diff --git a/handlers/main.yml b/handlers/main.yml index 3775613..7605e11 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: systemctl restart unbound +- name: Systemctl restart unbound become: true ansible.builtin.service: name: unbound diff --git a/meta/main.yml b/meta/main.yml index 7417c14..e466f9e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -4,17 +4,18 @@ galaxy_info: description: Ansible role to install and configure the unbound DNS resolver. role_name: unbound license: MIT - min_ansible_version: 2.11 - github_branch: master + min_ansible_version: '2.12' platforms: - name: Debian - versions: all + versions: ['all'] - name: Ubuntu - versions: all + versions: ['all'] - name: Fedora - versions: all + versions: ['all'] - name: EL - versions: all + versions: ['all'] + - name: ArchLinux + versions: ['all'] galaxy_tags: - unbound - dns diff --git a/tasks/configure.yml b/tasks/configure.yml index 140d77f..2ee97af 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -6,10 +6,10 @@ dest: '/etc/unbound/unbound.conf.d/' owner: root group: root - mode: 'u=rw,g=r,o=r' + mode: 'u=rwX,g=rX,o=rX' with_fileglob: - 'files/snippets/*.conf' - notify: systemctl restart unbound + notify: Systemctl restart unbound - name: Copy main unbound configuration become: true @@ -20,4 +20,4 @@ group: root mode: 'u=rw,g=r,o=r' validate: unbound-checkconf %s - notify: systemctl restart unbound + notify: Systemctl restart unbound diff --git a/tasks/install.yml b/tasks/install.yml index fc555b2..3541dda 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,12 +1,12 @@ --- -- name: update debian cache +- name: Update debian cache become: true ansible.builtin.apt: update_cache: true cache_valid_time: 43200 when: ansible_pkg_mgr == "apt" -- name: install unbound +- name: Install unbound become: true ansible.builtin.package: name: unbound diff --git a/tasks/main.yml b/tasks/main.yml index cea6bfd..bbd421b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,10 +1,10 @@ --- -- name: run optional versionscheck +- name: Run optional versionscheck ansible.builtin.include_tasks: versioncheck.yml when: submodules_versioncheck|bool -- name: install unbound +- name: Install unbound ansible.builtin.include_tasks: install.yml -- name: configure unbound +- name: Configure unbound ansible.builtin.include_tasks: configure.yml diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index 5128cc8..dd22a1a 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -8,37 +8,38 @@ path: '/etc/.ansible-version' state: directory mode: 0755 - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool -- name: check playbook version +- name: Check playbook version become: true ansible.builtin.slurp: src: "/etc/.ansible-version/{{ playbook_version_path }}" register: playbook_version - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool ignore_errors: true failed_when: false - name: Print remote role version ansible.builtin.debug: msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool - name: Print locale role version ansible.builtin.debug: - msg: "Local role version: '{{ playbook_version_number|string }}'." - when: submodules_versioncheck|bool + msg: "Local role version: '{{ playbook_version_number | string }}'." + when: submodules_versioncheck | bool - name: Check if your version is outdated ansible.builtin.fail: msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!" when: - - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool + - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool -- name: write new version to remote disk +- name: Write new version to remote disk become: true ansible.builtin.copy: content: "{{ playbook_version_number }}" dest: "/etc/.ansible-version/{{ playbook_version_path }}" mode: '0644' - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool + tags: skip_ansible_lint_template-instead-of-copy