# install
- name: install unbound
  apt: name=unbound state=latest
# configure
- name: configure unbound
  register: unbound_config
  copy:
    dest: /etc/unbound/unbound.conf.d/listen.conf
    src: files/listen.conf
- name: configure systemd (create dir)
  file: path=/etc/systemd/system/unbound.service.d state=directory
- name: configure systemd (tweak unbound)
  register: unbound_systemd
  copy:
    dest: /etc/systemd/system/unbound.service.d/override.conf
    src: files/unbound.service.override
- name: reload systemd
  when: unbound_systemd.changed
  command: systemctl daemon-reload
- name: restart unbound
  # not a handler to make sure it succeeds before we go touch system DNS
  when: unbound_config.changed
  service: name=unbound state=restarted enabled=yes
# use as system DNS
- name: detect DHCP client
  stat: path=/etc/dhcp/dhclient.conf
  register: dhclient
- name: configure DHCP
  when: dhclient.stat.exists == True
  copy:
    dest: /etc/dhcp/dhclient.conf
    src: files/dhclient.conf
- name: configure system DNS
  copy:
    dest: /etc/resolv.conf
    content: "nameserver 127.0.0.2\n"
# some providers need extra hacks to make our DNS persistent
- name: install DNS-fix cronjob
  template:
    dest: /etc/cron.hourly/fix-dns
    src: templates/fix-dns
    mode: +x