From: Ralf Jung Date: Mon, 16 Apr 2018 17:39:54 +0000 (+0200) Subject: make sure dhclient does not give us another DNS server X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/2765f5511a2b3774ec7c66a4e13aaf6df2668c2d?ds=sidebyside make sure dhclient does not give us another DNS server --- diff --git a/roles/postfix/files/unbound/dhclient.conf b/roles/postfix/files/unbound/dhclient.conf new file mode 100644 index 0000000..c1ecef0 --- /dev/null +++ b/roles/postfix/files/unbound/dhclient.conf @@ -0,0 +1,34 @@ +# Configuration file for /sbin/dhclient. +# +# This is a sample configuration file for dhclient. See dhclient.conf's +# man page for more information about the syntax of this file +# and a more comprehensive list of the parameters understood by +# dhclient. +# +# Normally, if the DHCP server provides reasonable information and does +# not leave anything out (like the domain name, for example), then +# few changes must be made to this file, if any. +# + +option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; + +send host-name = gethostname(); +request subnet-mask, broadcast-address, time-offset, routers, +# domain-name, domain-name-servers, domain-search, host-name, + dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, + netbios-name-servers, netbios-scope, interface-mtu, + rfc3442-classless-static-routes, ntp-servers; + +#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; +#send dhcp-lease-time 3600; +#supersede domain-name "fugue.com home.vix.com"; +#prepend domain-name-servers 127.0.0.1; +#require subnet-mask, domain-name-servers; +#timeout 60; +#retry 60; +#reboot 10; +#select-timeout 5; +#initial-interval 2; +#script "/sbin/dhclient-script"; +#media "-link0 -link1 -link2", "link0 link1"; +#reject 192.33.137.209; diff --git a/roles/postfix/tasks/unbound.yml b/roles/postfix/tasks/unbound.yml index 2a91a80..34fbe81 100644 --- a/roles/postfix/tasks/unbound.yml +++ b/roles/postfix/tasks/unbound.yml @@ -11,6 +11,15 @@ # not a handler to make sure it succeeds before we go touch system DNS when: unbound_config.changed service: name=unbound state=restarted enabled=yes +# use as system DNS +- name: detect DHCP client + stat: path=/etc/dhcp/dhclient.conf + register: dhclient +- name: configure DHCP + when: dhclient.stat.exists == True + copy: + dest: /etc/dhcp/dhclient.conf + src: files/unbound/dhclient.conf - name: configure system DNS copy: dest: /etc/resolv.conf