ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph
2023-06-28 16:12:21 +02:00
parent 7e4db120d2
commit b551e937e9
10 changed files with 531 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
roles/common/handlers/main.yml
View File

@ -83,3 +83,8 @@
service:
name: postfwd
state: reloaded
- name: Restart systemd-resolved
service:
name: systemd-resolved
state: restarted

12
roles/common/tasks/main.yml
View File

@ -41,6 +41,18 @@
tags: yum
# tags supported inside systemd-resolved.yml
#
# systemd-resolved
- import_tasks: systemd-resolved.yml
tags:
- systemd-resolved
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] > "11"
- systemd_resolved is defined and systemd_resolved|bool
- import_tasks: tor.yml
when:

76
roles/common/tasks/systemd-resolved.yml Normal file
View File

@ -0,0 +1,76 @@
---
# ---
# Set some facts
# ---
- name: (systemd-resolved.yml) Set fact_resolved_nameserver (blank separated list)
set_fact:
fact_resolved_nameserver: "{{ resolved_nameserver | join (' ') }}"
when:
- resolved_nameserver is defined and resolved_nameserver | length > 0
tags:
- systemd-resolved
- name: (systemd-resolved.yml) Set fact_resolved_fallback_nameserver (blank separated list)
set_fact:
fact_resolved_fallback_nameserver: "{{ resolved_fallback_nameserver | join (' ') }}"
when:
- resolved_fallback_nameserver is defined and resolved_fallback_nameserver | length > 0
tags:
- systemd-resolved
- name: (systemd-resolved.yml) Set fact_resolved_domains (blank separated list)
set_fact:
fact_resolved_domains: "{{ resolved_domains | join (' ') }}"
when:
- resolved_domains is defined and resolved_domains | length > 0
tags:
- systemd-resolved
# ---
# Install/Enable systemd-resolved package
# ---
- name: (systemd-resolved.yml) Ensure systemd-resolved package is installed.
package:
pkg: systemd-resolved
state: present
when:
- systemd_resolved is defined and systemd_resolved|bool
tags:
- systemd-resolved
- name: (systemd-services.yml) Enable service
systemd:
name: systemd-resolved
enabled: true
when:
- systemd_resolved is defined and systemd_resolved|bool
tags:
- systemd-resolved
# ---
# Create configuration for systemd-resolved
# ---
- name: (systemd-resolved.yml) Ensure directory '/etc/systemd/resolved.conf.d' exists
file:
path: /etc/systemd/resolved.conf.d
state: directory
mode: 0755
group: root
owner: root
- name: (systemd-resolved.yml) Create/Update file '/etc/systemd/resolved.conf.d/50-resolved-local.conf' from template sshd_config.j2
template:
src: etc/systemd/resolved.conf.d/50-resolved-local.conf
dest: /etc/systemd/resolved.conf.d/50-resolved-local.conf
owner: root
group: root
mode: 0644
notify: "Restart systemd-resolved"

10
roles/common/templates/etc/apt/sources.list.Debian.j2
View File

@ -45,6 +45,16 @@ deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
{% endif %}
{% endif %}
{% if apt_debian_contrib_nonfree_enable %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free non-free-firmware
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free non-free-firmware
{% else %}
deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free
{% endif %}
{% endif %}
# # N.B. software from this repository may not have been tested as
# # extensively as that contained in the main release, although it includes
# # newer versions of some applications which may provide useful features.

30
roles/common/templates/etc/systemd/resolved.conf.d/50-resolved-local.conf Normal file
View File

@ -0,0 +1,30 @@
# *** ---------------------------------------------- ***
# *** ***
# {{ ansible_managed }}
# *** ***
# *** ---------------------------------------------- ***
[Resolve]
{% if (fact_resolved_nameserver is defined) and fact_resolved_nameserver %}
DNS={{ fact_resolved_nameserver}}
{% else %}
#DNS=
{% endif -%}
{% if (fact_resolved_fallback_nameserver is defined) and fact_resolved_fallback_nameserver %}
FallbackDNS={{ fact_resolved_fallback_nameserver }}
{% else %}
#FallbackDNS=
{% endif -%}
{% if (fact_resolved_domains is defined) and fact_resolved_domains %}
Domains={{ fact_resolved_domains }}
{% else %}
#Domains=
{% endif -%}
{% if (resolved_dnssec is defined) and resolved_dnssec %}
DNSSEC={{ resolved_dnssec }}
{% else %}
#Domains=
{% endif %}