journalwatch: allow more TLS errors
[ansible.git] / roles / unbound / tasks / main.yml
index d8d03e3dd0f84f98a1d6ebf17f2ca9fa93dc2406..f3aacac435c6509c6abb24054a4b6ce42e27f3b1 100644 (file)
     src: files/dhclient.conf
 - name: configure system DNS
   copy:
-    dest: /etc/resolv.conf
-    content: "nameserver 127.0.0.2\n"
+    dest: "{{ item }}"
+    content: "nameserver 127.0.0.2\noptions trust-ad\noptions edns0\n"
+  loop:
+  - /etc/resolv.conf.unbound
+  - /etc/resolv.conf
 # some providers need extra hacks to make our DNS persistent
 - name: install DNS-fix cronjob
   template: