From 20cd6ac5299a725558a85df7c93c34f4a67b15d5 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Tue, 28 Jan 2025 14:26:18 +0100
Subject: Resolver: Use systemd-resolved.

---
 roles/common/tasks/resolved.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 roles/common/tasks/resolved.yml

(limited to 'roles/common/tasks/resolved.yml')

diff --git a/roles/common/tasks/resolved.yml b/roles/common/tasks/resolved.yml
new file mode 100644
index 0000000..2834eaa
--- /dev/null
+++ b/roles/common/tasks/resolved.yml
@@ -0,0 +1,36 @@
+- name: Install systemd-resolved
+  apt: pkg={{ packages }}
+  vars:
+    packages:
+    - systemd-resolved
+    - libnss-resolve
+    - libnss-myhostname
+
+- name: Create directory /etc/systemd/resolved.conf.d
+  file: path=/etc/systemd/resolved.conf.d
+        state=directory
+        owner=root group=root
+        mode=0755
+
+- name: Configure systemd-resolved
+  template: src=etc/systemd/resolved.conf.d/local.conf.j2
+            dest=/etc/systemd/resolved.conf.d/local.conf
+            owner=root group=root
+            mode=0644
+  notify:
+    - Restart systemd-resolved
+
+- name: Start systemd-resolved
+  service: name=systemd-resolved.service enabled=true state=started
+
+- meta: flush_handlers
+
+- name: Remove resolvconf
+  apt: pkg=resolvconf state=absent purge=yes
+
+- name: Configure /etc/nsswitch.conf
+  lineinfile: "dest=/etc/nsswitch.conf create=no
+               regexp='^(hosts:\\s+).*'
+               line='\\1resolve [!UNAVAIL=return] files myhostname dns'
+               backrefs=true"
+  tags: nsswitch
-- 
cgit v1.2.3