From bb12c4f749615252bea28971154aea4430abbc51 Mon Sep 17 00:00:00 2001 From: Sietse Snel Date: Thu, 28 Mar 2024 15:20:17 +0100 Subject: [PATCH] Development VMs: override DNS configuration Override default DNS configuration of development VMs (including the controller), because it does not work reliably on Windows-based VMs. Use the Google DNS servers instead. --- environments/development/host_vars/epos-msl | 1 + roles/common/defaults/main.yml | 4 +++ roles/common/files/resolved.conf | 24 +++++++++++++++ roles/common/handlers/main.yml | 6 ++++ roles/common/tasks/google_dns.yml | 15 ++++++++++ roles/common/tasks/main.yml | 3 ++ vagrant/provision_controller.sh | 33 +++++++++++++++++++++ 7 files changed, 86 insertions(+) create mode 100644 roles/common/defaults/main.yml create mode 100644 roles/common/files/resolved.conf create mode 100644 roles/common/tasks/google_dns.yml diff --git a/environments/development/host_vars/epos-msl b/environments/development/host_vars/epos-msl index b6004cc..88ba38e 100644 --- a/environments/development/host_vars/epos-msl +++ b/environments/development/host_vars/epos-msl @@ -7,6 +7,7 @@ ansible_host: 192.168.60.10 # EPOS-MSL host ansible_user: vagrant # Administrative user on instance for Ansible ansible_ssh_private_key_file: vagrant/ssh/vagrant # Path to private key file of administrative user +commons_use_google_dns: true ######################### # EPOS-MSL configuration diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml new file mode 100644 index 0000000..9d81fd0 --- /dev/null +++ b/roles/common/defaults/main.yml @@ -0,0 +1,4 @@ +--- +# copyright Utrecht University + +commons_use_google_dns: false diff --git a/roles/common/files/resolved.conf b/roles/common/files/resolved.conf new file mode 100644 index 0000000..65ac45a --- /dev/null +++ b/roles/common/files/resolved.conf @@ -0,0 +1,24 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. +# +# Entries in this file show the compile time defaults. +# You can change settings by editing this file. +# Defaults can be restored by simply deleting this file. +# +# See resolved.conf(5) for details + +[Resolve] +DNS=8.8.8.8 +FallbackDNS=8.8.4.4 +#Domains= +#LLMNR=no +#MulticastDNS=no +#DNSSEC=no +#DNSOverTLS=no +#Cache=no-negative +#DNSStubListener=yes +#ReadEtcHosts=yes diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml index afc2d78..413e595 100644 --- a/roles/common/handlers/main.yml +++ b/roles/common/handlers/main.yml @@ -5,3 +5,9 @@ ansible.builtin.service: name: firewalld state: restarted + + +- name: Restart systemd-resolved + ansible.builtin.service: + name: systemd-resolved + state: restarted diff --git a/roles/common/tasks/google_dns.yml b/roles/common/tasks/google_dns.yml new file mode 100644 index 0000000..73488ba --- /dev/null +++ b/roles/common/tasks/google_dns.yml @@ -0,0 +1,15 @@ +--- +# copyright Utrecht University + +- name: Update systemd-resolved config to use Google DNS servers + ansible.builtin.copy: + src: files/resolved.conf + dest: /etc/systemd/resolved.conf + owner: root + group: root + mode: "0644" + notify: Restart systemd-resolved + + +- name: Flush handlers for immediate effect of changing DNS configuration + ansible.builtin.meta: flush_handlers diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index cc8f6b2..7ed3b13 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,6 +1,9 @@ --- # copyright Utrecht University +- name: Update local DNS settings + ansible.builtin.import_tasks: google_dns.yml + when: commons_use_google_dns - name: Run apt update ansible.builtin.import_tasks: apt_update.yml - name: Configure firewall diff --git a/vagrant/provision_controller.sh b/vagrant/provision_controller.sh index a2b6012..d9adaee 100644 --- a/vagrant/provision_controller.sh +++ b/vagrant/provision_controller.sh @@ -4,6 +4,39 @@ set -e set -x +# Configure VM to use Google DNS servers - the default configuration +# does not work reliably on Windows. + +cat << RESOLVEDCONF > resolved.conf +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. +# +# Entries in this file show the compile time defaults. +# You can change settings by editing this file. +# Defaults can be restored by simply deleting this file. +# +# See resolved.conf(5) for details + +[Resolve] +DNS=8.8.8.8 +FallbackDNS=8.8.4.4 +#Domains= +#LLMNR=no +#MulticastDNS=no +#DNSSEC=no +#DNSOverTLS=no +#Cache=no-negative +#DNSStubListener=yes +#ReadEtcHosts=yes +RESOLVEDCONF + +sudo cp resolved.conf /etc/systemd +sudo systemctl restart systemd-resolved + sudo apt update # Install Git if not present.