From 95b82708df05b1794e7991904899659f2ddc40cd Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Thu, 21 Jun 2018 10:02:08 +0200 Subject: [PATCH] add script to continuously check DNS settings --- roles/unbound/tasks/main.yml | 5 +++++ roles/unbound/templates/fix-dns | 12 ++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 roles/unbound/templates/fix-dns diff --git a/roles/unbound/tasks/main.yml b/roles/unbound/tasks/main.yml index c53cecb..988517f 100644 --- a/roles/unbound/tasks/main.yml +++ b/roles/unbound/tasks/main.yml @@ -34,3 +34,8 @@ copy: dest: /etc/resolv.conf content: "nameserver 127.0.0.2\n" +# some providers need extra hacks to make our DNS persistent +- name: install DNS-fix cronjob + template: + dest: /etc/cron.hourly/fix-dns + src: templates/fix-dns diff --git a/roles/unbound/templates/fix-dns b/roles/unbound/templates/fix-dns new file mode 100644 index 0000000..ca7f860 --- /dev/null +++ b/roles/unbound/templates/fix-dns @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +# Fix for some providers messing with DNS settings +if ! diff /etc/resolv.conf <(echo "nameserver 127.0.0.2") > /dev/null; then + echo "Someone messed up our DNS! Fixing it..." + echo "nameserver 127.0.0.2" > /etc/resolv.conf +{% if 'email' in group_names %} + # Just to make sure postfix uses the new settings + systemctl restart postfix +{% endif %} +fi -- 2.30.2