| --- |
| # unbound tasks/Debian.yml |
| # |
| # SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org> |
| # SPDX-License-Identifier: Apache-2.0 |
| |
| # network may not be ready for unbound to bind to a specific IP address, so |
| # wait for that |
| # docs: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ |
| |
| - name: Create a directory for reconfiguring unbound via systemd |
| file: |
| path: "/etc/systemd/system/unbound.service.d" |
| state: directory |
| owner: root |
| group: root |
| mode: "0644" |
| |
| - name: Configure systemd unit to wait until network is online to start unbound |
| copy: |
| src: "network_online.conf" |
| dest: "/etc/systemd/system/unbound.service.d/network_online.conf" |
| owner: root |
| group: root |
| mode: "0644" |
| |
| - name: Disable DNSSEC anchor download that can hang on startup |
| copy: |
| src: "default_unbound" |
| dest: "/etc/default/unbound" |
| owner: root |
| group: root |
| mode: "0644" |
| |
| - name: Install unbound packages (Debian) |
| apt: |
| name: "unbound" |
| state: "present" |
| update_cache: true |
| cache_valid_time: 3600 |