unbound-control: no certificates for local use
This commit is contained in:
parent
3695a3d771
commit
b94c62d710
2 changed files with 3 additions and 27 deletions
|
@ -19,22 +19,6 @@
|
|||
state: present
|
||||
register: unbound_install
|
||||
|
||||
- name: check if unbound-control certificate exists
|
||||
stat:
|
||||
path: /etc/unbound/unbound_control.pem
|
||||
register: ubc_control_pem
|
||||
|
||||
|
||||
- name: check if unbound server certificate exists
|
||||
stat:
|
||||
path: /etc/unbound/unbound_server.pem
|
||||
register: ubc_server_pem
|
||||
|
||||
- name: run unbound-control-setup if a certificate is missing
|
||||
command: unbound-control-setup
|
||||
become: yes
|
||||
when: ubc_control_pem.stat.exists == False or ubc_server_pem.stat.exists == False
|
||||
|
||||
- name: add unbound-control configuration
|
||||
template:
|
||||
src: unbound-control.conf.j2
|
||||
|
|
|
@ -10,14 +10,6 @@ remote-control:
|
|||
# port number for remote control operations.
|
||||
control-port: 8953
|
||||
|
||||
# unbound server key file.
|
||||
server-key-file: "/etc/unbound/unbound_server.key"
|
||||
|
||||
# unbound server certificate file.
|
||||
server-cert-file: "/etc/unbound/unbound_server.pem"
|
||||
|
||||
# unbound-control key file.
|
||||
control-key-file: "/etc/unbound/unbound_control.key"
|
||||
|
||||
# unbound-control certificate file.
|
||||
control-cert-file: "/etc/unbound/unbound_control.pem"
|
||||
# Disable the use of certificates for unbound-control.
|
||||
# It's only listening locally, there's no need for the added complexity.
|
||||
control-use-cert: "no"
|
||||
|
|
Loading…
Reference in a new issue