From bc59213a33e609f177093a8e955f44b3999c8b56 Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Wed, 21 Feb 2018 11:51:44 +0800 Subject: Add role dns to setup unbound service --- roles/dns/tasks/main.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 roles/dns/tasks/main.yml (limited to 'roles/dns/tasks') diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml new file mode 100644 index 0000000..59522a8 --- /dev/null +++ b/roles/dns/tasks/main.yml @@ -0,0 +1,35 @@ +--- +- name: install unbound and nsd + pkgng: + name: "{{ item }}" + state: present + with_items: + - unbound + - nsd + +# "root-hints" is the file which contains the listing of primary root +# DNS servers. Unbound does have a listing of root DNS servers in its +# code, but we want to make sure we have the most up to date copy. +# We normally update our copy once every 6 months. +# +# References: +# * Unbound DNS Server Tutorial +# https://calomel.org/unbound_dns.html +# +- name: unbound - fetch root.hints + command: > + fetch -o /usr/local/etc/unbound/root.hints + "https://www.internic.net/domain/named.cache" + +- name: unbound - copy configuration + copy: + src: unbound.conf + dest: /usr/local/etc/unbound/unbound.conf + +- name: unbound - enable and start service + command: rcenable unbound + +- name: setup resolv.conf + copy: + src: resolv.conf + dest: /etc/resolv.conf -- cgit v1.2.2