Add optional local DNS: unbound

HanXHX · Jul 28, 2015 · 88af812 · 88af812
1 parent 6a544c1
commit 88af812
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -6,6 +6,7 @@ This role bootstraps Debian server:
   - Configure APT (sources.list)
   - Install minimal packages (vim, htop...)
   - Install Intel/AMD microcode if needed
+  - Install and configure Local DNS with [Unbound](https://www.unbound.net). Feature in beta-test!
   - Install and configure [OpenNTPd](http://www.openntpd.org/)
   - Add user with SSH key, sudoers
   - Deploy bashrc, vimrc for root
@@ -38,6 +39,7 @@ Theses variables define hostname to configure APT (normal repo and backports):
   - `dbs_timezone`: system timezone
   - `dbs_sysctl_config: list of kernel parameters, see`: [default/main.yml]
   - `dbs_use_systemd`: delete systemd if set to false (persistent)
+  - `dbs_use_unbound`: configure Local DNS and manage network (default is false)
 
 ### NTPd
 

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -14,6 +14,7 @@ dbs_locales:
 dbs_default_locale: 'en_US.UTF-8'
 dbs_timezone: 'Europe/Paris'
 dbs_use_systemd: false
+dbs_use_unbound: false
 
 # -------------------------
 # NTPd configuration

diff --git a/handlers/main.yml b/handlers/main.yml
@@ -13,3 +13,6 @@
 
 - name: locale-gen
   command: locale-gen
+
+- name: reload networking
+  action: service name=networking state=reloaded
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -9,6 +9,9 @@
 
 - include: apt.yml
 
+- include: unbound.yml
+  when: dbs_use_unbound
+
 - include: nosystemd.yml
   when: (ansible_distribution_major_version | version_compare(7, 'gt')) and (not dbs_use_systemd)
 

diff --git a/tasks/unbound.yml b/tasks/unbound.yml
@@ -0,0 +1,17 @@
+---
+
+- name: APT | Install Unbound
+  apt: pkg=unbound state=latest
+
+- name: REPLACE | Apply dns configuration to /etc/network/interfaces if necessary
+  replace: dest=/etc/network/interfaces regexp='^\s+dns-nameservers' replace='\tdns-nameservers 127.0.0.1'
+  notify: reload networking
+
+- name: STAT | Check if DHCP client config
+  stat: path=/etc/dhcp/dhclient.conf
+  register: dhcp
+
+- name: LINEINFILE | Prepend DNS config on DHCP
+  lineinfile: dest=/etc/dhcp/dhclient.conf line='prepend domain-name-servers 127.0.0.1;'
+  when: dhcp.stat.exists
+  notify: reload networking
diff --git a/tests/test.yml b/tests/test.yml
@@ -2,6 +2,7 @@
 
 - hosts: all
   vars:
+    dbs_use_unbound: true
     dbs_users:
       - name: hanx
         sudo: true