Ludovic Poujol
e32e1c5496
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2647|2|2645|12|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/425//ansiblelint">Evolix » ansible-roles » unstable #425</a>
gitea/ansible-roles/pipeline/head This commit looks good
* Move configuration generated to /etc/unbound/unbound.conf.d/evolinux.conf so we don't override default config file * Make use of root hints provided by dns-root-data instead of downloading them * Add configuration to ensure that configuration reload work out of the box on Debian11 and old * Add required configuration in Unbound and munin to allow tge plugin to work * Make ansible-lint a bit more happy
74 lines
1.5 KiB
YAML
74 lines
1.5 KiB
YAML
---
|
|
- name: Install Unbound package
|
|
ansible.builtin.apt:
|
|
name:
|
|
- unbound
|
|
- unbound-anchor
|
|
- dns-root-data
|
|
state: present
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Copy Unbound config
|
|
ansible.builtin.template:
|
|
src: evolinux.conf.j2
|
|
dest: /etc/unbound/unbound.conf.d/evolinux.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Reload unbound
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Copy Unbound config for reloading (Debian 11 and older)
|
|
ansible.builtin.template:
|
|
src: evolinux-reload.conf.j2
|
|
dest: /etc/unbound/unbound.conf.d/evolinux-reload.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
when:
|
|
- ansible_distribution_major_version is version('11', '<=')
|
|
notify: Restart unbound
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Copy munin plugin config
|
|
ansible.builtin.copy:
|
|
src: munin-plugin.conf
|
|
dest: /etc/munin/plugin-conf.d/unbound
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Enable unbound munin plugin
|
|
ansible.builtin.file:
|
|
src: /usr/share/munin/plugins/unbound_munin_
|
|
dest: "/etc/munin/plugins/unbound_munin_{{ plugin_name }}"
|
|
state: link
|
|
loop:
|
|
- hits
|
|
- queue
|
|
- memory
|
|
- by_type
|
|
- by_class
|
|
- by_opcode
|
|
- by_rcode
|
|
- by_flags
|
|
- histogram
|
|
loop_control:
|
|
loop_var: plugin_name
|
|
notify: Restart munin-node
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Starting and enabling Unbound
|
|
ansible.builtin.service:
|
|
name: unbound
|
|
enabled: true
|
|
state: started
|
|
tags:
|
|
- unbound
|