From: Ralf Jung Date: Thu, 21 Jun 2018 08:02:08 +0000 (+0200) Subject: add script to continuously check DNS settings X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/95b82708df05b1794e7991904899659f2ddc40cd add script to continuously check DNS settings --- diff --git a/roles/unbound/tasks/main.yml b/roles/unbound/tasks/main.yml index c53cecb..988517f 100644 --- a/roles/unbound/tasks/main.yml +++ b/roles/unbound/tasks/main.yml @@ -34,3 +34,8 @@ copy: dest: /etc/resolv.conf content: "nameserver 127.0.0.2\n" +# some providers need extra hacks to make our DNS persistent +- name: install DNS-fix cronjob + template: + dest: /etc/cron.hourly/fix-dns + src: templates/fix-dns diff --git a/roles/unbound/templates/fix-dns b/roles/unbound/templates/fix-dns new file mode 100644 index 0000000..ca7f860 --- /dev/null +++ b/roles/unbound/templates/fix-dns @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +# Fix for some providers messing with DNS settings +if ! diff /etc/resolv.conf <(echo "nameserver 127.0.0.2") > /dev/null; then + echo "Someone messed up our DNS! Fixing it..." + echo "nameserver 127.0.0.2" > /etc/resolv.conf +{% if 'email' in group_names %} + # Just to make sure postfix uses the new settings + systemctl restart postfix +{% endif %} +fi