Add support for forward/reverse DNS range split
- Allow for explicit reverse RFC1918 lookups with unbound_reverse_zones
- Add tests, similar to NSD ones
- Wait for network to be online before starting (fixes AETHER-1041)
- Multiplatform support
Change-Id: I385aec6f766b45a9db595d2f8af5ed8fe0dde2ca
diff --git a/tasks/Debian.yml b/tasks/Debian.yml
index db8a3bb..88f9c4b 100644
--- a/tasks/Debian.yml
+++ b/tasks/Debian.yml
@@ -4,6 +4,26 @@
# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0
+# network may not be ready for unbound to bind to a specific IP address, so
+# wait for that
+# docs: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
+
+- name: Create a directory for reconfiguring unbound via systemd
+ file:
+ path: "/etc/systemd/system/unbound.service.d"
+ state: directory
+ owner: root
+ group: root
+ mode: "0644"
+
+- name: Configure systemd unit to wait until network is online to start unbound
+ copy:
+ src: "network_online.conf"
+ dest: "/etc/systemd/system/unbound.service.d/network_online.conf"
+ owner: root
+ group: root
+ mode: "0644"
+
- name: Install unbound packages (Debian)
apt:
name: "unbound"
diff --git a/tasks/OpenBSD.yml b/tasks/OpenBSD.yml
new file mode 100644
index 0000000..789cf13
--- /dev/null
+++ b/tasks/OpenBSD.yml
@@ -0,0 +1,11 @@
+---
+# unbound tasks/OpenBSD.yml
+#
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+# unbound installed in base
+
+- name: Set unbound arguments for use with service module
+ set_fact:
+ unbound_arguments: "-c /var/unbound/etc/unbound.conf"
diff --git a/tasks/main.yml b/tasks/main.yml
index f88267f..2a21a0f 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -27,6 +27,7 @@
name: "{{ unbound_service }}"
enabled: true
state: started
+ arguments: "{{ unbound_arguments | default(omit) }}"
- name: Flush handlers as listen addresses can conflict with nsd
meta: flush_handlers