From 9f244c20210b7311f812ebdb0779ad27dc964147 Mon Sep 17 00:00:00 2001 From: Matt Birkholz Date: Sat, 14 Jun 2025 17:43:48 -0600 Subject: [PATCH] Punt the global configuration of systemd-resolved on campus. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The WireGuard™ tunnels are getting it done using resolvectl. --- README.org | 40 +------------------------------- roles_t/campus/handlers/main.yml | 11 --------- roles_t/campus/tasks/main.yml | 14 ----------- 3 files changed, 1 insertion(+), 64 deletions(-) diff --git a/README.org b/README.org index 3f234aa..d268429 100644 --- a/README.org +++ b/README.org @@ -5001,44 +5001,6 @@ Clients should be using the expected host name. when: inventory_hostname != ansible_hostname #+END_SRC -** Configure Systemd Resolved - -Campus machines use the campus name server on Core (or ~dns.google~), -and include the institute's private domain in their search lists. - -#+CAPTION: [[file:roles_t/campus/tasks/main.yml][=roles_t/campus/tasks/main.yml=]] -#+BEGIN_SRC conf :tangle roles_t/campus/tasks/main.yml - -- name: Configure resolved. - become: yes - lineinfile: - path: /etc/systemd/resolved.conf - regexp: "{{ item.regexp }}" - line: "{{ item.line }}" - loop: - - { regexp: '^ *DNS *=', line: "DNS={{ core_addr }}" } - - { regexp: '^ *FallbackDNS *=', line: "FallbackDNS=8.8.8.8" } - - { regexp: '^ *Domains *=', line: "Domains={{ domain_priv }}" } - notify: - - Reload Systemd. - - Restart Systemd resolved. -#+END_SRC - -#+CAPTION: [[file:roles_t/campus/handlers/main.yml][=roles_t/campus/handlers/main.yml=]] -#+BEGIN_SRC conf :tangle roles_t/campus/handlers/main.yml :mkdirp yes ---- -- name: Reload Systemd. - become: yes - systemd: - daemon-reload: yes - -- name: Restart Systemd resolved. - become: yes - systemd: - service: systemd-resolved - state: restarted -#+END_SRC - ** Configure Systemd Timesyncd The institute uses a common time reference throughout the campus. @@ -5058,7 +5020,7 @@ and file timestamps. #+CAPTION: [[file:roles_t/campus/handlers/main.yml][=roles_t/campus/handlers/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/campus/handlers/main.yml - +--- - name: Restart systemd-timesyncd. become: yes systemd: diff --git a/roles_t/campus/handlers/main.yml b/roles_t/campus/handlers/main.yml index e569fd6..be1797f 100644 --- a/roles_t/campus/handlers/main.yml +++ b/roles_t/campus/handlers/main.yml @@ -1,15 +1,4 @@ --- -- name: Reload Systemd. - become: yes - systemd: - daemon-reload: yes - -- name: Restart Systemd resolved. - become: yes - systemd: - service: systemd-resolved - state: restarted - - name: Restart systemd-timesyncd. become: yes systemd: diff --git a/roles_t/campus/tasks/main.yml b/roles_t/campus/tasks/main.yml index b658343..2290779 100644 --- a/roles_t/campus/tasks/main.yml +++ b/roles_t/campus/tasks/main.yml @@ -20,20 +20,6 @@ command: hostname -F /etc/hostname when: inventory_hostname != ansible_hostname -- name: Configure resolved. - become: yes - lineinfile: - path: /etc/systemd/resolved.conf - regexp: "{{ item.regexp }}" - line: "{{ item.line }}" - loop: - - { regexp: '^ *DNS *=', line: "DNS={{ core_addr }}" } - - { regexp: '^ *FallbackDNS *=', line: "FallbackDNS=8.8.8.8" } - - { regexp: '^ *Domains *=', line: "Domains={{ domain_priv }}" } - notify: - - Reload Systemd. - - Restart Systemd resolved. - - name: Configure timesyncd. become: yes lineinfile: -- 2.25.1