summaryrefslogtreecommitdiffstats
path: root/roles/common/templates/etc/systemd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/templates/etc/systemd')
-rw-r--r--roles/common/templates/etc/systemd/resolved.conf.d/local.conf.j211
-rw-r--r--roles/common/templates/etc/systemd/timesyncd.conf.d/fripost.conf.j29
2 files changed, 20 insertions, 0 deletions
diff --git a/roles/common/templates/etc/systemd/resolved.conf.d/local.conf.j2 b/roles/common/templates/etc/systemd/resolved.conf.d/local.conf.j2
new file mode 100644
index 0000000..044170a
--- /dev/null
+++ b/roles/common/templates/etc/systemd/resolved.conf.d/local.conf.j2
@@ -0,0 +1,11 @@
+[Resolve]
+LLMNR=no
+{% if ansible_processor[1] is search('^(Genuine)?Intel.*') and not ansible_virtualization_role == 'guest' %}
+DNS=127.0.0.1
+# Quad9
+FallbackDNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
+{% else %}
+# Quad9
+DNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
+{% endif %}
+Domains=fripost.org
diff --git a/roles/common/templates/etc/systemd/timesyncd.conf.d/fripost.conf.j2 b/roles/common/templates/etc/systemd/timesyncd.conf.d/fripost.conf.j2
new file mode 100644
index 0000000..f578cd9
--- /dev/null
+++ b/roles/common/templates/etc/systemd/timesyncd.conf.d/fripost.conf.j2
@@ -0,0 +1,9 @@
+[Time]
+# Sychronize to our (stratum 2) NTP server, to ensure our network has a
+# consistent time.
+{%- set ntp = [] -%}
+{%- for host in groups['NTP_master'] -%}
+{%- set _ = ntp.append(ipsec[ hostvars[host].inventory_hostname_short ]) -%}
+{%- endfor %}
+
+NTP={{ ntp | join(' ') }}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 15:55:10 +0000