ansible/role_dnsmasq
1
0
Fork 0
Code Pull Requests Releases Activity

feat: Disable systemd-resolved stub resolver

Browse Source
This commit is contained in:
pulsar89.5 2025-03-31 22:37:18 +02:00
parent d88c41af9a
commit 7cf4e41399
7 changed files with 53 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
defaults/main.yml
View File

@ -1,6 +1,9 @@
---
# defaults file for dnsmasq
# Directory to deploy override conf of systemd-resolved
dnsmasq_resolved_directory: /etc/systemd/resolved.conf.d
# Directory to deploy configuration
dnsmasq_conf_directory: /etc/dnsmasq.d
@ -8,6 +11,9 @@ dnsmasq_conf_directory: /etc/dnsmasq.d
dnsmasq_records_directory: "{{ dnsmasq_conf_directory }}/records"
# Configuration
dnsmasq_listen_addresses:
- "{{ ansible_facts['default_ipv4']['address'] }}"
- "{{ ansible_facts['default_ipv6']['address'] }}"
dnsmasq_domain: ""
dnsmasq_servers: []
dnsmasq_rev_servers: []

20
handlers/main.yml
View File

@ -8,18 +8,24 @@
- apply-live
become: true
- name: Reload dnsmasq.service
- name: Restart systemd-resolved.service
ansible.builtin.systemd_service:
name: dnsmasq.service
state: reloaded
name: systemd-resolved.service
state: restarted
become: true
register: dnsmasq_reload
- name: Reload dnsmasq.service on dns servers
- name: Restart dnsmasq.service
ansible.builtin.systemd_service:
state: reloaded
name: dnsmasq.service
when: dnsmasq_reload is undefined
state: restarted
become: true
register: dnsmasq_restarted
- name: Restart dnsmasq.service on dns servers
ansible.builtin.systemd_service:
name: dnsmasq.service
state: restarted
when: dnsmasq_restarted is undefined
become: true
loop: "{{ dnsmasq_hosts }}"
delegate_to: "{{ item }}"

27
tasks/configuration.yml
View File

@ -1,6 +1,29 @@
---
# tasks file for dnsmasq
- name: Create path to override systemd-resolved
ansible.builtin.file:
path: "{{ dnsmasq_resolved_directory }}"
state: directory
owner: root
group: root
mode: u=rwX,g=rX,o=rX
become: true
notify: Restart systemd-resolved.service
- name: Disable stub resolver of systemd-resolved
ansible.builtin.template:
src: stub-listener.conf.j2
dest: "{{ dnsmasq_resolved_directory }}/stub-listener.conf"
owner: root
group: root
mode: u=rw,g=r,o=r
become: true
notify: Restart systemd-resolved.service
- name: Flush handlers
meta: flush_handlers
- name: Create records directory
ansible.builtin.file:
path: "{{ dnsmasq_records_directory }}"
@ -24,7 +47,7 @@
group: root
mode: u=rw,g=r,o=r
become: true
notify: Reload dnsmasq.service
notify: Restart dnsmasq.service
- name: Deploy specific records
ansible.builtin.template:
@ -35,4 +58,4 @@
mode: u=rw,g=r,o=r
when: dnsmasq_specifics | length > 0
become: true
notify: Reload dnsmasq.service
notify: Restart dnsmasq.service

2
tasks/installation.yml
View File

@ -16,7 +16,7 @@
- --assumeyes
- --idempotent
- dnsmasq
creates: /sysroot/ostree/repo/refs/heads/rpmostree/pkg/dnsmasq
creates: /usr/sbin/dnsmasq
when: ansible_facts['pkg_mgr'] == "atomic_container"
become: true
notify: Apply installation

2
tasks/records.yml
View File

@ -15,4 +15,4 @@
loop_control:
loop_var: dnsserver
run_once: true
notify: Reload dnsmasq.service on dns servers
notify: Restart dnsmasq.service on dns servers

3
templates/dnsmasq.conf.j2
View File

@ -1,5 +1,8 @@
# {{ ansible_managed }}
# Listen addresses
listen-address={{ dnsmasq_listen_addresses | sort | join(',') }}
# Ne pas transmettre les requêtes avec un nom court (pas FQDN)
domain-needed

4
templates/stub-listener.conf.j2 Normal file
View File

@ -0,0 +1,4 @@
# {{ ansible_managed }}
[Resolve]
DNSStubListener=no