journalwatch: allow more TLS errors
[ansible.git] / roles / unbound / tasks / main.yml
index c53cecb2312a71025e1a2f8096ab93fed7f3cb91..f3aacac435c6509c6abb24054a4b6ce42e27f3b1 100644 (file)
     src: files/dhclient.conf
 - name: configure system DNS
   copy:
-    dest: /etc/resolv.conf
-    content: "nameserver 127.0.0.2\n"
+    dest: "{{ item }}"
+    content: "nameserver 127.0.0.2\noptions trust-ad\noptions edns0\n"
+  loop:
+  - /etc/resolv.conf.unbound
+  - /etc/resolv.conf
+# some providers need extra hacks to make our DNS persistent
+- name: install DNS-fix cronjob
+  template:
+    dest: /etc/cron.hourly/fix-dns
+    src: templates/fix-dns
+    mode: +x