/named.yml @@ -0,0 +1,55 @@ +--- +- name: Configure named + copy: + dest: '/etc/named.conf' + src: named.conf + owner: root + group: named + mode: 0640 + notify: + - restart named +- name: Create s zone + template: + dest: '/etc/named/s.zone' + src: s.zone.j2 + owner: root + group: named + mode: 0644 + notify: + - restart named + +- name: Create service drop-in directory + file: + dest: '/etc/systemd/system/named.service.d' + state: directory + owner: root + group: root + mode: 0755 +- name: Start named after networks are configured + copy: + dest: '/etc/systemd/system/named.service.d/wait-online.conf' + src: wait-online.conf + owner: root + group: root + mode: 0644 + +- name: Enable named service + systemd: + name: named.service + enabled: yes + masked: no + state: started + when: not chroot +- name: '- when in nspawn' + command: systemctl enable named.service + when: chroot + +- name: Use our own resolver + copy: + dest: /etc/resolv.conf + content: "nameserver 127.0.0.1\nnameserver ::1\noptions edns0\n" + owner: root + group: root + mode: 0644 + +# vim: set ts=2 sw=2 et ft=yaml: diff --git a/roles/space_server/tasks/unbound.yml b/roles/space_server/tasks/unbound.yml deleted file mode 100644 index 0de4c78..0000000 --- a/roles/space_server/tasks/unbound.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -- name: Create /etc/resolv.conf - copy: - dest: '/etc/resolv.conf' - src: resolv.conf - owner: root - group: root - mode: 0644 - -- name: Configure unbound - template: - dest: '/etc/unbound/unbound.conf' - src: unbound.conf.j2 - owner: root - group: root - mode: 0644 - notify: - - restart unbound - -- name: Enable unbound service - systemd: - name: unbound.service - enabled: yes - masked: no - state: started - when: not chroot -- name: '- when in chroot' - command: systemctl enable unbound.service - args: - creates: '/etc/systemd/system/multi-user.target.wants/unbound.service' - when: chroot - -- name: Use our own resolver - copy: - dest: '/etc/resolv.conf' - content: "nameserver 127.0.0.1\nnameserver ::1\n" - owner: root - group: root - mode: 0644 - -# vim: set ts=2 sw=2 et: -- cgit v1.2.1