53 lines
1.3 KiB
YAML
53 lines
1.3 KiB
YAML
---
|
|
- name: Stop and disable systemd-resolved
|
|
become: true
|
|
ansible.builtin.systemd:
|
|
name: systemd-resolved
|
|
state: stopped
|
|
enabled: false
|
|
|
|
# - name: Unset immutable bit for /etc/resolv.conf
|
|
# become: true
|
|
# ansible.builtin.shell: chattr -i /etc/resolv.conf
|
|
|
|
- name: Copy /etc/resolv.conf
|
|
become: true
|
|
ansible.builtin.copy:
|
|
src: etc/resolv.conf
|
|
dest: /etc/resolv.conf
|
|
mode: 0644
|
|
attributes: +i
|
|
follow: false
|
|
|
|
# - name: Set immutable bit for /etc/resolv.conf
|
|
# become: true
|
|
# ansible.builtin.shell: chattr +i /etc/resolv.conf
|
|
|
|
|
|
# - name: "Unset immutable bit for {{ dnscrypt_confpath }}"
|
|
# become: true
|
|
# ansible.builtin.shell: "chattr -i {{ dnscrypt_confpath }}"
|
|
|
|
- name: Copy dnscrypt-proxy.toml configuration
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: etc/dnscrypt-proxy/dnscrypt-proxy.toml.j2
|
|
dest: "{{ dnscrypt_confpath }}"
|
|
# owner: dnscrypt-proxy
|
|
# group: dnscrypt-proxy
|
|
mode: '0640'
|
|
attributes: +i
|
|
validate: dnscrypt-proxy -check -config %s
|
|
|
|
# - name: "Set immutable bit for {{ dnscrypt_confpath }}"
|
|
# become: true
|
|
# ansible.builtin.shell: "chattr +i {{ dnscrypt_confpath }}"
|
|
|
|
- name: Start and enable dnscrypt-proxy
|
|
become: true
|
|
systemd:
|
|
name: dnscrypt-proxy
|
|
state: restarted
|
|
enabled: true
|
|
...
|