unbound(role): use existing deploy_systemd_resolved_config role and some reordering

roles/unbound/handlers/main.yml

@@ -18,10 +18,3 @@
     name: prometheus-unbound-exporter.service
     state: restarted
     enabled: true
-
-- name: prometheus-unbound-exporter.enabled
-  become: true
-  ansible.builtin.systemd:
-    name: prometheus-unbound-exporter.service
-    enabled: true
-    daemon_reload: true

roles/unbound/tasks/main.yml

@@ -7,11 +7,6 @@
       ansible.builtin.package:
         name: unbound
 
-    - name: install extra dns tooling
-      become: true
-      ansible.builtin.package:
-        name: [ bind ]  # the bind package includes tools like dig in archlinux
-
     - name: ensure correct directory permissions
       become: true
       ansible.builtin.file:
@@ -40,23 +35,10 @@
         enabled: true
 
     - name: disable systemd-resolved
-      become: true
       when: unbound_disable_systemd_networkd
-      ansible.builtin.systemd:
-        name: systemd-resolved.service
-        state: stopped
-        enabled: false
-
-    - name: configure system resolver to point to local unbound
-      become: true
-      when: unbound_disable_systemd_networkd
-      ansible.builtin.copy:
-        src: no-resolved.resolv.conf
-        dest: /etc/resolv.conf
-        owner: unbound
-        group: unbound
-        mode: u=rw,g=r,o=r
-
+      ansible.builtin.include_role:
+        name: deploy_systemd_resolved_config
+        vars_from: deploy_systemd_resolved_config
 
     - name: install and configure prometheus-exporter for unbound
       ansible.builtin.import_tasks: prometheus-exporter.yml

roles/unbound/tasks/prometheus-exporter.yml

@@ -3,7 +3,13 @@
   become: true
   ansible.builtin.package:
     name: prometheus-unbound-exporter
-  notify: prometheus-unbound-exporter.enabled
+
+- name: enable unbound prometheus exporter
+  become: true
+  ansible.builtin.systemd:
+    name: prometheus-unbound-exporter.service
+    enabled: true
+    daemon_reload: true
 
 - name: configure unbound exporter
   become: true

roles/unbound/vars/deploy_systemd_resolved_config.yaml

@@ -0,0 +1,9 @@
+---
+deploy_systemd_resolved_config__enable: false
+deploy_systemd_resolved_config__dns:
+  - 127.0.0.1
+deploy_systemd_resolved_config__fallback_dns: # Fux DNS Server
+  - 185.161.128.66
+  - 2a07:c481:0:4::2
+  - 185.161.128.67
+  - 2a07:c481:0:4::3