From 5fcd532b648824d947ec009d8d63508b9d3be7fa Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Sat, 24 Feb 2018 17:49:06 +0800 Subject: dns/unbound: update config and enable remote-control --- roles/dns/tasks/main.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'roles/dns/tasks') diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml index 04c45f3..d6bfb2f 100644 --- a/roles/dns/tasks/main.yml +++ b/roles/dns/tasks/main.yml @@ -22,6 +22,15 @@ "https://www.internic.net/domain/named.cache" notify: reload-unbound +- name: unbound - check existence of control key/cert + stat: + path: /usr/local/etc/unbound/unbound_control.key + register: stat_result + +- name: unbound - generate self-signed key/cert for control + command: unbound-control-setup + when: stat_result.stat.exists == False + - name: unbound - copy configuration copy: src: unbound.conf @@ -36,6 +45,9 @@ src: resolv.conf dest: /etc/resolv.conf +# +# NSD +# - name: NSD - copy configuration template: src: nsd.conf.j2 -- cgit v1.2.2