From a6b9447b87f161ff97316474baf284c08a9b6233 Mon Sep 17 00:00:00 2001 From: Jean-Marie Mineau Date: Sat, 23 Jan 2021 13:45:25 +0100 Subject: [PATCH] free the port 53 for nginx --- dns.yml | 1 + group_vars/all/vars.yml | 1 + roles/configure_resolved/handlers/main.yml | 5 +++++ roles/configure_resolved/tasks/main.yml | 23 ++++++++++++++++++++++ 4 files changed, 30 insertions(+) create mode 100644 roles/configure_resolved/handlers/main.yml create mode 100644 roles/configure_resolved/tasks/main.yml diff --git a/dns.yml b/dns.yml index 450bf17..1d44198 100644 --- a/dns.yml +++ b/dns.yml @@ -5,4 +5,5 @@ - hosts: proxy roles: - install_nginx + - configure_resolved - reverse_proxy_stream diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 3c925a5..f1e582e 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -1,3 +1,4 @@ --- # Use python 3 ansible_python_interpreter: /usr/bin/python3 +dns_resolve_server: 1.1.1.1 diff --git a/roles/configure_resolved/handlers/main.yml b/roles/configure_resolved/handlers/main.yml new file mode 100644 index 0000000..2937480 --- /dev/null +++ b/roles/configure_resolved/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: Reload systemd-resolve + systemd: + name: systemd-resolved + state: restart diff --git a/roles/configure_resolved/tasks/main.yml b/roles/configure_resolved/tasks/main.yml new file mode 100644 index 0000000..a3eff0f --- /dev/null +++ b/roles/configure_resolved/tasks/main.yml @@ -0,0 +1,23 @@ +--- +- name: Change the DNS server + lineinfile: + path: /etc/systemd/resolved.conf + insertafter: '[Resolve]' + regexp: '^#?DNS=' + line: "DNS={{ dns_resolve_server }}" + notify: Reload systemd-resolve + +- name: Remove the stub listener + lineinfile: + path: /etc/systemd/resolved.conf + insertafter: '[Resolve]' + regexp: '^#?DNSStubListener=' + line: "DNSStubListener=no" + notify: Reload systemd-resolve + +- name: Link resolve conf + file: + src: /run/systemd/resolve/resolv.conf + dest: /etc/resolv.conf + state: link + force: yes