full-dns/tasks/main.yml

42 lines
1.5 KiB
YAML

---
- set_fact:
zones: "{{ [dns_server.main_zone] + dns_server.zones }}"
main_zone: "{{ dns_server.main_zone }}"
server: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"']\")|json_query('[0]') }}"
others: "{{ dns_server.servers|json_query(\"[?name!='\" + inventory_hostname + \"']\") }}"
star: "{{ dns_server.servers|json_query('[?star==`true`]')|json_query('[0]') }}"
satellites: "{{ dns_server.servers|json_query('[?satellite==`true`]') }}"
is_local_resolver: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].local_resolver\")|first|default(false) }}"
is_star: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].star\")|first|default(false) }}"
is_satellite: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].satellite\")|first|default(false) }}"
- name: Ensure systemd-resolved is absent
systemd:
name: systemd-resolved
state: stopped
masked: yes
- name: Ensure resolv.conf is appropriately configured
copy:
dest: /etc/resolv.conf
content: |
nameserver 8.8.8.8
nameserver 1.1.1.1
owner: root
group: root
mode: 0644
- include_tasks: wireguard.yml
- include_tasks: nsd.yml
when: not wireguard.changed
- include_tasks: nsd_star.yml
when: is_star and not wireguard.changed
- include_tasks: nsd_satellite.yml
when: is_satellite and not wireguard.changed
- include_tasks: unbound.yml
when: is_local_resolver and not wireguard.changed