44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
- name: unbound role main
|
|
block:
|
|
|
|
- name: install unbound dns resolver
|
|
become: true
|
|
ansible.builtin.package:
|
|
name: unbound
|
|
|
|
- name: ensure correct directory permissions
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /etc/unbound
|
|
state: directory
|
|
mode: u=rwX,g=rX,o=rX
|
|
recurse: true
|
|
owner: unbound
|
|
group: unbound
|
|
|
|
- name: configure unbound dns resolver
|
|
become: true
|
|
notify: unbound.restarted
|
|
ansible.builtin.template:
|
|
src: unbound.conf.j2
|
|
dest: /etc/unbound/unbound.conf
|
|
owner: unbound
|
|
group: unbound
|
|
mode: u=rw,g=r,o=r
|
|
|
|
- name: ensure unbound is running and enabled
|
|
become: true
|
|
ansible.builtin.systemd:
|
|
name: unbound.service
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: disable systemd-resolved
|
|
when: unbound_disable_systemd_networkd
|
|
ansible.builtin.include_role:
|
|
name: deploy_systemd_resolved_config
|
|
vars_from: deploy_systemd_resolved_config
|
|
|
|
- name: install and configure prometheus-exporter for unbound
|
|
ansible.builtin.import_tasks: prometheus-exporter.yml
|
|
when: unbound_install_prometheus_exporter
|