mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-09-20 11:54:39 +02:00
Add unbound
Spamassassin on apollo tries to connect to a local dns resolver, but can't which leads to long timeouts. Flyspray sends mail via SMTP which goes through SA and thus each request that sends a mail will also block for a long time. Fix this by adding unbound as a local resolver which is needed for proper performance of SA since public resolvers are often blocked by blacklists because they send too many requests. Signed-off-by: Florian Pritz <bluewind@xinu.at>
This commit is contained in:
parent
573bf39cd3
commit
a71c3ea29a
@ -12,6 +12,7 @@
|
||||
- { role: nginx, letsencrypt_validation_dir: "/var/lib/letsencrypt", tags: ["nginx"] }
|
||||
- { role: planet, planet_domain: "planet.archlinux.org", planet_dir: "/srv/http/planet", tags: ["planet"] }
|
||||
- { role: spampd, tags: ["mail", "spampd"] }
|
||||
- { role: unbound, tags: ["mail", "unbound"] }
|
||||
- { role: postfix, postfix_server: false, postfix_smtpd_public: true, postfix_patchwork_enabled: true, tags: ["mail", "postfix"] }
|
||||
- { role: opendkim, dkim_selector: apollo, tags: ['mail', "opendkim"] }
|
||||
#- { role: dovecot, tags: ['mail', "dovecot"] }
|
||||
|
4
roles/unbound/handlers/main.yml
Normal file
4
roles/unbound/handlers/main.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
|
||||
- name: restart unbound
|
||||
service: name=unbound state=restarted
|
15
roles/unbound/tasks/main.yml
Normal file
15
roles/unbound/tasks/main.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Install unbound
|
||||
pacman: name=unbound
|
||||
|
||||
- name: Install unbound config file
|
||||
template: src=unbound.conf.j2 dest=/etc/unbound/unbound.conf owner=root group=root mode=0644
|
||||
notify:
|
||||
- restart unbound
|
||||
|
||||
- name: Create remote-control keys
|
||||
command: unbound-control-setup creates=/etc/unbound/unbound_control.key
|
||||
|
||||
- name: Active service
|
||||
service: name=unbound state=started enabled=yes
|
9
roles/unbound/templates/unbound.conf.j2
Normal file
9
roles/unbound/templates/unbound.conf.j2
Normal file
@ -0,0 +1,9 @@
|
||||
server:
|
||||
use-syslog: yes
|
||||
username: "unbound"
|
||||
directory: "/etc/unbound"
|
||||
verbosity: 1
|
||||
trust-anchor-file: trusted-key.key
|
||||
|
||||
remote-control:
|
||||
control-enable: yes
|
Loading…
Reference in New Issue
Block a user