add unbound and more tools

[ansible.git] / roles / postfix / tasks / unbound.yml

diff --git a/roles/postfix/tasks/unbound.yml b/roles/postfix/tasks/unbound.yml
new file mode 100644 (file)
index 0000000..2a91a80
--- /dev/null
+++ b/roles/postfix/tasks/unbound.yml
@@ -0,0 +1,17 @@
+# install
+- name: install unbound
+  apt: name=unbound state=latest
+# configure
+- name: configure unbound
+  copy:
+    dest: /etc/unbound/unbound.conf.d/listen.conf
+    src: files/unbound/listen.conf
+  register: unbound_config
+- name: restart unbound
+  # not a handler to make sure it succeeds before we go touch system DNS
+  when: unbound_config.changed
+  service: name=unbound state=restarted enabled=yes
+- name: configure system DNS
+  copy:
+    dest: /etc/resolv.conf
+    content: "nameserver 127.0.0.2\n"