install acl; use latest LE-tiny
[ansible.git] / roles / postfix / tasks / unbound.yml
index 2a91a80186a3e0887c9d8a238ffe3d7e7f2a7567..0fe643cbfe22a7f85419c76d7c1dada8dab2d99b 100644 (file)
@@ -3,14 +3,33 @@
   apt: name=unbound state=latest
 # configure
 - name: configure unbound
+  register: unbound_config
   copy:
     dest: /etc/unbound/unbound.conf.d/listen.conf
     src: files/unbound/listen.conf
-  register: unbound_config
+- name: configure systemd (create dir)
+  file: path=/etc/systemd/system/unbound.service.d state=directory
+- name: configure systemd (tweak unbound)
+  register: unbound_systemd
+  copy:
+    dest: /etc/systemd/system/unbound.service.d/override.conf
+    src: files/unbound/unbound.service.override
+- name: reload systemd
+  when: unbound_systemd.changed
+  command: systemctl daemon-reload
 - name: restart unbound
   # not a handler to make sure it succeeds before we go touch system DNS
   when: unbound_config.changed
   service: name=unbound state=restarted enabled=yes
+# use as system DNS
+- name: detect DHCP client
+  stat: path=/etc/dhcp/dhclient.conf
+  register: dhclient
+- name: configure DHCP
+  when: dhclient.stat.exists == True
+  copy:
+    dest: /etc/dhcp/dhclient.conf
+    src: files/unbound/dhclient.conf
 - name: configure system DNS
   copy:
     dest: /etc/resolv.conf