reorganize postfix/email role; drop meta/main.yml dependencies as they interact badly...

[ansible.git] / roles / email / tasks / unbound.yml

diff --git a/roles/email/tasks/unbound.yml b/roles/email/tasks/unbound.yml
new file mode 100644 (file)
index 0000000..0fe643c
--- /dev/null
+++ b/roles/email/tasks/unbound.yml
@@ -0,0 +1,36 @@
+# install
+- name: install unbound
+  apt: name=unbound state=latest
+# configure
+- name: configure unbound
+  register: unbound_config
+  copy:
+    dest: /etc/unbound/unbound.conf.d/listen.conf
+    src: files/unbound/listen.conf
+- name: configure systemd (create dir)
+  file: path=/etc/systemd/system/unbound.service.d state=directory
+- name: configure systemd (tweak unbound)
+  register: unbound_systemd
+  copy:
+    dest: /etc/systemd/system/unbound.service.d/override.conf
+    src: files/unbound/unbound.service.override
+- name: reload systemd
+  when: unbound_systemd.changed
+  command: systemctl daemon-reload
+- name: restart unbound
+  # not a handler to make sure it succeeds before we go touch system DNS
+  when: unbound_config.changed
+  service: name=unbound state=restarted enabled=yes
+# use as system DNS
+- name: detect DHCP client
+  stat: path=/etc/dhcp/dhclient.conf
+  register: dhclient
+- name: configure DHCP
+  when: dhclient.stat.exists == True
+  copy:
+    dest: /etc/dhcp/dhclient.conf
+    src: files/unbound/dhclient.conf
+- name: configure system DNS
+  copy:
+    dest: /etc/resolv.conf
+    content: "nameserver 127.0.0.2\n"