diff --git a/defaults/main.yml b/defaults/main.yml
index c8d9a89..d32be07 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,3 +1,17 @@
 ---
+resolvconf__mode: '0644'
+resolveconf__immutable: false
+# example config for /etc/resolv.conf
+# resolvconf__nameservers:
+#   - "1.1.1.1"
+#   - "9.9.9.10"
+# resolvconf__domain: "example.com"
+# resolvconf__search:
+#   - "example.com"
+#   - "foo.local"
+# resolvconf__options:
+#   - "timeout:2"
+#  - "rotate"
+
 # should we do a version check? (recomended)
 submodules_versioncheck: false
diff --git a/tasks/main.yml b/tasks/main.yml
index b37444c..b564e16 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,3 +1,29 @@
 ---
-- include_tasks: versioncheck.yml
+- ansible.builtin.include_tasks: versioncheck.yml
   when: submodules_versioncheck|bool
+
+- name: resolv.conf is ino longer immutable.
+  become: true
+  ansible.builtin.file:
+    path: '/etc/resolv.conf'
+    attr: '-i'
+  register: resolv_file
+  changed_when: "'i' in resolv_file.diff.before.attributes and not resolveconf__immutable"
+
+- name: "Configure resolv.conf"
+  become: true
+  ansible.builtin.template:
+    src: 'templates/resolv.conf.j2'
+    dest: '/etc/resolv.conf'
+    mode: "{{ resolvconf__mode }}"
+    owner: root
+    group: root
+
+- name: Ensure resolv.conf is immutable.
+  become: true
+  ansible.builtin.file:
+    path: '/etc/resolv.conf'
+    attr: '+i'
+  register: resolv_file
+  changed_when: "'i' not in resolv_file.diff.before.attributes"
+  when: resolveconf__immutable | bool
diff --git a/templates/resolve.conf.j2 b/templates/resolve.conf.j2
new file mode 100644
index 0000000..cfac97e
--- /dev/null
+++ b/templates/resolve.conf.j2
@@ -0,0 +1,20 @@
+# {{ ansible_managed }}
+# do1jlr.resolvconf
+
+{% if resolvconf__search is defined and resolvconf__search | length > 0 -%}
+  search {{ resolvconf__search|join(' ') }}
+{% endif %}
+{% if resolvconf__domain is defined and resolvconf__domain != "" -%}
+  domain {{ resolvconf__domain }}
+{% endif %}
+{% for n in resolvconf__nameservers -%}
+  nameserver {{ n }}
+{% endfor %}
+{% if resolvconf__sortlist is defined and resolvconf__sortlist | length > 0 %}
+{% for s in resolvconf__sortlist -%}
+  sortlist {{ sl }}
+{% endfor %}
+{% endif %}
+{% if resolvconf__options is defined and resolvconf__options | length > 0 -%}
+  options {{ resolvconf__options|join(' ') }}
+{% endif %}
diff --git a/vars/main.yml b/vars/main.yml
index 8147172..bff36cd 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,4 +1,4 @@
 ---
 # versionscheck
-playbook_version_number: 2   # should be a integer
-playbook_version_path: 'do1jlr.resolveconf.version'
+playbook_version_number: 3   # should be a integer
+playbook_version_path: 'do1jlr.resolvconf.version'