Merge pull request #2395 from jvonau/early-dns

install and start dnsmasq early - add option to set upstream dns server
2025-02-12 19:22:24 +00:00 · 2020-05-10 14:27:08 -04:00 · 2020-05-10 14:27:08 -04:00 · 9524b454bf
commit 9524b454bf
parent 4ebcee6607 39b557b94c
10 changed files with 44 additions and 15 deletions
--- a/roles/1-prep/tasks/main.yml
+++ b/roles/1-prep/tasks/main.yml
@ -3,6 +3,10 @@
 - name: ...IS BEGINNING ============================================
  command: echo

+- name: dnsmasq (install now, configure LATER in 'network', after Stage 9)
+  include_tasks: roles/network/tasks/dnsmasq.yml
+  #when: dnsmasq_install | bool
+
 - name: Install uuid-runtime package (debuntu)
  package:
    name: 
--- a/roles/3-base-server/tasks/main.yml
+++ b/roles/3-base-server/tasks/main.yml
@ -21,12 +21,6 @@
 - name: WWW_BASE (WWW_OPTIONS should be installed later)
  include_role:
    name: www_base
-  #when: www_base_install | bool
-  #when: apache_install or nginx_install
-
- name: dnsmasq (install now, configure LATER in 'network', after Stage 9)
-  include_tasks: roles/network/tasks/dnsmasq.yml
-  when: dnsmasq_install | bool

 - name: Recording STAGE 3 HAS COMPLETED =====================
  lineinfile:
--- a/roles/network/tasks/dnsmasq.yml
+++ b/roles/network/tasks/dnsmasq.yml
@ -14,7 +14,9 @@
   - { src: 'roles/network/templates/network/dnsmasq.service.u18', dest: '/etc/systemd/system/iiab-dnsmasq.service', mode: '0644' }
   - { src: 'roles/network/templates/network/dnsmasq-iiab', dest: '/etc/dnsmasq.d/dnsmasq-iiab', mode: '644' }

- name: Don't use stock dnsmasq systemd unit file during boot
+- name: Don't use stock dnsmasq systemd unit file during boot but start now
  systemd:
    name: dnsmasq
+    daemon_reload: yes
    enabled: no
+    state: restarted
--- a/roles/network/tasks/enable_services.yml
+++ b/roles/network/tasks/enable_services.yml
@ -60,6 +60,12 @@
    dest: /etc/hosts.dnsmasq
  when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance")

+- name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting
+  template:
+    src: network/dnsmasq-iiab
+    dest: /etc/dnsmasq.d/dnsmasq-iiab
+  when: dnsmasq_install    # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ?
+
 ## Another way to skin the cat
 ##- name: Check if systemd service networkd-dispatcher is enabled
 ##  systemd:
--- a/roles/network/templates/network/dnsmasq-iiab
+++ b/roles/network/templates/network/dnsmasq-iiab
@ -1 +1,7 @@
+#IIAB
 bind-interfaces
+# Wan nameserver if manually set
+{% if wan_nameserver != "" %}
+no-resolv
+server={{ wan_nameserver }}
+{% endif %}
--- a/roles/network/templates/network/dnsmasq.conf.j2
+++ b/roles/network/templates/network/dnsmasq.conf.j2
@ -1,7 +1,5 @@
 # Never forward addresses in the non-routed address spaces.
 bogus-priv
-#　Add other name servers here, with domain specs if they are for　non-public domains.
-#server=/{{ iiab_domain }}/{{ iiab_hostname }}
 # Add local-only domains here, queries in these domains are answered　from /etc/hosts or DHCP only.
 local=/{{ iiab_domain }}/
 {% if dns_jail_enabled %}
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@ -171,16 +171,20 @@ wondershaper_enabled: False
 user_wan_iface: auto
 user_lan_iface: auto

-# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml
 # See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
+# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml
 wan_ip: dhcp       # wan_ip: 192.168.1.99
 wan_netmask:       # wan_netmask: 255.255.255.0
 wan_gateway:       # wan_gateway: 192.168.1.254
-wan_nameserver:    # wan_nameserver: 192.168.1.254
+# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
+# /etc/resolv.conf dictates which backend is used for the machine itself, so
+# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while
+# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
+# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
+wan_nameserver:    # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
 wan_try_dhcp_before_static_ip: True   # Facilitate field updates w/ cablemodems
 # Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf

-
 # Parameters for Aggregate Roles
 # Each Role should have the following variables which are either True or False:
 #   <role-name>_install
--- a/vars/local_vars_big.yml
+++ b/vars/local_vars_big.yml
@ -54,7 +54,12 @@ wifi_up_down: True    # Creates a 2nd virtual wifi adapter for upstream WiFi
 wan_ip: dhcp       # wan_ip: 192.168.1.99
 wan_netmask:       # wan_netmask: 255.255.255.0
 wan_gateway:       # wan_gateway: 192.168.1.254
-wan_nameserver:    # wan_nameserver: 192.168.1.254
+# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
+# /etc/resolv.conf dictates which backend is used for the machine itself, so
+# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while
+# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
+# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
+wan_nameserver:    # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
 wan_try_dhcp_before_static_ip: True   # Facilitate field updates w/ cablemodems

 # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
--- a/vars/local_vars_medium.yml
+++ b/vars/local_vars_medium.yml
@ -54,7 +54,12 @@ wifi_up_down: True    # Creates a 2nd virtual wifi adapter for upstream WiFi
 wan_ip: dhcp       # wan_ip: 192.168.1.99
 wan_netmask:       # wan_netmask: 255.255.255.0
 wan_gateway:       # wan_gateway: 192.168.1.254
-wan_nameserver:    # wan_nameserver: 192.168.1.254
+# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
+# /etc/resolv.conf dictates which backend is used for the machine itself, so
+# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while
+# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
+# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
+wan_nameserver:    # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
 wan_try_dhcp_before_static_ip: True   # Facilitate field updates w/ cablemodems

 # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
--- a/vars/local_vars_min.yml
+++ b/vars/local_vars_min.yml
@ -54,7 +54,12 @@ wifi_up_down: True    # Creates a 2nd virtual wifi adapter for upstream WiFi
 wan_ip: dhcp       # wan_ip: 192.168.1.99
 wan_netmask:       # wan_netmask: 255.255.255.0
 wan_gateway:       # wan_gateway: 192.168.1.254
-wan_nameserver:    # wan_nameserver: 192.168.1.254
+# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
+# /etc/resolv.conf dictates which backend is used for the machine itself, so
+# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while
+# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
+# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
+wan_nameserver:    # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
 wan_try_dhcp_before_static_ip: True   # Facilitate field updates w/ cablemodems

 # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite