diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 8c94303b5..bbb87c8cb 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -3,6 +3,10 @@ - name: ...IS BEGINNING ============================================ command: echo +- name: dnsmasq (install now, configure LATER in 'network', after Stage 9) + include_tasks: roles/network/tasks/dnsmasq.yml + #when: dnsmasq_install | bool + - name: Install uuid-runtime package (debuntu) package: name: diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 83a06d30a..e56b33f2d 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -21,12 +21,6 @@ - name: WWW_BASE (WWW_OPTIONS should be installed later) include_role: name: www_base - #when: www_base_install | bool - #when: apache_install or nginx_install - -- name: dnsmasq (install now, configure LATER in 'network', after Stage 9) - include_tasks: roles/network/tasks/dnsmasq.yml - when: dnsmasq_install | bool - name: Recording STAGE 3 HAS COMPLETED ===================== lineinfile: diff --git a/roles/network/tasks/dnsmasq.yml b/roles/network/tasks/dnsmasq.yml index 4b7d73a9c..2678650ae 100644 --- a/roles/network/tasks/dnsmasq.yml +++ b/roles/network/tasks/dnsmasq.yml @@ -14,7 +14,9 @@ - { src: 'roles/network/templates/network/dnsmasq.service.u18', dest: '/etc/systemd/system/iiab-dnsmasq.service', mode: '0644' } - { src: 'roles/network/templates/network/dnsmasq-iiab', dest: '/etc/dnsmasq.d/dnsmasq-iiab', mode: '644' } -- name: Don't use stock dnsmasq systemd unit file during boot +- name: Don't use stock dnsmasq systemd unit file during boot but start now systemd: name: dnsmasq + daemon_reload: yes enabled: no + state: restarted diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 60d28a9f4..c52809960 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -60,6 +60,12 @@ dest: /etc/hosts.dnsmasq when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance") +- name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting + template: + src: network/dnsmasq-iiab + dest: /etc/dnsmasq.d/dnsmasq-iiab + when: dnsmasq_install # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ? + ## Another way to skin the cat ##- name: Check if systemd service networkd-dispatcher is enabled ## systemd: diff --git a/roles/network/templates/network/dnsmasq-iiab b/roles/network/templates/network/dnsmasq-iiab index 4173a2823..ecefeb359 100644 --- a/roles/network/templates/network/dnsmasq-iiab +++ b/roles/network/templates/network/dnsmasq-iiab @@ -1 +1,7 @@ +#IIAB bind-interfaces +# Wan nameserver if manually set +{% if wan_nameserver != "" %} +no-resolv +server={{ wan_nameserver }} +{% endif %} diff --git a/roles/network/templates/network/dnsmasq.conf.j2 b/roles/network/templates/network/dnsmasq.conf.j2 index edf3ae9e6..782f38049 100644 --- a/roles/network/templates/network/dnsmasq.conf.j2 +++ b/roles/network/templates/network/dnsmasq.conf.j2 @@ -1,7 +1,5 @@ # Never forward addresses in the non-routed address spaces. bogus-priv -# Add other name servers here, with domain specs if they are for non-public domains. -#server=/{{ iiab_domain }}/{{ iiab_hostname }} # Add local-only domains here, queries in these domains are answered from /etc/hosts or DHCP only. local=/{{ iiab_domain }}/ {% if dns_jail_enabled %} diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 5104c94b2..6686971e2 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -171,16 +171,20 @@ wondershaper_enabled: False user_wan_iface: auto user_lan_iface: auto -# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml # See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO +# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml wan_ip: dhcp # wan_ip: 192.168.1.99 wan_netmask: # wan_netmask: 255.255.255.0 wan_gateway: # wan_gateway: 192.168.1.254 -wan_nameserver: # wan_nameserver: 192.168.1.254 +# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq: +# /etc/resolv.conf dictates which backend is used for the machine itself, so +# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while +# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this +# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!) +wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1 wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems # Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf - # Parameters for Aggregate Roles # Each Role should have the following variables which are either True or False: # _install diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 6f839df17..f03702059 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -54,7 +54,12 @@ wifi_up_down: True # Creates a 2nd virtual wifi adapter for upstream WiFi wan_ip: dhcp # wan_ip: 192.168.1.99 wan_netmask: # wan_netmask: 255.255.255.0 wan_gateway: # wan_gateway: 192.168.1.254 -wan_nameserver: # wan_nameserver: 192.168.1.254 +# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq: +# /etc/resolv.conf dictates which backend is used for the machine itself, so +# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while +# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this +# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!) +wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1 wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 0e153a37d..5a3bb51c0 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -54,7 +54,12 @@ wifi_up_down: True # Creates a 2nd virtual wifi adapter for upstream WiFi wan_ip: dhcp # wan_ip: 192.168.1.99 wan_netmask: # wan_netmask: 255.255.255.0 wan_gateway: # wan_gateway: 192.168.1.254 -wan_nameserver: # wan_nameserver: 192.168.1.254 +# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq: +# /etc/resolv.conf dictates which backend is used for the machine itself, so +# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while +# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this +# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!) +wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1 wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 94ee0ca63..bb6f8ddcc 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -54,7 +54,12 @@ wifi_up_down: True # Creates a 2nd virtual wifi adapter for upstream WiFi wan_ip: dhcp # wan_ip: 192.168.1.99 wan_netmask: # wan_netmask: 255.255.255.0 wan_gateway: # wan_gateway: 192.168.1.254 -wan_nameserver: # wan_nameserver: 192.168.1.254 +# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq: +# /etc/resolv.conf dictates which backend is used for the machine itself, so +# 127.0.0.1 means you get dnsmasq (so it works right away on Raspbian) while +# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this +# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!) +wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1 wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite