CCCHH/ansible-infra
CCCHH/ansible-infra
2
2
Fork 1
Code Issues 7 Pull requests 9 Wiki Activity Actions

add capability to disable systemd-resolved via role #86

Merged
june merged 2 commits from add-systemd-resolved-config-role into main 2026-05-02 01:12:15 +02:00
Conversation 2 Commits 2 Files changed 10 +152
lilly commented 2026-05-01 00:19:23 +02:00
Owner
Copy link

Sometimes it is necessary to disable systemd-resolved on a host, for example when another DNS server is being configured. To make this easy, a new role is introduced (included by default via base_config role) which can do that. The defaults are not changed in any way so any host that is currently running with systemd-resolved will continue to do so.

Sometimes it is necessary to disable systemd-resolved on a host, for example when another DNS server is being configured. To make this easy, a new role is introduced (included by default via `base_config` role) which can do that. The defaults are not changed in any way so any host that is currently running with systemd-resolved will continue to do so.
lilly self-assigned this 2026-05-01 00:19:23 +02:00
add capability to disable systemd-resolved to base_config role
All checks were successful
/ Ansible Lint (push) Successful in 2m28s
Details
/ Ansible Lint (pull_request) Successful in 2m24s
Details
58ced1a85e
lilly requested review from june 2026-05-01 00:19:28 +02:00
june requested changes 2026-05-01 22:40:50 +02:00
Dismissed
june left a comment
Copy link

Looks good, just the one question/request and a README as the other roles have would also be nice. Especially since it might be a bit unintutive that the DNS settings also apply when the role disables systemd-resolved and since argument_specs are hardly human readable.
Two roles with nice READMEs as a reference:

Looks good, just the one question/request and a README as the other roles have would also be nice. Especially since it might be a bit unintutive that the DNS settings also apply when the role disables systemd-resolved and since argument_specs are hardly human readable. Two roles with nice READMEs as a reference: - https://git.hamburg.ccc.de/CCCHH/ansible-infra/src/branch/main/roles/msmtp/README.md - https://git.hamburg.ccc.de/CCCHH/ansible-infra/src/branch/main/roles/certbot
roles/deploy_systemd_resolved_config/templates/resolved.conf.j2
@ -0,0 +1,11 @@
# {{ ansible_managed }}
june commented 2026-05-01 22:34:05 +02:00
Owner
Copy link

Why overwrite this file instead of dropping our config into /etc/resolved.conf.d?

Why overwrite this file instead of dropping our config into `/etc/resolved.conf.d`?
lilly commented 2026-05-01 23:20:03 +02:00
Author
Owner
Copy link

No specific reason. I just personally don't like to hide something in a .d directory (which I find easy to overlook) when the intuitive efault would be to look in /etc/resolv.conf when searching for settings.

No specific reason. I just personally don't like to hide something in a `.d` directory (which I find easy to overlook) when the intuitive efault would be to look in `/etc/resolv.conf` when searching for settings.
june commented 2026-05-01 23:26:46 +02:00
Owner
Copy link

I guess for this use-case, where we don't want to enable additional functionality with minimal impact, but rather force this system to behave like we want to, overwriting /etc/resolv.conf is the reasonable choice.

I guess for this use-case, where we don't want to enable additional functionality with minimal impact, but rather force this system to behave like we want to, overwriting `/etc/resolv.conf` is the reasonable choice.
june marked this conversation as resolved
add README.md to deploy_systemd_resolved_config role
All checks were successful
/ Ansible Lint (pull_request) Successful in 2m31s
Details
/ Ansible Lint (push) Successful in 2m24s
Details
c304a1c82a
lilly requested review from june 2026-05-02 01:02:23 +02:00
june approved these changes 2026-05-02 01:12:06 +02:00
june left a comment
Copy link

LGTM!

LGTM!
june merged commit c304a1c82a into main 2026-05-02 01:12:15 +02:00
june deleted branch add-systemd-resolved-config-role 2026-05-02 01:12:15 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
june
Labels
Clear labels   
bug
Something is not working

  
duplicate
This issue or pull request already exists

  
enhancement
New feature

  
help wanted
Need some help

  
invalid
Something is wrong

  
question
More information is needed

  
renovate
Created automatically by Renovate.

  
waiting on upstream
Waiting on upstream until this can be merged.

  
wontfix
This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
renovate
waiting on upstream
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
lilly
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
CCCHH/ansible-infra!86
No description provided.