other places where bridge name was used
diff --git a/roles/dns-configure/defaults/main.yml b/roles/dns-configure/defaults/main.yml
index f17d1fa..defbf98 100644
--- a/roles/dns-configure/defaults/main.yml
+++ b/roles/dns-configure/defaults/main.yml
@@ -1,9 +1,11 @@
---
# roles/dns-configure/defaults
-dns_servers:
- - 8.8.8.8
- - 8.8.4.4
+# Define this to set dns servers manually
+#dns_servers:
+# - 8.8.8.8
+# - 8.8.4.4
-dns_search: {}
+# Set this to search domain suffixes
+# dns_search: {}
diff --git a/roles/dns-configure/templates/resolv.conf.j2 b/roles/dns-configure/templates/resolv.conf.j2
index a6bd8ea..27d8ec7 100644
--- a/roles/dns-configure/templates/resolv.conf.j2
+++ b/roles/dns-configure/templates/resolv.conf.j2
@@ -1,7 +1,14 @@
# resolv.conf (ansible managed)
+{% if unbound_listen_on_default %}
+{% for host in groups['head'] %}
+nameserver {{ hostvars[host].ansible_default_ipv4.address }}
+{% endfor %}
+{% endif %}
+{% if dns_servers is defined %}
{% for ns in dns_servers %}
nameserver {{ ns }}
{% endfor %}
+{% endif %}
{% if dns_search is defined %}
search{% for searchdom in dns_search %} {{ searchdom }}{% endfor %}
{% endif %}
diff --git a/roles/dns-unbound/templates/unbound.conf.j2 b/roles/dns-unbound/templates/unbound.conf.j2
index 2e1c89f..ff5ccbd 100644
--- a/roles/dns-unbound/templates/unbound.conf.j2
+++ b/roles/dns-unbound/templates/unbound.conf.j2
@@ -1,9 +1,14 @@
# unbound.conf (configured by Ansible)
server:
- {% for cidr_ipv4 in unbound_interfaces %}
+{% if unbound_listen_on_default %}
+ interface: {{ ansible_default_ipv4.address }}
+{% endif %}
+{% if unbound_interfaces is defined %}
+{% for cidr_ipv4 in unbound_interfaces %}
interface: {{ cidr_ipv4 | ipaddr('address') }}
- {% endfor %}
+{% endfor %}
+{% endif %}
verbosity: 1
port: 53
do-ip4: yes
@@ -13,10 +18,17 @@
# allow from localhost
access-control: 127.0.0.0/24 allow
+{% if unbound_listen_on_default %}
+ # allow from default interfaces
+ access-control: {{ ansible_default_ipv4.address }}/{{ (ansible_default_ipv4.address ~ "/" ~ ansible_default_ipv4.netmask) | ipaddr('prefix') }} allow
+{% endif %}
+
+{% if unbound_interfaces is defined %}
# allow from local networks
- {% for cidr_ipv4 in unbound_interfaces %}
+{% for cidr_ipv4 in unbound_interfaces %}
access-control: {{ cidr_ipv4 }} allow
- {% endfor %}
+{% endfor %}
+{% endif %}
{% if nsd_zones is defined %}
# allow unbound to query localhost, where nsd is listening
diff --git a/roles/juju-setup/tasks/main.yml b/roles/juju-setup/tasks/main.yml
index 672c9be..ae82be7 100644
--- a/roles/juju-setup/tasks/main.yml
+++ b/roles/juju-setup/tasks/main.yml
@@ -1,6 +1,11 @@
---
# roles/juju-setup/main/tasks.yml
+- name: Get ubuntu image for uvtool
+ become: yes
+ command: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily \
+ release={{ ansible_distribution_release }} arch=amd64
+
- name: create Virtual Machines with uvt-kvm
shell: uvt-kvm create {{ item.name }} --cpu={{ item.cpu }} --memory={{ item.memMB }} --disk={{ item.diskGB }} ; \
uvt-kvm wait --insecure {{ item.name }}
diff --git a/roles/juju-setup/templates/eth0.cfg.j2 b/roles/juju-setup/templates/eth0.cfg.j2
index 0baa7a8..2cf2f33 100644
--- a/roles/juju-setup/templates/eth0.cfg.j2
+++ b/roles/juju-setup/templates/eth0.cfg.j2
@@ -1,7 +1,11 @@
# The primary network interface
auto eth0
iface eth0 inet dhcp
+{% if unbound_listen_on_default %}
+ dns-nameservers{% for host in groups['head'] %} {{ hostvars[host].ansible_default_ipv4.address }}{% endfor %}
+{% if dns_servers is defined %}
dns-nameservers{% for ns in dns_servers %} {{ ns }}{% endfor %}
+{% endif %}
{% if dns_search is defined %}
dns-search{% for searchdom in dns_search %} {{ searchdom }}{% endfor %}
{% endif %}